urlscan.io logo urlscan.io
SecurityTrails logo

glamour.globo.com Open in urlscan Pro
201.7.177.243  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.protocolo7em7.com.br.hackeandoansiedade.space/
Effective URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Submission Tags: @phishunt_io
Submission: On August 12 via api from DE — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 178 IPs in 12 countries across 149 domains to perform 992 HTTP transactions. The main IP is 201.7.177.243, located in Brazil and belongs to Globo Comunicacao e Participacoes SA, BR. The main domain is glamour.globo.com. The Cisco Umbrella rank of the primary domain is 428323.
TLS certificate: Issued by R3 on June 16th 2022. Valid for: 3 months.
This is the only time glamour.globo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 54.39.17.86 16276 (OVH)
5 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
2 201.7.177.243 28604 (Globo Com...)
6 2607:f8b0:400... 15169 (GOOGLE)
30 186.192.90.3 28604 (Globo Com...)
9 2607:f8b0:400... 15169 (GOOGLE)
7 23.208.216.220 16625 (AKAMAI-AS)
10 186.192.91.9 28604 (Globo Com...)
1 131.0.25.26 28604 (Globo Com...)
9 186.192.91.5 28604 (Globo Com...)
1 1 34.110.201.227 15169 (GOOGLE)
3 10 13.224.214.16 16509 (AMAZON-02)
3 35.244.153.86 15169 (GOOGLE)
1 35.215.230.239 15169 (GOOGLE)
4 35.211.79.33 19527 (GOOGLE-2)
6 2606:4700::68... 13335 (CLOUDFLAR...)
11 151.101.2.133 54113 (FASTLY)
6 9 23.66.229.147 16625 (AKAMAI-AS)
7 201.7.177.167 28604 (Globo Com...)
26 151.101.1.44 54113 (FASTLY)
1 2607:f8b0:400... 15169 (GOOGLE)
1 35.198.44.170 396982 (GOOGLE-CL...)
1 186.192.81.117 28604 (Globo Com...)
1 52.35.73.181 16509 (AMAZON-02)
6 151.101.130.133 54113 (FASTLY)
2 151.101.193.44 54113 (FASTLY)
14 54.227.59.83 14618 (AMAZON-AES)
2 35.215.207.122 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
8 8 52.1.244.65 14618 (AMAZON-AES)
24 44 142.251.40.130 15169 (GOOGLE)
9 11 184.50.205.90 16625 (AKAMAI-AS)
7 11 2a02:2638:1::13 44788 (ASN-CRITE...)
2 5 52.27.120.158 16509 (AMAZON-02)
13 23 68.67.160.132 29990 (ASN-APPNEX)
3 11 35.190.60.146 15169 (GOOGLE)
4 7 8.43.72.97 26667 (RUBICONPR...)
9 11 207.198.113.86 13768 (COGECO-PEER1)
2 2 76.13.32.147 26101 (YAHOO-BF1)
20 22 199.127.204.147 26120 (RHYTHMONE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
26 142.250.80.2 15169 (GOOGLE)
1 13.224.214.77 16509 (AMAZON-02)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 2600:141b:13:... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 12 141.226.224.48 200478 (TABOOLA-AS)
1 2607:f8b0:400... 15169 (GOOGLE)
1 13.224.214.103 16509 (AMAZON-02)
2 2602:803:c002... 26667 (RUBICONPR...)
2 34.236.83.94 14618 (AMAZON-AES)
2 2607:f8b0:400... 15169 (GOOGLE)
1 13.224.214.88 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
3 145.40.89.32 54825 (PACKET)
22 2607:f8b0:400... 15169 (GOOGLE)
21 2607:f8b0:400... 15169 (GOOGLE)
1 34.209.30.241 16509 (AMAZON-02)
2 34.102.146.192 396982 (GOOGLE-CL...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2620:100:a001::4 19750 (AS-CRITEO)
1 13.224.214.92 16509 (AMAZON-02)
1 3.12.169.211 16509 (AMAZON-02)
1 3.19.54.139 16509 (AMAZON-02)
7 2607:f8b0:400... 15169 (GOOGLE)
7 104.18.133.145 13335 (CLOUDFLAR...)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
4 8 141.95.98.64 16276 (OVH)
1 54.221.252.20 14618 (AMAZON-AES)
3 23.41.169.52 16625 (AKAMAI-AS)
2 52.202.195.121 14618 (AMAZON-AES)
5 34.98.64.218 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
14 151.139.128.11 20446 (STACKPATH...)
12 35 63.251.28.233 26558 (FREEWHEEL)
23 24 35.211.178.172 15169 (GOOGLE)
3 6 2600:1f18:4e9... 14618 (AMAZON-AES)
2 52.58.70.33 16509 (AMAZON-02)
7 9 3.218.90.66 14618 (AMAZON-AES)
8 8 151.101.66.49 54113 (FASTLY)
4 14 35.244.159.8 15169 (GOOGLE)
16 17 15.197.193.217 16509 (AMAZON-02)
3 173.223.57.118 16625 (AKAMAI-AS)
48 173.223.56.242 16625 (AKAMAI-AS)
1 52.216.26.78 16509 (AMAZON-02)
16 146.20.128.188 27357 (RACKSPACE)
6 74.119.119.139 19750 (AS-CRITEO)
5 5 2606:4700::68... 13335 (CLOUDFLAR...)
7 33 146.20.132.198 27357 (RACKSPACE)
2 4 47.252.78.131 45102 (ALIBABA-C...)
2 2 8.2.110.134 46636 (NATCOWEB)
8 10 2620:112:f002... 6336 (TURN-US-ASN)
7 7 3.82.84.88 14618 (AMAZON-AES)
56 146.20.132.135 27357 (RACKSPACE)
21 35.244.182.124 15169 (GOOGLE)
2 4 2620:116:800b... 27281 (QUANTCAST)
1 35.201.123.184 15169 (GOOGLE)
4 13.224.205.195 16509 (AMAZON-02)
3 4 63.251.86.50 10913 (INTERNAP-BLK)
1 104.36.115.111 62713 (AS-PUBMATIC)
1 34.107.148.139 15169 (GOOGLE)
1 52.71.183.251 14618 (AMAZON-AES)
1 104.18.19.126 13335 (CLOUDFLAR...)
2 2 34.107.184.81 15169 (GOOGLE)
2 4 199.38.167.128 54312 (ROCKETFUEL)
4 6 2606:4700:440... 13335 (CLOUDFLAR...)
11 11 3.230.10.142 14618 (AMAZON-AES)
1 2600:9000:20e... 16509 (AMAZON-02)
16 23.73.244.44 16625 (AKAMAI-AS)
3 2600:141b:13:... 20940 (AKAMAI-ASN1)
3 10 162.55.233.29 24940 (HETZNER-AS)
8 8 67.202.105.21 32748 (STEADFAST)
1 2 67.202.105.31 32748 (STEADFAST)
22 195.244.31.10 63140 (IGUANA-WO...)
2 51.222.39.187 16276 (OVH)
7 7 68.67.179.155 29990 (ASN-APPNEX)
3 3 199.187.193.199 47043 (SMARTADSE...)
7 7 64.74.236.159 22075 (AS-OUTBRAIN)
2 2 35.211.233.246 15169 (GOOGLE)
12 13 192.35.249.127 11742 (SPOTX-IAD)
2 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 11 54.204.94.170 14618 (AMAZON-AES)
8 8 216.200.232.249 30419 (MEDIAMATH...)
4 4 18.211.60.235 14618 (AMAZON-AES)
5 22 104.18.18.126 13335 (CLOUDFLAR...)
1 37.157.6.241 198622 (ADFORM)
3 34.233.178.173 14618 (AMAZON-AES)
2 2 52.72.110.7 14618 (AMAZON-AES)
9 9 2600:1f18:1c9... 14618 (AMAZON-AES)
2 3 15.235.43.119 16276 (OVH)
1 1 54.166.248.65 14618 (AMAZON-AES)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
1 34.229.3.43 14618 (AMAZON-AES)
2 7 198.148.27.139 19189 (PULSEPOINT)
2 18.235.231.13 14618 (AMAZON-AES)
3 3 2600:9000:20e... 16509 (AMAZON-02)
4 6 8.43.72.98 26667 (RUBICONPR...)
2 25 104.36.115.109 62713 (AS-PUBMATIC)
1 2 63.251.86.51 10913 (INTERNAP-BLK)
4 199.187.193.204 47043 (SMARTADSE...)
3 4 44.209.207.157 14618 (AMAZON-AES)
2 2 74.119.119.150 19750 (AS-CRITEO)
1 1 13.224.214.51 16509 (AMAZON-02)
2 2 35.207.24.140 15169 (GOOGLE)
3 4 52.223.22.214 16509 (AMAZON-02)
1 31.220.27.134 39572 (ADVANCEDH...)
2 3 96.46.183.20 7979 (SERVERS-COM)
1 82.145.213.8 39832 (NO-OPERA)
6 173.223.56.26 16625 (AKAMAI-AS)
1 23.200.0.188 20940 (AKAMAI-ASN1)
4 23.41.168.23 16625 (AKAMAI-AS)
2 2a03:2880:f01... 32934 (FACEBOOK)
4 8.28.7.81 62713 (AS-PUBMATIC)
1 2600:141b:13:... 20940 (AKAMAI-ASN1)
3 4 185.167.164.42 198622 (ADFORM)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
1 1 109.206.161.21 50245 (SERVEREL-AS)
1 1 3.12.251.213 16509 (AMAZON-02)
1 1 192.132.33.46 18568 (BIDTELLECT)
1 107.151.8.242 55081 (24SHELLS)
1 2600:141b:13:... 20940 (AKAMAI-ASN1)
1 2 199.187.193.197 47043 (SMARTADSE...)
1 162.19.138.117 16276 (OVH)
11 2600:9000:20e... 16509 (AMAZON-02)
2 2 213.19.162.90 26667 (RUBICONPR...)
3 22 209.54.182.161 16509 (AMAZON-02)
1 2 52.95.122.74 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2001:4998:14:... 14777 (YAHOO)
1 5 52.70.17.67 14618 (AMAZON-AES)
6 34.117.239.71 396982 (GOOGLE-CL...)
6 6 2606:ae80:145... 26762 (CNVR-US-EAST)
2 2 129.159.70.95 31898 (ORACLE-BM...)
1 2 169.197.150.7 398989 (DEEPINTENT)
3 3 173.231.178.85 29791 (VOXEL-DOT...)
2 3 34.203.176.63 14618 (AMAZON-AES)
2 2 69.90.254.78 13768 (COGECO-PEER1)
2 2 52.29.20.174 16509 (AMAZON-02)
2 2 23.3.125.39 16625 (AKAMAI-AS)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 15169 (GOOGLE)
4 8.28.7.84 62713 (AS-PUBMATIC)
3 3 75.126.248.142 36351 (SOFTLAYER)
3 3 18.232.9.126 14618 (AMAZON-AES)
2 2 2606:ae80:145... 26762 (CNVR-US-EAST)
1 1 198.24.162.123 19437 (SS-ASH)
1 2 204.2.255.233 2914 (NTT-LTD-2914)
1 34.96.105.8 15169 (GOOGLE)
3 3 174.137.133.49 27257 (WEBAIR-IN...)
1 1 107.20.229.204 14618 (AMAZON-AES)
8 68.67.179.113 29990 (ASN-APPNEX)
2 8 23.227.139.243 55081 (24SHELLS)
2 3 35.186.253.211 15169 (GOOGLE)
2 23.200.0.200 20940 (AKAMAI-ASN1)
2 4 107.178.246.49 15169 (GOOGLE)
1 1 54.210.123.140 14618 (AMAZON-AES)
2 52.200.129.133 14618 (AMAZON-AES)
4 9 54.198.189.0 14618 (AMAZON-AES)
2 2607:f8b0:400... 15169 (GOOGLE)
8 104.81.133.133 16625 (AKAMAI-AS)
5 173.223.56.228 16625 (AKAMAI-AS)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 1 44.206.202.218 14618 (AMAZON-AES)
1 20 35.172.99.217 14618 (AMAZON-AES)
3 4 70.42.32.255 13789 (INTERNAP-...)
2 2 35.211.141.197 15169 (GOOGLE)
1 1 202.241.208.54 4694 (IDCF IDC ...)
10 2607:f8b0:400... 15169 (GOOGLE)
10 173.223.57.238 16625 (AKAMAI-AS)
2 142.250.64.66 15169 (GOOGLE)
1 54.84.80.88 14618 (AMAZON-AES)
1 8.28.7.92 62713 (AS-PUBMATIC)
10 8.28.7.79 62713 (AS-PUBMATIC)
1 1 3.211.146.183 14618 (AMAZON-AES)
1 52.86.43.160 14618 (AMAZON-AES)
1 3.134.29.131 16509 (AMAZON-02)
20 23.41.168.202 16625 (AKAMAI-AS)
2 2 142.250.80.70 15169 (GOOGLE)
1 2 52.2.65.122 14618 (AMAZON-AES)
8 2001:4de0:ac1... 20446 (STACKPATH...)
1 1 54.37.36.178 ()
1 173.223.57.44 ()
1 1 18.213.137.21 ()
1 2606:4700::68... ()
1 142.251.41.2 ()
992 178
2    54.39.17.86 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns557098.ip-54-39-17.net
www.protocolo7em7.com.br.hackeandoansiedade.space
5    2607:f8b0:4006:80d::200a (New York, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:20::ac43:4876 (United States)

ASN13335 (CLOUDFLARENET, US)
img.imageboss.me
1    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
fastly.jsdelivr.net
2    201.7.177.243 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
glamour.globo.com
6    2607:f8b0:4006:824::2003 (New York, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
30    186.192.90.3 (Niterói, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-90-3.prt.globo.com
s3.glbimg.com
9    2607:f8b0:4006:80e::2001 (New York, United States)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
7    23.208.216.220 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-216-220.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
10    186.192.91.9 (Niterói, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-91-9.prt.globo.com
s2.glbimg.com
1    131.0.25.26 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 131.0.25-26.prt.globo.com
recomendacao.globo.com
9    186.192.91.5 (Niterói, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-91-5.prt.globo.com
p.glbimg.com
s.glbimg.com
1    34.110.201.227 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 227.201.110.34.bc.googleusercontent.com
id.globo.com
10    13.224.214.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-16.phl50.r.cloudfront.net
sb.scorecardresearch.com
3    35.244.153.86 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 86.153.244.35.bc.googleusercontent.com
cocoon.globo.com
1    35.215.230.239 (São Paulo, Brazil)

ASN15169 (GOOGLE, US)
PTR: 239.230.215.35.bc.googleusercontent.com
globo-ab.globo.com
4    35.211.79.33 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 33.79.211.35.bc.googleusercontent.com
horizon.globo.com
horizon-track.globo.com
6    2606:4700::6810:cf3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
usr.navdmp.com
cdn.navdmp.com
sync.navdmp.com
cd.navdmp.com
11    151.101.2.133 (United States)

ASN54113 (FASTLY, US)
cdn.krxd.net
9    23.66.229.147 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-66-229-147.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
secure-assets.rubiconproject.com
7    201.7.177.167 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
static.infoglobo.com.br
26    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
15.taboola.com
vidstat.taboola.com
imprnjmp.taboola.com
match.taboola.com
1    2607:f8b0:4006:80e::2010 (New York, United States)

ASN15169 (GOOGLE, US)
gadasource.storage.googleapis.com
1    35.198.44.170 (São Paulo, Brazil)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 170.44.198.35.bc.googleusercontent.com
usergate.globo.com
1    186.192.81.117 (Niterói, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-81-117.prt.globo.com
horizon-schemas.globo.com
1    52.35.73.181 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-73-181.us-west-2.compute.amazonaws.com
ivccf.ivcbrasil.org.br
6    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
consumer.krxd.net
2    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
widget.perfectmarket.com
14    54.227.59.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-59-83.compute-1.amazonaws.com
beacon.krxd.net
2    35.215.207.122 (São Paulo, Brazil)

ASN15169 (GOOGLE, US)
PTR: 122.207.215.35.bc.googleusercontent.com
globo-mab.globo.com
2    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
8    52.1.244.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-244-65.compute-1.amazonaws.com
usermatch.krxd.net
44    142.251.40.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net
cm.g.doubleclick.net
11    184.50.205.90 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-50-205-90.deploy.static.akamaitechnologies.com
stags.bluekai.com
tags.bluekai.com
11    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
5    52.27.120.158 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-27-120-158.us-west-2.compute.amazonaws.com
dpm.demdex.net
23    68.67.160.132 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
11    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
7    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
11    207.198.113.86 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    76.13.32.147 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com
cms.analytics.yahoo.com
22    199.127.204.147 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
3    2606:4700::6811:b9b1 (United States)

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
buy.tinypass.com
26    142.250.80.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f2.1e100.net
securepubads.g.doubleclick.net
1    13.224.214.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-77.phl50.r.cloudfront.net
static.hotjar.com
5    2607:f8b0:4006:820::200e (New York, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
ampcid.google.com
1    2607:f8b0:4006:822::2008 (New York, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:3030::6815:5476 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
4    2600:141b:13:7a8::268b (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.cxense.com
1    2606:4700::6810:2a41 (United States)

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
12    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
us-trc-events.taboola.com
us-match.taboola.com
us-vid-events.taboola.com
sync.taboola.com
sync-t1.taboola.com
1    2607:f8b0:4006:806::200e (New York, United States)

ASN15169 (GOOGLE, US)
ampcid.google.ca
1    13.224.214.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-103.phl50.r.cloudfront.net
script.hotjar.com
2    2602:803:c002:200::41 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    34.236.83.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-83-94.compute-1.amazonaws.com
c2shb.pubgw.yahoo.com
2    2607:f8b0:4006:81f::200a (New York, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    13.224.214.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-88.phl50.r.cloudfront.net
vars.hotjar.com
1    2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    145.40.89.32 (Ashburn, United States)

ASN54825 (PACKET, US)
p1cluster.cxense.com
comcluster.cxense.com
id.cxense.com
22    2607:f8b0:4006:822::2002 (New York, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
pagead2.googlesyndication.com
21    2607:f8b0:4006:816::2001 (New York, United States)

ASN15169 (GOOGLE, US)
066da66e2e5b10bb8a1c7caabfa9442a.safeframe.googlesyndication.com
tpc.googlesyndication.com
684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
1    34.209.30.241 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-30-241.us-west-2.compute.amazonaws.com
id.sharedid.org
2    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
2    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    13.224.214.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-92.phl50.r.cloudfront.net
tags.crwdcntrl.net
1    3.12.169.211 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-12-169-211.us-east-2.compute.amazonaws.com
prod.uidapi.com
1    3.19.54.139 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-54-139.us-east-2.compute.amazonaws.com
ads.vidoomy.com
7    2607:f8b0:4006:809::2002 (New York, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
7    104.18.133.145 (None, )

ASN13335 (CLOUDFLARENET, US)
t.seedtag.com
cs.seedtag.com
config.seedtag.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
8    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
1    54.221.252.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-252-20.compute-1.amazonaws.com
bcp.crwdcntrl.net
3    23.41.169.52 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-169-52.deploy.static.akamaitechnologies.com
a.teads.tv
2    52.202.195.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-195-121.compute-1.amazonaws.com
prebid-a.rubiconproject.com
5    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
hcodemedia-d.openx.net
u.openx.net
vidoomy-d.openx.net
5    2607:f8b0:4006:81c::2004 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.com
14    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
ad.lkqd.net
35    63.251.28.233 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
24    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
6    2600:1f18:4e9:5a02:b371:809f:9514:eb53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
2    52.58.70.33 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-70-33.eu-central-1.compute.amazonaws.com
a.vidoomy.com
9    3.218.90.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com
ups.analytics.yahoo.com
8    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
14    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
u.openx.net
17    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
3    173.223.57.118 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-57-118.deploy.static.akamaitechnologies.com
t.teads.tv
48    173.223.56.242 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-56-242.deploy.static.akamaitechnologies.com
ads.pubmatic.com
vpaid.pubmatic.com
1    52.216.26.78 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
16    146.20.128.188 (United States)

ASN27357 (RACKSPACE, US)
v.lkqd.net
6    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
5    2606:4700::6813:ac6c (United States)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
33    146.20.132.198 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
4    47.252.78.131 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
event.clientgear.com
2    8.2.110.134 (United States)

ASN46636 (NATCOWEB, US)
cs.krushmedia.com
10    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
r.turn.com
7    3.82.84.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-82-84-88.compute-1.amazonaws.com
sync.srv.stackadapt.com
56    146.20.132.135 (United States)

ASN27357 (RACKSPACE, US)
t.lkqd.net
21    35.244.182.124 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 124.182.244.35.bc.googleusercontent.com
s.seedtag.com
ping.seedtag.com
4    2620:116:800b:21:b08a:1dc5:659b:4055 (United States)

ASN27281 (QUANTCAST, US)
secure.quantserve.com
cms.quantserve.com
pixel.quantserve.com
1    35.201.123.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.123.201.35.bc.googleusercontent.com
tags.t.tailtarget.com
4    13.224.205.195 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-205-195.phl50.r.cloudfront.net
c.amazon-adsystem.com
4    63.251.86.50 (United States)

ASN10913 (INTERNAP-BLK, US)
ap.lijit.com
1    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    52.71.183.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-183-251.compute-1.amazonaws.com
pixel.adsafeprotected.com
1    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
2    34.107.184.81 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 81.184.107.34.bc.googleusercontent.com
nxd.adhaven.com
4    199.38.167.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
a.rfihub.com
6    2606:4700:4400::6812:230b (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
11    3.230.10.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-10-142.compute-1.amazonaws.com
match.prod.bidr.io
1    2600:9000:20ed:aa00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
16    23.73.244.44 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-244-44.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    2600:141b:13::17d7:8239 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
csync.smartadserver.com
10    162.55.233.29 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.29.233.55.162.clients.your-server.de
sync.richaudience.com
8    67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
de.tynt.com
hde.tynt.com
22    195.244.31.10 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
visitor.omnitagjs.com
visitor-usa02.omnitagjs.com
2    51.222.39.187 (Canada)

ASN16276 (OVH, FR)
PTR: ip187.ip-51-222-39.net
onetag-sys.com
7    68.67.179.155 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
3    199.187.193.199 (Canada)

ASN47043 (SMARTADSERVER, CA)
sync.smartadserver.com
7    64.74.236.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
2    35.211.233.246 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 246.233.211.35.bc.googleusercontent.com
a.sportradarserving.com
13    192.35.249.127 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
2    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
11    54.204.94.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-94-170.compute-1.amazonaws.com
sync.springserve.com
vid-io-iad.springserve.com
8    216.200.232.249 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    18.211.60.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-60-235.compute-1.amazonaws.com
ad.360yield.com
match.360yield.com
22    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
dsum.casalemedia.com
1    37.157.6.241 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
3    34.233.178.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-178-173.compute-1.amazonaws.com
rtb.adentifi.com
2    52.72.110.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-110-7.compute-1.amazonaws.com
ads.creative-serving.com
9    2600:1f18:1c96:4102:b9ab:f4:b89e:5480 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.tidaltv.com
3    15.235.43.119 (Canada)

ASN16276 (OVH, FR)
PTR: ns5012066.ip-15-235-43.net
gu.dyntrk.com
1    54.166.248.65 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-248-65.compute-1.amazonaws.com
media.sabio.us
1    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
1    34.229.3.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com
loadm.exelator.com
7    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    18.235.231.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-231-13.compute-1.amazonaws.com
sync.crwdcntrl.net
3    2600:9000:20ed:ee00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
6    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
pixel-us-east.rubiconproject.com
25    104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
2    63.251.86.51 (United States)

ASN10913 (INTERNAP-BLK, US)
ce.lijit.com
4    199.187.193.204 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
4    44.209.207.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-207-157.compute-1.amazonaws.com
e1.emxdgt.com
cs.emxdgt.com
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
1    13.224.214.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-51.phl50.r.cloudfront.net
cm.smadex.com
2    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
4    52.223.22.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
3    96.46.183.20 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
6    173.223.56.26 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-56-26.deploy.static.akamaitechnologies.com
hblg.media.net
warp.media.net
lg3.media.net
cs.media.net
1    23.200.0.188 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-200-0-188.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
4    23.41.168.23 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-168-23.deploy.static.akamaitechnologies.com
contextual.media.net
2    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    2600:141b:13::17d7:822b (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
ced-ns.sascdn.com
4    185.167.164.42 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    109.206.161.21 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.21.serverel.net
sync.e-volution.ai
1    3.12.251.213 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-12-251-213.us-east-2.compute.amazonaws.com
sync.adotmob.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
1    107.151.8.242 (Piscataway, United States)

ASN55081 (24SHELLS, US)
s.spotim.market
1    2600:141b:13:783::2c79 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
2    199.187.193.197 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync.smartadserver.com
1    162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
lb.eu-1-id5-sync.com
11    2600:9000:20ed:b800:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)
vpaid.springserve.com
2    213.19.162.90 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
22    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    52.95.122.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2001:4998:14:800::1000 (United States)

ASN14777 (YAHOO, US)
ads.yahoo.com
5    52.70.17.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-17-67.compute-1.amazonaws.com
sync.aniview.com
6    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
cms-xch-chicago.33across.com
6    2606:ae80:1451:24::730 (United States)

ASN26762 (CNVR-US-EAST, US)
33across-match.dotomi.com
amazon-tam-match.dotomi.com
pulsepoint-match.dotomi.com
2    129.159.70.95 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
3    173.231.178.85 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
3    34.203.176.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-176-63.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
2    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
2    52.29.20.174 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-20-174.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    23.3.125.39 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-125-39.deploy.static.akamaitechnologies.com
px.owneriq.net
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
4    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
3    75.126.248.142 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 8e.f8.7e4b.ip4.static.sl-reverse.com
um.simpli.fi
3    18.232.9.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-232-9-126.compute-1.amazonaws.com
sync.ipredictive.com
2    2606:ae80:1451:13::2360 (United States)

ASN26762 (CNVR-US-EAST, US)
pubmatic-match.dotomi.com
1    198.24.162.123 (Ashburn, United States)

ASN19437 (SS-ASH, US)
server.cpmstar.com
2    204.2.255.233 (Fort Lauderdale, United States)

ASN2914 (NTT-LTD-2914, US)
pmp.mxptint.net
1    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
3    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
dsp.adkernel.com
1    107.20.229.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-229-204.compute-1.amazonaws.com
pixel.advertising.com
8    68.67.179.113 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
nym1-ib.adnxs.com
8    23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.spotim.market
3    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    23.200.0.200 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-200-0-200.deploy.static.akamaitechnologies.com
res-a.akamaihd.net
4    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
1    54.210.123.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-123-140.compute-1.amazonaws.com
jadserve.postrelease.com
2    52.200.129.133 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-129-133.compute-1.amazonaws.com
rtb.gumgum.com
9    54.198.189.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-189-0.compute-1.amazonaws.com
match.sharethrough.com
2    2607:f8b0:4006:823::2002 (New York, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
8    104.81.133.133 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-81-133-133.deploy.static.akamaitechnologies.com
ssl.connextra.com
5    173.223.56.228 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-56-228.deploy.static.akamaitechnologies.com
acdn.adnxs.com
cdn.adnxs.com
2    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    44.206.202.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-202-218.compute-1.amazonaws.com
d.adroll.com
20    35.172.99.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-99-217.compute-1.amazonaws.com
usersync.gumgum.com
4    70.42.32.255 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
sync.outbrain.com
2    35.211.141.197 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 197.141.211.35.bc.googleusercontent.com
m.fg8dgt.com
1    202.241.208.54 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
10    2607:f8b0:4006:824::2006 (New York, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
10    173.223.57.238 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-57-238.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
2    142.250.64.66 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s30-in-f2.1e100.net
googleads4.g.doubleclick.net
1    54.84.80.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-80-88.compute-1.amazonaws.com
tracker.samplicio.us
1    8.28.7.92 (United States)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
10    8.28.7.79 (United States)

ASN62713 (AS-PUBMATIC, US)
vid.pubmatic.com
1    3.211.146.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-146-183.compute-1.amazonaws.com
sync.extend.tv
1    52.86.43.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-43-160.compute-1.amazonaws.com
geo.moatads.com
1    3.134.29.131 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-134-29-131.us-east-2.compute.amazonaws.com
mb.moatads.com
20    23.41.168.202 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-168-202.deploy.static.akamaitechnologies.com
aktrack.pubmatic.com
2    142.250.80.70 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f6.1e100.net
ad.doubleclick.net
2    52.2.65.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-65-122.compute-1.amazonaws.com
io.narrative.io
8    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
cdn.stickyadstv.com
1    54.37.36.178 (None, )

ASN- ()
umfw.adscience.nl
1    173.223.57.44 (None, )

ASN- ()
js-sec.indexww.com
1    18.213.137.21 (None, )

ASN- ()
aorta.clickagy.com
1    2606:4700::6812:c4c (None, )

ASN- ()
cdn.indexww.com
1    142.251.41.2 (None, )

ASN- ()
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
119 lkqd.net
ad.lkqd.net — Cisco Umbrella Rank: 18800
v.lkqd.net — Cisco Umbrella Rank: 6661
cs.lkqd.net — Cisco Umbrella Rank: 3109
t.lkqd.net — Cisco Umbrella Rank: 16198
438 KB
113 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 496
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 518
simage2.pubmatic.com — Cisco Umbrella Rank: 610
image6.pubmatic.com — Cisco Umbrella Rank: 636
image2.pubmatic.com — Cisco Umbrella Rank: 869
image4.pubmatic.com — Cisco Umbrella Rank: 884
vpaid.pubmatic.com — Cisco Umbrella Rank: 5082
t.pubmatic.com — Cisco Umbrella Rank: 4804
vid.pubmatic.com — Cisco Umbrella Rank: 8917
aktrack.pubmatic.com — Cisco Umbrella Rank: 957
simage4.pubmatic.com — Cisco Umbrella Rank: 1247
864 KB
77 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222
stats.g.doubleclick.net — Cisco Umbrella Rank: 118
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313
ad.doubleclick.net — Cisco Umbrella Rank: 214
603 KB
49 glbimg.com
s3.glbimg.com — Cisco Umbrella Rank: 59569
s2.glbimg.com — Cisco Umbrella Rank: 61100
p.glbimg.com — Cisco Umbrella Rank: 96438
s.glbimg.com — Cisco Umbrella Rank: 68558
1 MB
44 rubiconproject.com
ads.rubiconproject.com — Cisco Umbrella Rank: 2174
token.rubiconproject.com — Cisco Umbrella Rank: 707
fastlane.rubiconproject.com — Cisco Umbrella Rank: 528
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 2687
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1040
eus.rubiconproject.com — Cisco Umbrella Rank: 588
pixel.rubiconproject.com — Cisco Umbrella Rank: 326
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2288
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 954
199 KB
43 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 628
cdn.stickyadstv.com — Cisco Umbrella Rank: 4134
577 KB
43 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 238
secure.adnxs.com — Cisco Umbrella Rank: 462
nym1-ib.adnxs.com — Cisco Umbrella Rank: 1218
acdn.adnxs.com — Cisco Umbrella Rank: 584
cdn.adnxs.com — Cisco Umbrella Rank: 1351
152 KB
40 googlesyndication.com
066da66e2e5b10bb8a1c7caabfa9442a.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
pagead2.googlesyndication.com — Cisco Umbrella Rank: 124
684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
ade.googlesyndication.com
193 KB
39 krxd.net
cdn.krxd.net — Cisco Umbrella Rank: 1419
consumer.krxd.net — Cisco Umbrella Rank: 1849
beacon.krxd.net — Cisco Umbrella Rank: 502
usermatch.krxd.net — Cisco Umbrella Rank: 1229
428 KB
38 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 900
trc.taboola.com — Cisco Umbrella Rank: 653
15.taboola.com — Cisco Umbrella Rank: 3230
us-trc-events.taboola.com — Cisco Umbrella Rank: 6113
vidstat.taboola.com — Cisco Umbrella Rank: 2125
imprnjmp.taboola.com — Cisco Umbrella Rank: 6015
us-match.taboola.com — Cisco Umbrella Rank: 6076
us-vid-events.taboola.com — Cisco Umbrella Rank: 5715
sync.taboola.com — Cisco Umbrella Rank: 933
sync-t1.taboola.com — Cisco Umbrella Rank: 1048
match.taboola.com — Cisco Umbrella Rank: 3191
275 KB
28 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 323
s.amazon-adsystem.com — Cisco Umbrella Rank: 288
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1264
64 KB
28 seedtag.com
t.seedtag.com — Cisco Umbrella Rank: 13325
s.seedtag.com — Cisco Umbrella Rank: 6862
cs.seedtag.com — Cisco Umbrella Rank: 17709
config.seedtag.com — Cisco Umbrella Rank: 19361
ping.seedtag.com
176 KB
24 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 292
10 KB
24 openx.net
oajs.openx.net — Cisco Umbrella Rank: 3853
google-bidout-d.openx.net — Cisco Umbrella Rank: 3639
us-u.openx.net — Cisco Umbrella Rank: 396
hcodemedia-d.openx.net — Cisco Umbrella Rank: 35800
u.openx.net — Cisco Umbrella Rank: 719
vidoomy-d.openx.net — Cisco Umbrella Rank: 31232
rtb.openx.net — Cisco Umbrella Rank: 1516
4 KB
23 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 560
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 453
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530
ssum.casalemedia.com — Cisco Umbrella Rank: 1365
dsum.casalemedia.com
20 KB
22 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1329
usersync.gumgum.com — Cisco Umbrella Rank: 2041
7 KB
22 springserve.com
sync.springserve.com — Cisco Umbrella Rank: 2375
vpaid.springserve.com — Cisco Umbrella Rank: 8972
vid-io-iad.springserve.com — Cisco Umbrella Rank: 6544
970 KB
22 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1273
visitor-usa02.omnitagjs.com — Cisco Umbrella Rank: 8598
5 KB
20 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 774
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 910
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
ups.analytics.yahoo.com — Cisco Umbrella Rank: 277
ads.yahoo.com — Cisco Umbrella Rank: 2334
10 KB
19 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 401
mug.criteo.com — Cisco Umbrella Rank: 2755
dis.criteo.com — Cisco Umbrella Rank: 699
20 KB
17 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 381
9 KB
16 globo.com
glamour.globo.com — Cisco Umbrella Rank: 428323
recomendacao.globo.com — Cisco Umbrella Rank: 127775
id.globo.com — Cisco Umbrella Rank: 277295
cocoon.globo.com — Cisco Umbrella Rank: 82789
globo-ab.globo.com — Cisco Umbrella Rank: 86863
horizon.globo.com — Cisco Umbrella Rank: 61231
usergate.globo.com — Cisco Umbrella Rank: 73684
horizon-schemas.globo.com — Cisco Umbrella Rank: 64260
globo-mab.globo.com — Cisco Umbrella Rank: 75628
horizon-track.globo.com — Cisco Umbrella Rank: 52378
152 KB
14 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 897
events-ssc.33across.com — Cisco Umbrella Rank: 1781
cms-xch-chicago.33across.com — Cisco Umbrella Rank: 6307
5 KB
14 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 550
9 KB
13 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 516
10 KB
12 moatads.com
z.moatads.com — Cisco Umbrella Rank: 442
geo.moatads.com — Cisco Umbrella Rank: 624
mb.moatads.com — Cisco Umbrella Rank: 670
px.moatads.com — Cisco Umbrella Rank: 468
115 KB
12 smartadserver.com
csync.smartadserver.com — Cisco Umbrella Rank: 3933
sync.smartadserver.com — Cisco Umbrella Rank: 1530
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 605
ssbsync.smartadserver.com — Cisco Umbrella Rank: 924
25 KB
11 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 494
4 KB
11 media.net
prebid.media.net — Cisco Umbrella Rank: 1356
hblg.media.net — Cisco Umbrella Rank: 1513
contextual.media.net — Cisco Umbrella Rank: 526
warp.media.net — Cisco Umbrella Rank: 2188
lg3.media.net — Cisco Umbrella Rank: 3520
cs.media.net — Cisco Umbrella Rank: 1437
163 KB
11 turn.com
ad.turn.com — Cisco Umbrella Rank: 791
d.turn.com — Cisco Umbrella Rank: 987
r.turn.com — Cisco Umbrella Rank: 2886
5 KB
11 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 597
8 KB
11 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 309
id.rlcdn.com — Cisco Umbrella Rank: 611
api.rlcdn.com Failed
1 KB
11 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 495
tags.bluekai.com — Cisco Umbrella Rank: 508
6 KB
10 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 289
112 KB
10 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1972
4 KB
10 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1443
id5-sync.com — Cisco Umbrella Rank: 541
33 KB
10 google.com
ampcid.google.com — Cisco Umbrella Rank: 1708
adservice.google.com — Cisco Umbrella Rank: 98
www.google.com — Cisco Umbrella Rank: 10
2 KB
10 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 145
5 KB
9 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 521
3 KB
9 spotim.market
s.spotim.market — Cisco Umbrella Rank: 8009
sync.spotim.market — Cisco Umbrella Rank: 1683
4 KB
9 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1201
3 KB
9 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 374
164 KB
8 connextra.com
ssl.connextra.com — Cisco Umbrella Rank: 10719
132 KB
8 dotomi.com
33across-match.dotomi.com — Cisco Umbrella Rank: 4160
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3808
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 5702
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 3426
3 KB
8 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 484
5 KB
8 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 623
2 KB
8 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1056
5 KB
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
gadasource.storage.googleapis.com — Cisco Umbrella Rank: 61029
imasdk.googleapis.com — Cisco Umbrella Rank: 448
312 KB
7 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 531
5 KB
7 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 551
4 KB
7 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 749
2 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 187
302 KB
7 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 4600
p1cluster.cxense.com — Cisco Umbrella Rank: 6831
comcluster.cxense.com — Cisco Umbrella Rank: 4401
id.cxense.com — Cisco Umbrella Rank: 8805
62 KB
7 infoglobo.com.br
static.infoglobo.com.br — Cisco Umbrella Rank: 207278
72 KB
7 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 817
57 KB
6 aniview.com
player.aniview.com — Cisco Umbrella Rank: 1567
sync.aniview.com — Cisco Umbrella Rank: 2403
3 KB
6 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 804
s.tribalfusion.com — Cisco Umbrella Rank: 2199
3 KB
6 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 679
ce.lijit.com — Cisco Umbrella Rank: 960
4 KB
6 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1232
t.teads.tv — Cisco Umbrella Rank: 2135
134 KB
6 navdmp.com
tag.navdmp.com — Cisco Umbrella Rank: 21578
usr.navdmp.com — Cisco Umbrella Rank: 25498
cdn.navdmp.com — Cisco Umbrella Rank: 5528
sync.navdmp.com — Cisco Umbrella Rank: 8346
cd.navdmp.com — Cisco Umbrella Rank: 258659
6 KB
6 gstatic.com
fonts.gstatic.com
82 KB
5 adform.net
cm.adform.net — Cisco Umbrella Rank: 1657
c1.adform.net — Cisco Umbrella Rank: 603
2 KB
5 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 929
1 KB
5 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 188
4 KB
4 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 686
1 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 469
736 B
4 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 411
2 KB
4 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 1215
cs.emxdgt.com — Cisco Umbrella Rank: 931
849 B
4 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 649
match.360yield.com — Cisco Umbrella Rank: 4170
1 KB
4 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 741
a.rfihub.com — Cisco Umbrella Rank: 2838
3 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 983
cms.quantserve.com — Cisco Umbrella Rank: 1083
pixel.quantserve.com — Cisco Umbrella Rank: 465
11 KB
4 clientgear.com
event.clientgear.com — Cisco Umbrella Rank: 1960
737 B
4 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1275
bcp.crwdcntrl.net — Cisco Umbrella Rank: 834
sync.crwdcntrl.net — Cisco Umbrella Rank: 728
30 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
3 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1038
1 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 826
1 KB
3 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1445
994 B
3 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1488
2 KB
3 e-volution.ai
sync.e-volution.ai — Cisco Umbrella Rank: 2451
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 5668
2 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 630
1 KB
3 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1794
res-a.akamaihd.net — Cisco Umbrella Rank: 6524
92 KB
3 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2045
2 KB
3 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 704
1 KB
3 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1344
1 KB
3 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1251
103 B
3 vidoomy.com
ads.vidoomy.com — Cisco Umbrella Rank: 20391
a.vidoomy.com — Cisco Umbrella Rank: 10132
6 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 642
script.hotjar.com — Cisco Umbrella Rank: 770
vars.hotjar.com — Cisco Umbrella Rank: 803
68 KB
3 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 6904
cdn.tinypass.com — Cisco Umbrella Rank: 5198
buy.tinypass.com — Cisco Umbrella Rank: 4075
92 KB
3 jsdelivr.net
fastly.jsdelivr.net — Cisco Umbrella Rank: 55188
cdn.jsdelivr.net — Cisco Umbrella Rank: 423
8 KB
2 indexww.com
js-sec.indexww.com
cdn.indexww.com
2 KB
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 4135
643 B
2 fg8dgt.com
m.fg8dgt.com — Cisco Umbrella Rank: 4960
767 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
427 B
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 5854
965 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 753
717 B
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 988
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 784
1 KB
2 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1359
1 KB
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 903
546 B
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1111
1 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
111 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 886
811 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 4488
1 KB
2 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1856
1 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2725
963 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 792
2 KB
2 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1523
hde.tynt.com — Cisco Umbrella Rank: 4911
3 KB
2 adhaven.com
nxd.adhaven.com — Cisco Umbrella Rank: 41408
467 B
2 krushmedia.com
cs.krushmedia.com — Cisco Umbrella Rank: 5454
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 627
26 KB
2 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 4006
16 KB
2 perfectmarket.com
widget.perfectmarket.com — Cisco Umbrella Rank: 3204
34 KB
2 imageboss.me
img.imageboss.me — Cisco Umbrella Rank: 281711
779 KB
2 hackeandoansiedade.space
www.protocolo7em7.com.br.hackeandoansiedade.space
18 KB
1 clickagy.com
aorta.clickagy.com
433 B
1 adscience.nl
umfw.adscience.nl
487 B
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1715
607 B
1 samplicio.us
tracker.samplicio.us — Cisco Umbrella Rank: 2406
390 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 986
839 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1521
112 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1375
536 B
1 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 871
198 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 5315
529 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2979
173 B
1 cpmstar.com
server.cpmstar.com — Cisco Umbrella Rank: 5343
612 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 3841
390 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 361
572 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1685
331 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 736
710 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1387
730 B
1 sascdn.com
ced-ns.sascdn.com — Cisco Umbrella Rank: 2615
3 KB
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2161
464 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 3708
46 B
1 smadex.com
cm.smadex.com — Cisco Umbrella Rank: 3898
609 B
1 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1384
324 B
1 sabio.us
media.sabio.us — Cisco Umbrella Rank: 21837
235 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 953
1 KB
1 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 602
514 B
1 tailtarget.com
tags.t.tailtarget.com — Cisco Umbrella Rank: 42183
8 KB
1 amazonaws.com
s3.amazonaws.com
14 KB
1 uidapi.com
prod.uidapi.com — Cisco Umbrella Rank: 6484
5 KB
1 sharedid.org
id.sharedid.org — Cisco Umbrella Rank: 5604
904 B
1 google.ca
ampcid.google.ca — Cisco Umbrella Rank: 90445
462 B
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 3842
4 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 4318
3 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 94
72 KB
1 ivcbrasil.org.br
ivccf.ivcbrasil.org.br — Cisco Umbrella Rank: 115176
461 B
0 resetdigital.co Failed
sync.resetdigital.co Failed
0 nexac.com Failed
r.nexac.com Failed
992 149
Domain Requested by
56 t.lkqd.net ad.lkqd.net
44 cm.g.doubleclick.net 24 redirects google-bidout-d.openx.net
glamour.globo.com
eus.rubiconproject.com
684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
googleads.g.doubleclick.net
rtb.gumgum.com
ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
35 ads.stickyadstv.com 12 redirects glamour.globo.com
ad.lkqd.net
cdn.stickyadstv.com
33 cs.lkqd.net 7 redirects ad.lkqd.net
glamour.globo.com
30 s3.glbimg.com glamour.globo.com
p.glbimg.com
s.glbimg.com
s3.glbimg.com
tags.tiqcdn.com
27 ads.pubmatic.com securepubads.g.doubleclick.net
cs.seedtag.com
visitor.omnitagjs.com
ads.pubmatic.com
s.spotim.market
rtb.gumgum.com
vpaid.pubmatic.com
26 securepubads.g.doubleclick.net tags.tiqcdn.com
securepubads.g.doubleclick.net
www.protocolo7em7.com.br.hackeandoansiedade.space
www.googletagservices.com
a.teads.tv
24 x.bidswitch.net 23 redirects glamour.globo.com
23 ib.adnxs.com 13 redirects glamour.globo.com
ads.pubmatic.com
googleads.g.doubleclick.net
acdn.adnxs.com
22 s.amazon-adsystem.com 3 redirects c.amazon-adsystem.com
eus.rubiconproject.com
s.amazon-adsystem.com
us-u.openx.net
bh.contextweb.com
ssum-sec.casalemedia.com
rtb.gumgum.com
match.sharethrough.com
glamour.globo.com
21 vpaid.pubmatic.com vpaid.springserve.com
blank
ad.lkqd.net
20 aktrack.pubmatic.com glamour.globo.com
20 usersync.gumgum.com 1 redirects rtb.gumgum.com
20 s.seedtag.com t.seedtag.com
cs.seedtag.com
eus.rubiconproject.com
hde.tynt.com
ads.pubmatic.com
config.seedtag.com
18 simage2.pubmatic.com 2 redirects glamour.globo.com
ads.pubmatic.com
18 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.googletagservices.com
684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
glamour.globo.com
tpc.googlesyndication.com
ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
googleads.g.doubleclick.net
17 visitor.omnitagjs.com cs.seedtag.com
glamour.globo.com
visitor.omnitagjs.com
eus.rubiconproject.com
player.aniview.com
ssbsync.smartadserver.com
s.spotim.market
ads.pubmatic.com
17 match.adsrvr.org 16 redirects ads.pubmatic.com
16 eus.rubiconproject.com cs.seedtag.com
eus.rubiconproject.com
visitor.omnitagjs.com
hde.tynt.com
player.aniview.com
rtb.gumgum.com
ads.rubiconproject.com
ads.pubmatic.com
16 v.lkqd.net ad.lkqd.net
16 tpc.googlesyndication.com securepubads.g.doubleclick.net
684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
tpc.googlesyndication.com
glamour.globo.com
ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
15 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
14 us-u.openx.net 3 redirects google-bidout-d.openx.net
sync.richaudience.com
us-u.openx.net
ads.pubmatic.com
14 ad.lkqd.net www.protocolo7em7.com.br.hackeandoansiedade.space
ad.lkqd.net
14 sync.1rx.io 14 redirects
14 beacon.krxd.net tag.navdmp.com
glamour.globo.com
cdn.krxd.net
13 sync.search.spotxchange.com 12 redirects cs.seedtag.com
13 cdn.taboola.com www.protocolo7em7.com.br.hackeandoansiedade.space
cdn.taboola.com
glamour.globo.com
client
11 vpaid.springserve.com ad.lkqd.net
11 match.prod.bidr.io 11 redirects
11 pixel-sync.sitescout.com 9 redirects glamour.globo.com
11 gum.criteo.com 7 redirects static.criteo.net
11 cdn.krxd.net tags.tiqcdn.com
cdn.krxd.net
10 vid-io-iad.springserve.com vpaid.springserve.com
10 vid.pubmatic.com vpaid.pubmatic.com
10 s0.2mdn.net www.protocolo7em7.com.br.hackeandoansiedade.space
s0.2mdn.net
ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
10 sync.richaudience.com 3 redirects cs.seedtag.com
sync.richaudience.com
us-u.openx.net
10 sb.scorecardresearch.com 3 redirects glamour.globo.com
cdn.taboola.com
10 s2.glbimg.com glamour.globo.com
s3.glbimg.com
9 px.moatads.com ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
glamour.globo.com
9 match.sharethrough.com 4 redirects s.amazon-adsystem.com
match.sharethrough.com
9 sync.tidaltv.com 9 redirects
9 ups.analytics.yahoo.com 7 redirects sync.richaudience.com
us-u.openx.net
9 trc.taboola.com cdn.taboola.com
glamour.globo.com
9 cdn.ampproject.org glamour.globo.com
cdn.ampproject.org
8 cdn.stickyadstv.com ad.lkqd.net
cdn.stickyadstv.com
8 ssl.connextra.com nym1-ib.adnxs.com
ssl.connextra.com
8 sync.spotim.market 2 redirects s.spotim.market
ads.pubmatic.com
8 nym1-ib.adnxs.com config.seedtag.com
nym1-ib.adnxs.com
cdn.adnxs.com
8 sync.mathtag.com 8 redirects
8 ssc-cms.33across.com 8 redirects
8 ad.turn.com 8 redirects
8 sync-tm.everesttech.net 8 redirects
8 id5-sync.com 4 redirects cdn.id5-sync.com
glamour.globo.com
ads.pubmatic.com
8 sync.targeting.unrulymedia.com 6 redirects glamour.globo.com
8 usermatch.krxd.net 8 redirects
8 s.glbimg.com glamour.globo.com
s.glbimg.com
tags.tiqcdn.com
s3.glbimg.com
7 image2.pubmatic.com ads.pubmatic.com
7 bh.contextweb.com 2 redirects glamour.globo.com
s.amazon-adsystem.com
bh.contextweb.com
7 b1sync.zemanta.com 7 redirects
7 secure.adnxs.com 7 redirects
7 sync.srv.stackadapt.com 7 redirects
7 www.googletagservices.com securepubads.g.doubleclick.net
684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
7 token.rubiconproject.com 4 redirects glamour.globo.com
eus.rubiconproject.com
7 static.infoglobo.com.br tags.tiqcdn.com
static.infoglobo.com.br
7 tags.tiqcdn.com glamour.globo.com
tags.tiqcdn.com
6 tags.bluekai.com 6 redirects
6 secure-assets.rubiconproject.com 6 redirects
6 mug.criteo.com glamour.globo.com
6 pr-bh.ybp.yahoo.com 3 redirects google-bidout-d.openx.net
ads.pubmatic.com
ssum-sec.casalemedia.com
6 idsync.rlcdn.com 1 redirects glamour.globo.com
ads.pubmatic.com
us-u.openx.net
6 consumer.krxd.net cdn.krxd.net
6 fonts.gstatic.com fonts.googleapis.com
glamour.globo.com
5 events-ssc.33across.com hde.tynt.com
eus.rubiconproject.com
5 sync.aniview.com 1 redirects player.aniview.com
eus.rubiconproject.com
5 id.rlcdn.com 2 redirects visitor.omnitagjs.com
ssbsync.smartadserver.com
us-u.openx.net
5 visitor-usa02.omnitagjs.com visitor.omnitagjs.com
5 ssum-sec.casalemedia.com 2 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
5 csync.loopme.me 5 redirects
5 www.google.com securepubads.g.doubleclick.net
684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
tpc.googlesyndication.com
ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
5 dpm.demdex.net 2 redirects glamour.globo.com
ssum-sec.casalemedia.com
5 stags.bluekai.com 3 redirects glamour.globo.com
5 fonts.googleapis.com www.protocolo7em7.com.br.hackeandoansiedade.space
glamour.globo.com
4 sync.outbrain.com 3 redirects rtb.gumgum.com
4 pixel.tapad.com 2 redirects us-u.openx.net
cs.seedtag.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 image6.pubmatic.com ads.pubmatic.com
4 contextual.media.net 684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
contextual.media.net
ads.pubmatic.com
4 eb2.3lift.com 3 redirects glamour.globo.com
4 rtb-csync.smartadserver.com glamour.globo.com
ssbsync.smartadserver.com
4 pixel.rubiconproject.com 2 redirects eus.rubiconproject.com
4 a.tribalfusion.com 2 redirects ads.pubmatic.com
ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
4 ap.lijit.com 3 redirects ads.pubmatic.com
4 c.amazon-adsystem.com s3.amazonaws.com
c.amazon-adsystem.com
4 event.clientgear.com 2 redirects ad.lkqd.net
4 t.seedtag.com securepubads.g.doubleclick.net
t.seedtag.com
4 adservice.google.com securepubads.g.doubleclick.net
glamour.globo.com
4 us-trc-events.taboola.com glamour.globo.com
4 cdn.cxense.com cdn.tinypass.com
cdn.cxense.com
4 www.google-analytics.com tags.tiqcdn.com
www.googletagmanager.com
glamour.globo.com
3 acdn.adnxs.com nym1-ib.adnxs.com
ads.pubmatic.com
3 rtb.openx.net 2 redirects us-u.openx.net
3 cs.emxdgt.com 3 redirects
3 sync.ipredictive.com 3 redirects
3 um.simpli.fi 3 redirects
3 beacon.lynx.cognitivlabs.com 2 redirects ads.pubmatic.com
3 cm.adgrx.com 3 redirects
3 creativecdn.com 3 redirects
3 ads.betweendigital.com 2 redirects glamour.globo.com
3 sync-t1.taboola.com glamour.globo.com
3 sync.taboola.com 2 redirects glamour.globo.com
3 s.ad.smaato.net 3 redirects
3 gu.dyntrk.com 2 redirects glamour.globo.com
3 rtb.adentifi.com glamour.globo.com
ads.pubmatic.com
684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
3 ad.360yield.com 3 redirects
3 sync.smartadserver.com 3 redirects
3 csync.smartadserver.com cs.seedtag.com
csync.smartadserver.com
3 p.rfihub.com 1 redirects ad.lkqd.net
3 t.teads.tv glamour.globo.com
3 a.teads.tv securepubads.g.doubleclick.net
a.teads.tv
3 horizon-track.globo.com s3.glbimg.com
3 ads.rubiconproject.com tags.tiqcdn.com
ads.rubiconproject.com
3 cocoon.globo.com s.glbimg.com
2 io.narrative.io 1 redirects cs.seedtag.com
2 ad.doubleclick.net 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 googleads4.g.doubleclick.net www.protocolo7em7.com.br.hackeandoansiedade.space
2 m.fg8dgt.com 2 redirects
2 www.facebook.com glamour.globo.com
2 pulsepoint-match.dotomi.com 2 redirects
2 cdn.adnxs.com nym1-ib.adnxs.com
2 googleads.g.doubleclick.net ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
www.protocolo7em7.com.br.hackeandoansiedade.space
2 amazon-tam-match.dotomi.com 2 redirects
2 rtb.gumgum.com s.amazon-adsystem.com
cs.seedtag.com
2 res-a.akamaihd.net contextual.media.net
2 pixel-us-east.rubiconproject.com 2 redirects
2 rtb2-useast.e-volution.ai 2 redirects
2 r.turn.com 684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
2 config.seedtag.com www.protocolo7em7.com.br.hackeandoansiedade.space
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 pubmatic-match.dotomi.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 pippio.com 2 redirects
2 px.owneriq.net 2 redirects
2 pm.w55c.net 2 redirects
2 ums.acuityplatform.com 2 redirects
2 match.deepintent.com 1 redirects ads.pubmatic.com
2 sync.technoratimedia.com 2 redirects
2 33across-match.dotomi.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects eus.rubiconproject.com
2 lg3.media.net 684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
contextual.media.net
2 ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 pixel-eu.rubiconproject.com 2 redirects
2 ssbsync.smartadserver.com 1 redirects visitor.omnitagjs.com
2 pixel.quantserve.com 1 redirects glamour.globo.com
2 connect.facebook.net www.protocolo7em7.com.br.hackeandoansiedade.space
connect.facebook.net
2 hblg.media.net www.protocolo7em7.com.br.hackeandoansiedade.space
684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
2 u.openx.net 1 redirects glamour.globo.com
2 rtb.mfadsrvr.com 2 redirects
2 dis.criteo.com 2 redirects
2 ce.lijit.com 1 redirects glamour.globo.com
2 sync.crwdcntrl.net glamour.globo.com
sync.richaudience.com
cs.seedtag.com
2 ads.creative-serving.com 2 redirects
2 spl.zeotap.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 onetag-sys.com cs.seedtag.com
s.spotim.market
2 s.tribalfusion.com 2 redirects
2 nxd.adhaven.com 2 redirects
2 684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 cs.krushmedia.com 2 redirects
2 a.vidoomy.com glamour.globo.com
2 prebid-a.rubiconproject.com ads.rubiconproject.com
2 oajs.openx.net 1 redirects glamour.globo.com
2 static.criteo.net securepubads.g.doubleclick.net
2 cdn.id5-sync.com securepubads.g.doubleclick.net
www.protocolo7em7.com.br.hackeandoansiedade.space
2 oa.openxcdn.net securepubads.g.doubleclick.net
2 imasdk.googleapis.com s3.glbimg.com
2 c2shb.pubgw.yahoo.com ads.rubiconproject.com
2 fastlane.rubiconproject.com ads.rubiconproject.com
ads.pubmatic.com
2 sync.navdmp.com glamour.globo.com
2 cms.analytics.yahoo.com 2 redirects
2 cdn.jsdelivr.net ads.rubiconproject.com
2 globo-mab.globo.com s3.glbimg.com
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
2 glamour.globo.com www.protocolo7em7.com.br.hackeandoansiedade.space
glamour.globo.com
2 img.imageboss.me www.protocolo7em7.com.br.hackeandoansiedade.space
2 www.protocolo7em7.com.br.hackeandoansiedade.space www.protocolo7em7.com.br.hackeandoansiedade.space
1 ade.googlesyndication.com glamour.globo.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 aorta.clickagy.com 1 redirects
1 js-sec.indexww.com ads.pubmatic.com
1 umfw.adscience.nl 1 redirects
1 ping.seedtag.com t.seedtag.com
1 mb.moatads.com z.moatads.com
1 geo.moatads.com z.moatads.com
1 match.360yield.com 1 redirects
1 sync.extend.tv 1 redirects
1 t.pubmatic.com ads.pubmatic.com
1 tracker.samplicio.us ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
1 z.moatads.com s0.2mdn.net
1 tg.socdm.com 1 redirects
1 ssum.casalemedia.com 1 redirects
1 d.adroll.com 1 redirects
1 jadserve.postrelease.com 1 redirects
1 pixel.advertising.com 1 redirects
1 a.rfihub.com 1 redirects
1 dsp.adkernel.com 1 redirects
1 tr.blismedia.com 684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
1 server.cpmstar.com 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 cs.media.net contextual.media.net
1 cms-xch-chicago.33across.com hde.tynt.com
1 ads.yahoo.com eus.rubiconproject.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 player.aniview.com visitor.omnitagjs.com
1 s.spotim.market visitor.omnitagjs.com
1 bttrack.com 1 redirects
1 sync.adotmob.com 1 redirects
1 sync.e-volution.ai 1 redirects
1 ced-ns.sascdn.com csync.smartadserver.com
1 warp.media.net 684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
1 qsearch-a.akamaihd.net www.protocolo7em7.com.br.hackeandoansiedade.space
1 vidoomy-d.openx.net ad.lkqd.net
1 t.adx.opera.com glamour.globo.com
1 s.uuidksinc.net glamour.globo.com
1 match.taboola.com glamour.globo.com
1 cm.smadex.com 1 redirects
1 e1.emxdgt.com glamour.globo.com
1 cms.quantserve.com 1 redirects
1 loadm.exelator.com glamour.globo.com
1 d.turn.com 1 redirects
1 media.sabio.us 1 redirects
1 cm.adform.net cs.seedtag.com
1 sync.springserve.com 1 redirects
1 hde.tynt.com cs.seedtag.com
1 de.tynt.com 1 redirects
1 rules.quantcount.com secure.quantserve.com
1 htlb.casalemedia.com ads.pubmatic.com
1 pixel.adsafeprotected.com ads.pubmatic.com
1 prebid.media.net ads.pubmatic.com
1 hbopenbid.pubmatic.com ads.pubmatic.com
1 hcodemedia-d.openx.net ads.pubmatic.com
1 cs.seedtag.com t.seedtag.com
1 tags.t.tailtarget.com t.seedtag.com
1 secure.quantserve.com t.seedtag.com
1 s3.amazonaws.com securepubads.g.doubleclick.net
1 google-bidout-d.openx.net oa.openxcdn.net
1 id.cxense.com cdn.cxense.com
1 comcluster.cxense.com cdn.cxense.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 ads.vidoomy.com securepubads.g.doubleclick.net
1 prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 id.sharedid.org securepubads.g.doubleclick.net
1 us-vid-events.taboola.com glamour.globo.com
1 us-match.taboola.com vidstat.taboola.com
1 imprnjmp.taboola.com vidstat.taboola.com
1 066da66e2e5b10bb8a1c7caabfa9442a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 p1cluster.cxense.com cdn.cxense.com
1 stats.g.doubleclick.net www.google-analytics.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 ampcid.google.ca www.google-analytics.com
1 vidstat.taboola.com cdn.taboola.com
1 15.taboola.com cdn.taboola.com
1 c2.piano.io cdn.tinypass.com
1 buy.tinypass.com cdn.tinypass.com
1 www.npttech.com static.infoglobo.com.br
1 ampcid.google.com www.google-analytics.com
1 cdn.tinypass.com experience.tinypass.com
1 www.googletagmanager.com tags.tiqcdn.com
1 static.hotjar.com tags.tiqcdn.com
1 experience.tinypass.com static.infoglobo.com.br
1 cd.navdmp.com glamour.globo.com
1 cdn.navdmp.com tag.navdmp.com
1 ivccf.ivcbrasil.org.br glamour.globo.com
1 horizon-schemas.globo.com s3.glbimg.com
1 usr.navdmp.com tag.navdmp.com
1 usergate.globo.com tags.tiqcdn.com
1 gadasource.storage.googleapis.com tags.tiqcdn.com
1 tag.navdmp.com tags.tiqcdn.com
1 horizon.globo.com glamour.globo.com
1 globo-ab.globo.com p.glbimg.com
1 id.globo.com 1 redirects
1 p.glbimg.com glamour.globo.com
1 recomendacao.globo.com glamour.globo.com
1 fastly.jsdelivr.net www.protocolo7em7.com.br.hackeandoansiedade.space
0 api.rlcdn.com Failed ads.pubmatic.com
0 sync.resetdigital.co Failed ads.pubmatic.com
0 r.nexac.com Failed glamour.globo.com
992 292
Subject Issuer Validity Valid
*.6em7.org
R3		 2022-08-12 -
2022-11-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-09 -
2023-06-09		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-21 -
2023-04-22		 a year crt.sh
glamour.globo.com
R3		 2022-06-16 -
2022-09-14		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
s3.glbimg.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-05-21 -
2023-05-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
*.glbimg.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-05-29 -
2023-05-30		 a year crt.sh
recomendacao.globo.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-01-04 -
2023-01-04		 a year crt.sh
cocoon.globo.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-10-15 -
2022-10-15		 a year crt.sh
globo-ab.globo.com
R3		 2022-06-21 -
2022-09-19		 3 months crt.sh
horizon.globo.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-11-11 -
2022-11-11		 a year crt.sh
cdn.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-30 -
2022-12-29		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.infoglobo.com.br
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-11-17 -
2022-11-17		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.storage.googleapis.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
usergate.globo.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-05-13 -
2023-05-13		 a year crt.sh
horizon-schemas.globo.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-04-04 -
2023-04-04		 a year crt.sh
*.ivcbrasil.org.br
Amazon		 2022-05-31 -
2023-06-29		 a year crt.sh
consumer.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-07		 a year crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-24 -
2023-01-25		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
globo-mab.globo.com
R3		 2022-06-19 -
2022-09-17		 3 months crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
horizon-track.globo.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-11-11 -
2022-11-11		 a year crt.sh
*.piano.io
Sectigo RSA Domain Validation Secure Server CA		 2021-08-19 -
2022-09-18		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.cxense.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-17 -
2023-04-17		 a year crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2022-04-27 -
2023-04-26		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.google.ca
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
id.sharedid.org
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2022-08-09 -
2022-11-07		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.uidapi.com
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-06 -
2022-09-05		 a year crt.sh
*.id5-sync.com
R3		 2022-05-31 -
2022-08-29		 3 months crt.sh
teads.tv
R3		 2022-06-01 -
2022-08-30		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
ad.lkqd.net
R3		 2022-08-01 -
2022-10-30		 3 months crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-19 -
2023-05-19		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
s3.amazonaws.com
Amazon		 2022-04-01 -
2023-03-30		 a year crt.sh
*.lkqd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-27 -
2023-07-18		 a year crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-28 -
2023-04-28		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-10 -
2023-07-10		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-24 -
2023-05-24		 a year crt.sh
*.smartadserver.com
DigiCert SHA2 Secure Server CA		 2021-10-06 -
2022-10-06		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
adentifi.com
Amazon		 2022-08-05 -
2023-09-03		 a year crt.sh
*.dyntrk.com
R3		 2022-06-22 -
2022-09-20		 3 months crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-05-08		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2022-05-18 -
2023-06-19		 a year crt.sh
uuidksinc.net
R3		 2022-07-18 -
2022-10-16		 3 months crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-18		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-05-21 -
2022-08-19		 3 months crt.sh
*.sascdn.com
DigiCert SHA2 Secure Server CA		 2021-09-13 -
2022-09-13		 a year crt.sh
s.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2022-08-05 -
2022-11-03		 3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-12-30 -
2023-01-03		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-06-01 -
2022-08-30		 3 months crt.sh
*.springserve.com
Amazon		 2022-03-31 -
2023-04-29		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-06-19 -
2022-09-17		 3 months crt.sh
sync.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2022-07-28 -
2022-10-26		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-07 -
2022-11-30		 6 months crt.sh
*.gumgum.com
Amazon		 2021-10-15 -
2022-11-12		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.connextra.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-26 -
2023-05-26		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon		 2022-02-09 -
2023-03-10		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
*.samplicio.us
Amazon		 2022-03-18 -
2023-04-16		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-05		 a year crt.sh
*.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-12 -
2023-02-12		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh

This page contains 167 frames:

Primary Page: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Frame ID: E6945B75C91DC2E3BF85410C9EC84F2B
Requests: 242 HTTP requests in this frame

Frame: https://glamour.globo.com/login-callback.ghtml
Frame ID: CC184D799BBBDA5D8AC35C6220595844
Requests: 2 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 2E5221BABA05C899C05D7701987A102F
Requests: 19 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 18D94AA58045457E6A2AE4A5E078A0F2
Requests: 19 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-54d18b2ccd1c7fa42c71f18525ba4ad0.html
Frame ID: 3809428CD9E96C8DFDF13F45E915CA41
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: E438A4D707E4F77782603D1E3428E445
Requests: 4 HTTP requests in this frame

Frame: https://066da66e2e5b10bb8a1c7caabfa9442a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4DE0E737C1F5B984B13D1D339A4211FC
Requests: 1 HTTP requests in this frame

Frame: https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7j2sCFgPFLCTVYqRz5gTFLCTVYqRz5gUAAAAGBvQHJGTzLBYW48qt3Dgsa9FqMFsLlwvbWjJYDmfDkXMyXFiMQAKDkWk4WznWKufEthYtfAu3xLbYrVWr3Ww0WpkcC5txCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8b1NB0Onyue73O7HD7XZe7zuy3-O0av9svdtpcntPz7PLL_aanx-nwSwaL5V4x2atdZqPf8vK8RX63wu536z1vtcvt8rzVDqfnrbL7LA-Pw-T3vEUut2SwWM51RtPbbAcAAACAB4CqpwWIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhMRwDQCTDYHokAOh_XbT5eUw-wMA4OEBBABAAIMEoID3tATg46zsBAAAAAAAAACA5f___z9mgF5vQQZA5D2nB-DBB-CBiECziBEAAABAJU7m7NGkTqgsqgAACNKtAK4AAAIEI0FuA8MAAAAKxECs1VM161opxxboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQDQBAmvAkir3aLyAAwNovIAAAm7oBALwFwIWcDppOh891r9f9fnfB5W_6e_xmv2_l9s01frddYrkLHR6vy2E3-R12z9Nlcphcds3h4XH5RUfQisFgdQqxG84Gu8lgtZsdAAAAwN3___8_Hoi1eqpmXSulHohMHA6XzeXaGEaGycYy2wxWvoVzNBuNFhvDzDHz3pkcp8JMLmplX4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzG_CFqPVZLJZDmfLxWQwHA1Ho_0NxGA0wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmJj4Fp7dYLZWbVyetWjksa0VDpdtrZosPBaTx2Wy2IZr0etjeq5szsXMuEXBgK-9CC7SicrkNP0tD5_Zb_G7dWaH2--6XMQSzckincgu-8rE4XDZXK6NYWSYbCyzzWDlWzhHs9FosTHMHDN_Y-JbeHaD2Vq1cXnWopHHtlY4XLa1arLwWEwel8liG65Fr4_pubI5FzPjvjGbDSbLyWQx2zdms8FkOZksZvsWl8TvVJpu2WhLZZwaPAenZ2FzmKWly2dk9CmPCWFpdz63JlaXt6Ywdg5mg8I3boyEumli5_dr_Y6DRRFLBKeLdCJ6GU8XsUTytEgnModn41tZTCPPcGSbzRyumcmy2exmLpfH4zBZFhOxRGm6SCd6sdPm8pyeZ5df7jc9PU6HXzJYLPeKyV7tMhv9lpfnLfK7FXa_W-95q11ul-etdjg9b5XdZ3l4HCa_5y1yuSWDxXKuM5reZov6jw4xWs5Vs7litZkrdstVAgAAAAAAAABYwpR5EwAAAIDTYHar5W61XACJP1Ddn_CmLyxlCstdvNYHO7FZ7sbixo8pyuQ0_S0Pn9lv8bt1Zofb77pcGUDCTZR5s2eCWKvVsgYAABDABgAACODWzVsgOiS3D7TEhVIv_MgF!&cmcv=&pix=undefined&cb=1660292217425&uv=3213&tms=1660292217425&abt=adh5c-1_vA!dfrc_vA!esv_vA!inc_all_video_vA!t45!ttdfpc_vA!tvrTotal_vB!ufm_vE&ru=https://www.protocolo7em7.com.br.hackeandoansiedade.space/&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=df31ab8e-9ca2-4506-89a6-209868d928ab&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: FABE1E6DEEFB813C33E3ACE2F59E3C6C
Requests: 1 HTTP requests in this frame

Frame: https://us-match.taboola.com/sync?dast=V7j2sCFgPFLCTVYqRz5gTFLCTVYqRz5gUAAAAGBvQHJGTzLBYW48qt3Dgsa9FqMFsLlwvbWjJYDmfDkXMyXFiMQAKDkWk4WznWKufEthYtfAu3xLbYrVWr3Ww0WpkcC5txCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8b1NB0Onyue73O7HD7XZe7zuy3-O0av9svdtpcntPz7PLL_aanx-nwSwaL5V4x2atdZqPf8vK8RX63wu536z1vtcvt8rzVDqfnrbL7LA-Pw-T3vEUut2SwWM51RtPbbAcAAACAB4CqpwWIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhMRwDQCTDYHokAOh_XbT5eUw-wMA4OEBBABAAIMEoID3tATg46zsBAAAAAAAAACA5f___z9mgF5vQQZA5D2nB-DBB-CBiECziBEAAABAJU7m7NGkTqgsqgAACNKtAK4AAAIEI0FuA8MAAAAKxECs1VM161opxxboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQDQBAmvAkir3aLyAAwNovIAAAm7oBALwFwIWcDppOh891r9f9fnfB5W_6e_xmv2_l9s01frddYrkLHR6vy2E3-R12z9Nlcphcds3h4XH5RUfQisFgdQqxG84Gu8lgtZsdAAAAwN3___8_Hoi1eqpmXSulHohMHA6XzeXaGEaGycYy2wxWvoVzNBuNFhvDzDHz3pkcp8JMLmplX4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzG_CFqPVZLJZDmfLxWQwHA1Ho_0NxGA0wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmJj4Fp7dYLZWbVyetWjksa0VDpdtrZosPBaTx2Wy2IZr0etjeq5szsXMuEXBgK-9CC7SicrkNP0tD5_Zb_G7dWaH2--6XMQSzckincgu-8rE4XDZXK6NYWSYbCyzzWDlWzhHs9FosTHMHDN_Y-JbeHaD2Vq1cXnWopHHtlY4XLa1arLwWEwel8liG65Fr4_pubI5FzPjvjGbDSbLyWQx2zdms8FkOZksZvsWl8TvVJpu2WhLZZwaPAenZ2FzmKWly2dk9CmPCWFpdz63JlaXt6Ywdg5mg8I3boyEumli5_dr_Y6DRRFLBKeLdCJ6GU8XsUTytEgnModn41tZTCPPcGSbzRyumcmy2exmLpfH4zBZFhOxRGm6SCd6sdPm8pyeZ5df7jc9PU6HXzJYLPeKyV7tMhv9lpfnLfK7FXa_W-95q11ul-etdjg9b5XdZ3l4HCa_5y1yuSWDxXKuM5reZov6jw4xWs5Vs7litZkrdstVAgAAAAAAAABYwpR5EwAAAIDTYHar5W61XACJP1Ddn_CmLyxlCstdvNYHO7FZ7sbixo8pyuQ0_S0Pn9lv8bt1Zofb77pcGUDCTZR5s2eCWKvVsgYAABDABgAACODWzVsgOiS3D7TEhVIv_MgF!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 2F233F4ABC076DDE7DF4C09A050FCE5A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJfSXNMqr2_Fraj_kM1t2BVUUjuzhMt7w2nR-ZHTY6PX-RpM82lzVvUmxdgL63pvrX5YhIzyEn9Ecsi--6JUmlwOhmPEfN0tKZX9ZbzdgKp7amzijCcZQuUgzCK3s_av9TdF5mo1ttxTcI-onP2DjYjhxJzjmcV4lz1ckV1--KdzSlsrQKi2JkmZ6vN1o0Eu0RmbWjEc39GC6MqavGDCjH4X1QdB6GFUqSZ7vfMmdaiyt_Y6NUxtvLEvRqB4E0h4Eyg4k1mHZ3mK_gBj0YfhCvWtX-UwcXTXOzYco5PMmz4fda1Rs30o1ga4-3iaHVjuEp6F-JAynOPQ&sai=AMfl-YT5XSap8lfe8GMObtgNZTcqy0LjGashLRQep4AVMViIqJSwTxdCkkKdrrdsbL7mriRyVp2JBldbnJeM2_hUPIUc2nobYaekCb-o_yLtWgw9V5O0v0h8LZo8eMlWKQ&sig=Cg0ArKJSzAVt48qLYbelEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6391F274EB8D49BBD769C0FC13587496
Requests: 21 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssO7ei9mmGR7dRYcQ2fVcj-edTEAko_6kwiEC3VW1gRDKTbrlJkA_Zv8aTGHtwgOXMzvw8-h3Ehe98anyfY3duHq31gt5vetfETEhf1CSZa60TD-G6rXChxV5HfeqOecT5jVjdPIA3PyKu9tFnn_1v-zE-ip0c8HBdC9xTFKgcg7twpllkt28Q0_fEMP2xWpV-ikM0Spsm2UeqzGrWfyf1zaNNliM4n9tX8-eGLphXxL9ifLAoYiIWZ5ofX4-cuhA1bP5Wk2i2Qs-H_qu0IHsUN6sD5G7ZD3IEk-cCNu1pacxrvRPhTMzbqOdqQDSMAqaA5D4yFzQ&sai=AMfl-YSl8FdaX35jiT2dgN5Dk56UkE5Y_0ZHVUh4YaAF_vntrHvTGtFFQmwfm-W5PtfiDGHjgUT5xwLEQOAK3dVYScV80mNjaGcs2ZYxMyYy8asOyGp1qQWvrAztFY8drw&sig=Cg0ArKJSzEAo9kA_FbuoEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7DD0BBB0BDA0004C6EDAF332F7B42297
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0YTTJk1gbs56ZdGpi5TYSEXmKlA8c8PLjny_30AdLVO51b16oBppyS7OVR3j2r8SA5HbjTf2FZsjR1P6xPOVAI54VzlXjRg1xPM-Ge_FIX1UZ3Se_cKV2iIYQbkFCsyIkm-JVAUZzTtQtXTBbMyAubqozI4BNKBpL-swRY9I9FIojGoNaBqKHYRP92TmBF1cpUCrLJUq4Eqv_-leMti-2bVFG0QGAdBJE9nf02o6BqklBO9BDqjSO8R75UgFD5oAJC7FiL1jwn8YM8jCvBDJY4f4jZn5hywiH2KIy4a3aao8Ah9tv6NgmbpopD5myWeB84MJ5TAHAUQ&sai=AMfl-YS1cDbBeZtDygKPCtOOoIA-0cCpW1V-R9-Wxx_Y6zLxvBEQ9VOyh1hWfuQCosTfq5-dXvuxfmChzcKXz-bk7gwQVkFFfw9mU11KTwanNegy00g-ZsXUpvBfCltu_9w&sig=Cg0ArKJSzJnzVWa90xV4EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D3EF90C834F3B743870DBC5F1171EF91
Requests: 4 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 4912F8E63BB37252AC3DD46BBBBAA1A2
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRkW0KgKj-ezi97_YS648jflFmHPak9i3sZOHU42uAnbEVX273HI-f6c_tKhcTpMtWKSfITXOsbKAZrzTsDRyZX8rbjl42FXGRWilXOguOwKTUsvzwvzegJ44rjp_zWJIOiweg3iZSPx5-XnEa9AM9YSDoisCmFl8fU1GFT8xWRiNvalyi5TKZtABmw8V4J0ubrDa075rWTOSpqkICnKu-b4rg3Dk1WvY6cvTVbv4kUfgRP4GJisBeZamixwOfFuR0X-hVxe2TcLX7ipYhVdlfhE64t9fG6aSnHbXGmViwSjCW-G8CL-s7JX8EdeMvfc7OVgEhOQ&sai=AMfl-YTkvh_NNlTI4UTua83N3YGVkv2Xq6sDqFZiVD6uZWpcIr_pAsfrMwb46wwRiYqBCVYUOXc31cDBQl9cY4--z2OO7NWz0v1pTnQ1RsDhZ7CDVZvkYQYcuPwc2vYHyQ&sig=Cg0ArKJSzK5AmOtMH6geEAE&uach_m=[UACH]&adurl=
Frame ID: E78506DF33019EEBFD84B49421CB3925
Requests: 9 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: D28CAF5F5A5DC0D1B45378F764550DEC
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 813559995663D6BD4B0F36383D296E79
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=glamour.globo.com
Frame ID: EF0DB46317F08E424A9386D431E06F66
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuip1mT92RiAmdeDLxw3guzHB9Zpm-m8DPyzAYfVtrDuLAfLUFdR8sKQYtZx-KPw_QKavScJPlW6YBSkuanWfYb2k-p2yfjf-HRUvZpBTbh8F5regv2lV52Xn0YOoaBWHJ51p6DA6uB4HKfaMvniKYkL8WuSwwRnNnh88WF777-xPqRsurf6Fkd3orhONnzuqhx602EYQT8D9Q07BOuACErgxmpQzWxQzsu1sApXBM23Af0rTrumAZd7pcOpmGn_36yaq3vcfo0fmu7A4ohw2KglFsQKqU_OirKEqViEMgc-ajjs0fnjOdZI7UI0Nb1D7qnZa0RmjqiNQ&sai=AMfl-YRcQ0YDnyrXeiJ-uJBDI_nIVhKRRU2AGmrzV_T-mEGZ5NMZlPJ3-GFUvZc_EumQ7XNHgnaENw_E2_8wkF7DhhOPwPIPLNIA6tCYee_35PZiwfY_ALccAOxRgGuR8TM&sig=Cg0ArKJSzPJRrXbSq7-PEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: CFBD93AB096EFE579986FB5D495ADAEF
Requests: 34 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: DEF720D1D82AD211A98D7E26ACC28F34
Requests: 9 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: AC7BA1A314FB940E054A9A6F83B4D926
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: BD9806BA63CEA2AE67301D8071B316DA
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 975B85A371FA22AFC2AE3001B69203D4
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 964F36AB700866E517092A029C21B681
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: DFF24E65C5F686813D5DD7F47C754612
Requests: 23 HTTP requests in this frame

Frame: https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 76169410D0477C7548B7D85E5E7DC9B6
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: C3B8EFFD83D01B410A7BC48CCE408453
Requests: 6 HTTP requests in this frame

Frame: https://secure.quantserve.com/quant.js
Frame ID: 0BF202FC8684DE3E526B5F824499B8D6
Requests: 3 HTTP requests in this frame

Frame: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Frame ID: AA25441F7DEFD37270533CD49FD58509
Requests: 15 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: E327402C4115F87AE0860BB91092E0AE
Requests: 7 HTTP requests in this frame

Frame: https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: E6A60833C8CD2477E7BE8D53CDEBA322
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Frame ID: 3D517EDD56B556A8E0859B1A836C86ED
Requests: 11 HTTP requests in this frame

Frame: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Frame ID: 5DA26043576C0D48FDAA70C35A0C2E2B
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Frame ID: DA290228629360A8B27BA7885FE19113
Requests: 23 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1660292218712&pubconsent=&euconsent=&hasConsent=1&rd=1
Frame ID: 095BBA5AA490ACD73DE87AE7B6B5C60C
Requests: 7 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Frame ID: 133C3C659BBC3C3018375B971F418C08
Requests: 7 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Frame ID: 350F74A4E5B398CD74CB6AB6D3E492EC
Requests: 17 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75601b04186d260
Frame ID: B6B07B681F8F6DB09FF0556580A42D79
Requests: 1 HTTP requests in this frame

Frame: https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L6Q748YP-1X-5LKK
Frame ID: 08AD7726C3741B4CF5795C8CC5829CE6
Requests: 21 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=glamour.globo.com
Frame ID: ECA693CCBDC801ABFF50A338C41E5529
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A337E4DDF7E940EEF938E5F809F86D83
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 40DDBDC326C87DE4A3B9F1F0468606DB
Requests: 2 HTTP requests in this frame

Frame: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Frame ID: FBC07A2ECFE8B196BE36375C472EF82D
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Frame ID: 6998273A99FBD052670915B0CBECC22B
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Frame ID: E73372FB2E40857C3D8D7C256BE53E5A
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Frame ID: 153277D119A1DAE7D15991CDBE3A780F
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/ssync/5e0e296628a061270b21ccab/ssync.html?pid=5e0e296628a061270b21ccab&r=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3De8ecb87ff2ef3a3b16ba16c51e7986ac%26visitor%3D%5BAV_UID%5D%26name%3DOPENWEB_VIDEO&gdpr=0&gdpr_consent=
Frame ID: 370AFB1CAEEB7039559352637957A09A
Requests: 2 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Frame ID: 711EF1AE4739132BDAA5353799703DE1
Requests: 6 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Frame ID: 688F59DA91F884C04A80359F5C4647AA
Requests: 4 HTTP requests in this frame

Frame: https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 01F5D1FA30EA257578A90CF0CD66AC00
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&dcc=t
Frame ID: C2D3D0041FA4675655AC7B1215D337C9
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=360634848&size=320x480&cc=CA&chnm=HARMONY&pid=8POPGE52H&tpid=TG41K38&https=1&vif=2&requrl=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&nse=5&vi=1660292219385956852&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&bae=B44egagqBq&bcpf=B48fOnRrolnfOur84egagqBq&bdrId=294&bid=325626&ntv=0&matchstring=hr%3D0%7Cbcat%3D500121%2C501025%2C500780%2C500273%2C500532%2C99603%2C501011%2C501082%2C500008%2C101884%2C500786%2C500900&kttle=SafeFrame%20Container&katpre=1&katbid=-102&pgid=p0442255615t202208120816&goent=1&htmlsrc=1&allsc=QC
Frame ID: AB947E360ECCFB502FE0B60797BE0914
Requests: 7 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C4%2C20000%2C313%2C10000%2C9%2C319%2C294&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 3D1A68B88EFBEB0E4819E241A7DD23F1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8EDA4245D398D875F0577D577C8FED01
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: F4F381EE90E9ADC51CEBA9559E35A3C2
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=70B1E182-C5A6-4B0E-914D-DCB16A48E702
Frame ID: 2EBAAB01E22BC03575E5D31EA6CDB4C4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YvYMeQAF1xc1xgA0&gdpr=0&gdpr_consent=
Frame ID: AAFB0569CCCFADBCBF27BA28322AAD81
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b4cf62f6-0c7b-4900-ab8c-6e8655895a65&gdpr=0&gdpr_consent=
Frame ID: E69D456AE659B8FC37F95A907534AC91
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADwMk7F7BkAABENckpF8w
Frame ID: 1006702DE8F8EDBC3FD22C92627D416A
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 6A8F9A63CE3CFF23BAF5BF57AA353274
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 910A62299622D0DC80CCC0FAE6D9E62A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=23234c52-1a17-11ed-9465-f3edc820c7ab
Frame ID: 7E66CB4579356A8C0C2E3B29DCC45949
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=s2-c1UJiToJucJinG1V3nJU4mbM
Frame ID: F6D1CEECFAD485AEE7B936527692D0BE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005
Frame ID: 8B3D03FBFAA07F6513B67A0133706FFB
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=70B1E182-C5A6-4B0E-914D-DCB16A48E702
Frame ID: C7E86E671DF22BBD3C1B43F72D98D65A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=685754946922
Frame ID: 77F8DE95717ED5581082A0691E908E75
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EuNKy5Se1OmpQM5&gdpr=0&gdpr_consent=
Frame ID: 32BC9D54BFF99B198DF12845B56CBF3C
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 03FE4412E5E39F1D4CF7FDC6BDA0A9A5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7135786191051565085
Frame ID: B4F5C7C3377A6AA5BC9316C88DAB85E0
Requests: 1 HTTP requests in this frame

Frame: https://s.seedtag.com/cs/cookiesync/pubmatic?channeluid=70B1E182-C5A6-4B0E-914D-DCB16A48E702
Frame ID: 46D78C72F51BAAF9D70EA4545C3BAAC2
Requests: 1 HTTP requests in this frame

Frame: https://config.seedtag.com/standard-iframe/index.v1.html
Frame ID: D4ECA0C22B25E7C596D3607D8A35A667
Requests: 7 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Frame ID: 5EC6DEF81496CBA62AE7FC64A386872C
Requests: 8 HTTP requests in this frame

Frame: https://config.seedtag.com/standard-iframe/index.v1.html
Frame ID: DF5C01F8F705623AD72D5F7BC1DB9E4C
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 887E430D1B0B0CE205C81CCB969F1BC0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D37CC4D92CE89DA5F3A4061881841483
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 1030380D45917D0927B382C36E631176
Requests: 4 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=e0a062c9-8bf8-48ab-bf86-90e0df03fa89&biddername=55&key=4838819436260598658
Frame ID: 3CD26AA09BFD6F9E9E74FFEA896D4BD1
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Frame ID: ED24D0ED1AE8CDA286F6528AD1739E64
Requests: 3 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=e0a062c9-8bf8-48ab-bf86-90e0df03fa89&biddername=2&key=22d04db5-1a17-11ed-9272-185744bf0403
Frame ID: D328647733912097AA0B88725BE37ACF
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=e0a062c9-8bf8-48ab-bf86-90e0df03fa89&biddername=72&pid=5e0e296628a061270b21ccab&key=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341
Frame ID: 99312E4652D1EC3190B33C997E53523D
Requests: 1 HTTP requests in this frame

Frame: https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 4B0AA649A7541CA6E05BFFD4F0EE915C
Requests: 31 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=271858&extuid=4838819436260598658
Frame ID: 906DD6F5C88044E3783054D9C9FA7DA9
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: 5740A20B94DBDDCB154DC73C6EF49E69
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=488792&extuid=y-RydbI5hE2uFDB9iSgTjz3M_1h9BFwOrDNIvwXc0-~A
Frame ID: 3D693150A624EE32AAA54729B2541111
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Frame ID: 0298BD5FE10B06C9744FA601F0102E38
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 6FF366A462C530E3350A953FAB73928F
Requests: 16 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: E02087772B232806DEC82A6924BD76B1
Requests: 10 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: EA90D3FDFE4BDF45A6AC94274AD69720
Requests: 6 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Frame ID: 9F505A6F3AD72681E859579362D2FBE9
Requests: 5 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAEgkzftH-yeAMPLsUdAAAAAAA&expiration=1660378620&is_secure=true
Frame ID: 8BF4AA470F49BCE2BD816AC83DDB8082
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=4838819436260598658&ex=appnexus.com
Frame ID: 1F11E60BB3A2196A164A8313B92E3499
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4436417915014705237908
Frame ID: 3A64C7CF7D51E8567EE95CD4A37DA8BC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEJvK6wEYv43-zwEwAQ&v=APEucNUkkp0Oyl1SMAe365k-jrf8dO1f3XlCJ4cekUDr0U-EmDNhEThUafN7l0L_7y7VVW_UW_vWaXX-_3xG43Tja89YM33fKw
Frame ID: 7DC88F8E067F50F83DEA64EA8E253AE3
Requests: 5 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292218648,,
Frame ID: 0A083981330F1D9A2D5797905BD33BF1
Requests: 4 HTTP requests in this frame

Frame: https://ssl.connextra.com/Bet99/selector/client?client=Bet99&placement=DDM_APN_SB_ACQ_CA_FR_300x600&_cb=1703633298&apnauc=8177659082346338560&bidid=8177659082346338560&dspid=3bc1d7fd2e&tclk=https://nym1-ib.adnxs.com/click?RHzTS-GUzj9eIGJ-ugTJPwAAAGC4Hg1Axvp054r80j9MGqN1VDXXPwAZgLmb4Xxx1ixF5FIkYmR6DPZiAAAAAAX9XAGpDwAAmBwAAAIAAAB0LAIWRVUlAAAAAABVU0QAQlJMACwBWAJPgQAAAAABAgUCAAAAAKoA8iIKngAAAAA./bcr=AAAAAAAA8D8=/cnd=%21JBaFjwj59bUZEPTYiLABGMWqlQEgACgAMZqZmZmZme0_OglOWU0yOjU3MTJAgi9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjU3MTI=/bn=92138/clickenc=
Frame ID: 834C53CF617DFFE00E55A3AB971816AB
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=4009&pub_id=1986072
Frame ID: 8E126627725EBF72A719DCB301EB7E97
Requests: 3 HTTP requests in this frame

Frame: https://ssl.connextra.com/Bet99/selector/client?client=Bet99&placement=DDM_APN_SB_ACQ_CA_FR_728x90&_cb=1048614941&apnauc=803934936762951719&bidid=803934936762951719&dspid=3bc1d7fd2e&tclk=https://nym1-ib.adnxs.com/click?RHzTS-GUzj9eIGJ-ugTJPwAAAAAAAA5AsN1KavnV1j8noImw4enbPycoSMiQJigL1ixF5FIkYmR6DPZiAAAAAAH9XAGpDwAAmBwAAAIAAAB-LAIWRVUlAAAAAABVU0QAQlJMANgCWgBPgQAAAAABAgUCAAAAAKoANiJsIwAAAAA./bcr=AAAAAAAA8D8=/cnd=%21MxbmlAj59bUZEP7YiLABGMWqlQEgACgAMZqZmZmZme0_OglOWU0yOjQ0NzVAgi9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjQ0NzU=/bn=87217/clickenc=
Frame ID: DC0BB62B2F2882E559FF1F6217A6C416
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=4009&pub_id=1986072
Frame ID: 7B757CDFB68B0BB27D58518C6D7D36F7
Requests: 3 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=3f4262f6-0c7b-4700-a042-2230177506f6&gdpr=&gdpr_consent=
Frame ID: 71A2400A8C3FBB2D2DC597A3D6D4E958
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=YvYMeQAF1xc1xgA0&gdpr=&gdpr_consent=
Frame ID: 7F79088CC282BF792C13649A9887CBCC
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV83MmIxM2U2Ni04NjM4LTRiZGMtOTc1YS0yZWVjMGY2ZTEzMjE=&gdpr=&gdpr_consent=
Frame ID: 4B1786171E378FEDBF1D4630DAC3A64D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: DA64CBDA20DCBEE3D39447F639CD8785
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=b88f2951-bac5-41e7-bff4-9adb35ec6b09
Frame ID: DFC418546D4762E1229E469D47480E07
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&i=4838819436260598658brt53611660292219594232ab
Frame ID: 7DA52512466F8DF6805D2B0715035287
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=YvYMfcCo5ssAAGs0pLYAAAAA
Frame ID: 6411D76883AC4268F59F0398F1A2200F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=zyA5VdCCDerQ1QP3TvEu&pi=gumgum
Frame ID: 9AF8BFF4E45E15A86F4D1F02620556A4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 9C0024E9CFD4D62A1A794CC9612A004B
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: FFAB5D97DD8F7FFE7695060BF35EE0B7
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15305731331847383697/index.html
Frame ID: 4295B3601029E3AB92F6F0C1BBC2649D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DCFEC768F306BE5E62CFEC735F2018DA
Requests: 9 HTTP requests in this frame

Frame: https://ssl.connextra.com/servlet/controller?service=DDM_SB_ACQ_CA_FR_MLBJun2022_728x90&pubhost=config.seedtag.com&apnauc=803934936762951719&tclk=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRHzTS-GUzj9eIGJ-ugTJPwAAAAAAAA5AsN1KavnV1j8noImw4enbPycoSMiQJigL1ixF5FIkYmR6DPZiAAAAAAH9XAGpDwAAmBwAAAIAAAB-LAIWRVUlAAAAAABVU0QAQlJMANgCWgBPgQAAAAABAgUCAAAAAKoANiJsIwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21MxbmlAj59bUZEP7YiLABGMWqlQEgACgAMZqZmZmZme0_OglOWU0yOjQ0NzVAgi9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NzU%3D%2Fbn%3D87217%2Fclickenc%3D&client=Bet99&dspid=3bc1d7fd2e&placement=DDM_APN_SB_ACQ_CA_FR_728x90&bidid=803934936762951719&_cb=1048614941
Frame ID: 8AC93AD68EB0EBE1E76ED876C136C4F8
Requests: 3 HTTP requests in this frame

Frame: https://ssl.connextra.com/servlet/controller?service=DDM_SB_ACQ_CA_FR_FootballJun2022_300x600&pubhost=config.seedtag.com&apnauc=8177659082346338560&tclk=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRHzTS-GUzj9eIGJ-ugTJPwAAAGC4Hg1Axvp054r80j9MGqN1VDXXPwAZgLmb4Xxx1ixF5FIkYmR6DPZiAAAAAAX9XAGpDwAAmBwAAAIAAAB0LAIWRVUlAAAAAABVU0QAQlJMACwBWAJPgQAAAAABAgUCAAAAAKoA8iIKngAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21JBaFjwj59bUZEPTYiLABGMWqlQEgACgAMZqZmZmZme0_OglOWU0yOjU3MTJAgi9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjU3MTI%3D%2Fbn%3D92138%2Fclickenc%3D&client=Bet99&dspid=3bc1d7fd2e&placement=DDM_APN_SB_ACQ_CA_FR_300x600&bidid=8177659082346338560&_cb=1703633298
Frame ID: CDC0814B173E2425C29BFF7F5D955D8A
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 6CDC6D00FCE5277187B9769831B48E1E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E17AFEA18B311C2DC7955BD2E1F61DFD
Requests: 3 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Frame ID: E770E405BBE54D44E6D7DB72F0DABF3A
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292218648,,
Frame ID: AAA5C4D65AFDFCF2A8ABAC09408E2CA5
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: D883BB4949A8A3F1F1CE85D15AFACB0B
Requests: 2 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/sync?uid=2fe1084ffe44c28350116ec0a0a1c2d1&name=PUBMATIC&visitor=70B1E182-C5A6-4B0E-914D-DCB16A48E702
Frame ID: E47DF9A680B3AECFA4CC59D979B75169
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C88C5C34C18EFC3E6262D5616B3CEB3C
Requests: 2 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Frame ID: B2B4F32E9FDAC9F6889781E8563EF100
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292218648,,
Frame ID: B898CFE1009B299420E3E6F9F5664710
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 6F52E0F622F0560F7F6BA123FE4C4BC5
Requests: 2 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=448580&extuid=70B1E182-C5A6-4B0E-914D-DCB16A48E702
Frame ID: 67886CD8FB0C95E37FFF3F2D3557E8BE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 24252F05FCFA663E83222887C8D7D1B4
Requests: 4 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: F08749A891470C79A7AFE9AB3C5A19E3
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 827DE76936B08935BE6D5FE3D4238802
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: C671AAE1D8031ECF35B5B9E9F064727E
Requests: 6 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Frame ID: 2D57FB8F3B493D85D3CF6DB74B416EBE
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292224644,,
Frame ID: BF0CB86A82A2C5B757F13BADBC08DD03
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 2CC3038395BE9AAF81C4C07D5326A406
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Frame ID: 45037E7BDC110E7AD0DB612034AC60F3
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292224644,,
Frame ID: D9407D6304134A6BB2A39F40CD25FA82
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 0F70E97898C0B84FF5CBA5CAE02C118A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 78030E4C23E4B2C7B1CDCB96033157E7
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 3F41F9D6500EC2350F5A4F3CA0A2110C
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 5B626163E859B03ED971AD8CECC9ABED
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 5161CA9746241A2417EA0C436F3ED715
Requests: 5 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Frame ID: 4F137C7E2DCBA7528662DB0326A47AEC
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292227658,,
Frame ID: 0EDB8C869951A706D28317FA953E46B3
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5A42AAB26E95860DAB51B7D7AFA561B2
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Frame ID: C78078992D9D8132888A536BD872C9C5
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292227658,,
Frame ID: 18590277D3AD0B666E2A6D7571B21A24
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 91AA1E67C28FEA4A8DA2757A9E768372
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: FB2414019FBFCD52EDAE24FE07A6C6C5
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 71851DD59327B560F95D39DCC16F2EFF
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 8C99C331434BD5FC59E3DD5339FEEDBD
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 1712D33F36508D08F7EA50208A6F1034
Requests: 5 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Frame ID: ADC50C644710A370F54DCE32659ADC4C
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292230256,,
Frame ID: 717DE8509C1391B7A8E2F1CE915532AD
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C98E6F30156A41A9EA3FC9D968DBD9A7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 00FC5FEB92E1D124D12980216DF358DB
Requests: 2 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=de65e540-1353-4e70-af8f-72c6944458e2&gdpr=0
Frame ID: 2774895410C4E850649E82C08D283142
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9FCF17FDB1FA6D2BBBA79BEDFC1F12CC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Frame ID: 16FAC9FFF00146AF07C9DE2E8068C8D0
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0F74C6DE42B217AA149BF9D8DC1A2B17
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2410EL&prvid=77&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 0DD1F701BA7AFC021443328BE8201475
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fglamour.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 49901CA6150ED79808DA0CBFCC454036
Requests: 10 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Frame ID: 00A6306D5AB9FB4119764B8E82C1B764
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292230256,,
Frame ID: AD2238B7F8CCAF4D2B2738639F12C8E7
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 0A8CF25DEFE8E4FE8A83DDDF6CB701B1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: B75AC59ABF93D9B6933963334F6552B3
Requests: 7 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 333780088585B2F8CE32961BA05F9CC8
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: F291B0C6FE174B77EACD61D868A2CAB9
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 6400EBBAE60B5397919FA3B64C61E711
Requests: 3 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Frame ID: C6C2F287D12DEE7D794D9E86E09BA24B
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292233567,,
Frame ID: F07A2502F638AAD67CDDCDAECF911061
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5766C1ACB73A8EB1EC28104856EF44DD
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Frame ID: BD8D13B8648A1CDC7B685CF814C527C4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Melhores do ano: os memes mais engraçados de 2019 | Lifestyle | Glamour

Page URL History Show full URLs

  1. https://www.protocolo7em7.com.br.hackeandoansiedade.space/ Page URL
  2. https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.g... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • tag\.navdmp\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

992
Requests

76 %
HTTPS

21 %
IPv6

149
Domains

292
Subdomains

178
IPs

12
Countries

9763 kB
Transfer

30685 kB
Size

342
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.protocolo7em7.com.br.hackeandoansiedade.space/ Page URL
  2. https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58
  • https://id.globo.com/auth/realms/globo.com/protocol/openid-connect/auth?client_id=glamour%40apps.globoid&redirect_uri=https%3A%2F%2Fglamour.globo.com%2Flogin-callback.ghtml&state=17dfd93e-78d7-46e2-ae24-5b97caf1ea9c&response_mode=fragment&response_type=code&scope=openid&nonce=a04aeb70-ff51-4f7f-888a-97885cb2e75c&prompt=none&code_challenge=C6hj_xR9mv0jCR9tJlOxIEE9OIJvzgQg95pK3QuD3Hw&code_challenge_method=S256 HTTP 302
  • https://glamour.globo.com/login-callback.ghtml
Request Chain 66
  • https://sb.scorecardresearch.com/c2/6035227/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 68
  • https://sb.scorecardresearch.com/p?c1=2&c2=6035227&ns__t=1660292214926&ns_c=UTF-8&c8=Melhores%20do%20ano%3A%20os%20memes%20mais%20engra%C3%A7ados%20de%202019%20%7C%20Lifestyle%20%7C%20Glamour&c7=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&c9=https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=6035227&ns__t=1660292214926&ns_c=UTF-8&c8=Melhores%20do%20ano%3A%20os%20memes%20mais%20engra%C3%A7ados%20de%202019%20%7C%20Lifestyle%20%7C%20Glamour&c7=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&c9=https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F
Request Chain 117
  • https://usermatch.krxd.net/um/v2?partner=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=UEEyZ1M4Zzc HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEM8myiSmXJhcEUmEdX5NJ80&google_cver=1
Request Chain 118
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=UEEyZ1M4Zzc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm=&google_hm=UEEyZ1M4Zzc&google_tc= HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEM8myiSmXJhcEUmEdX5NJ80&google_cver=1
Request Chain 120
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://gum.criteo.com/sync?s=1&c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=FeZ3bjMLb2l4KnqUYzAkmV-VKxuzMz5z
Request Chain 122
  • https://dpm.demdex.net/ibs:dpid=66757&&dpuuid=PA2gS8g7 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=66757&&dpuuid=PA2gS8g7
Request Chain 123
  • https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fadnxs_uid%3D%24UID HTTP 302
  • https://beacon.krxd.net/usermatch.gif?adnxs_uid=7468824964832256333
Request Chain 124
  • https://ib.adnxs.com/mapuid?member=1780&user=PA2gS8g7 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember%3D1780%26user%3DPA2gS8g7
Request Chain 127
  • https://usermatch.krxd.net/um/v2?partner=sitescout HTTP 302
  • https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=PA2gS8g7 HTTP 302
  • https://pixel-sync.sitescout.com/connectors/krux/usersync?cookieQ=1&foreign_id=PA2gS8g7
Request Chain 128
  • https://usermatch.krxd.net/um/v2?partner=verizon HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=KRUX&_hosted_id=PA2gS_tb HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-rhhegqxE2puwUPmBW8Vg30kix6VFertPLA--~A
Request Chain 129
  • https://usermatch.krxd.net/um/v2?partner=navegg HTTP 302
  • https://sync.navdmp.com/sync?prtid=30&salid=PA2gS_tb
Request Chain 130
  • https://sync.1rx.io/usersync/krux/PA2gS8g7?dspret=1 HTTP 302
  • https://sync.1rx.io/usersync/krux/PA2gS8g7?zcc=1&cb=1660292216101 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005
Request Chain 168
  • https://usermatch.krxd.net/um/v2?partner=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=UEEyZ1NfdGI HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEM8myiSmXJhcEUmEdX5NJ80&google_cver=1
Request Chain 169
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=UEEyZ1NfdGI HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEM8myiSmXJhcEUmEdX5NJ80&google_cver=1
Request Chain 171
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=_TuwO9beujRk8qjagnCzNQqCL7sJZVt5
Request Chain 174
  • https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID HTTP 302
  • https://beacon.krxd.net/usermatch.gif?adnxs_uid=4838819436260598658
Request Chain 178
  • https://usermatch.krxd.net/um/v2?partner=sitescout HTTP 302
  • https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=PA2gS_tb
Request Chain 179
  • https://usermatch.krxd.net/um/v2?partner=verizon HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=KRUX&_hosted_id=PA2gS_tb HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-rhhegqxE2puwUPmBW8Vg30kix6VFertPLA--~A
Request Chain 180
  • https://usermatch.krxd.net/um/v2?partner=navegg HTTP 302
  • https://sync.navdmp.com/sync?prtid=30&salid=PA2gS_tb
Request Chain 181
  • https://sync.1rx.io/usersync/krux/PA2gS_tb?dspret=1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005
Request Chain 244
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&rid=esp&cc=1
Request Chain 269
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=63852340.877525111619857892.8907135 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=63852340.877525111619857892.8907135 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=vidoomy&ssp_user_id=9f6c8083-3ab4-40a9-9e61-00d2d73f3398&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171119158&expires=5&ssp=vidoomy HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
Request Chain 270
  • https://ups.analytics.yahoo.com/ups/58610/occ HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-RydbI5hE2uFDB9iSgTjz3M_1h9BFwOrDNIvwXc0-~A
Request Chain 275
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YvYMeQAF1xc1xgA0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YvYMeQAF1xc1xgA0&_test=YvYMeQAF1xc1xgA0
Request Chain 277
  • https://match.adsrvr.org/track/cmf/openx?oxid=bf0814c8-8713-7f15-f193-80fa1b3f1803&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=bf0814c8-8713-7f15-f193-80fa1b3f1803&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=b88f2951-bac5-41e7-bff4-9adb35ec6b09&ttd_puid=bf0814c8-8713-7f15-f193-80fa1b3f1803&gdpr=0&gdpr_consent=
Request Chain 279
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELmN36-sraMgrMXgcOXCG_c&google_cver=1
Request Chain 298
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=globo.com&sn=ChromeSyncframe&so=0&topUrl=glamour.globo.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=-A9uCnw2dUxiN2I5UzB6RUFOTG1WcGNtR0ErQUZBeW81SzRLMllpN3VxZEFBMjIva1BkY3dmNXhPK1FzYXBtRzBxbDFFa0FVQ3pqWjQ4NHUrTzZoSkxjWmdKcUlZUlVOWG9JUnVtWGtqQnJldmNndi90M21Ybkg4V3QzOHhIaW9yKzZKRmlBK21XMUhwdngwVExEbktaTkFCWDZhcStocmZXVUtBMis0Y1ZxMkMvbkhrU2s0YjkyL3FDdEZoYjVxTyt5OUZFalF2bS9URmhsN1JwTTZQNVZHM3BaWVpuMWEyeE03QzRoQ2JlYnFKY3JWSkZWYkpBUnprUWpaNWplUUNGdFg2YUFwQ1ZHV2tTUzBDN3Q3Y0dqV2c1Zz09fA&cppv=2
Request Chain 303
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=88eb908e-5dfe-4ec7-833a-5227d044befc
Request Chain 304
  • https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
  • https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=UGTTQcVQlqk HTTP 302
  • https://event.clientgear.com/gogocookie/lkqd?partner=lkqd&cookieid=UGTTQcVQlqk
Request Chain 305
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP 302
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=bOll4Qjr4tk&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=5adfff11-2848-4efa-8e23-450b71d53f6e
Request Chain 306
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3771674138080112227
Request Chain 307
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=edfhvYOPR3p3rcJGW7LBwJU4mbM
Request Chain 308
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=779dc6d7-1e55-47c6-b42b-4e6acd827fa5
Request Chain 309
  • https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
  • https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=cK_eA7gHoeQ HTTP 302
  • https://event.clientgear.com/gogocookie/lkqd?partner=lkqd&cookieid=cK_eA7gHoeQ
Request Chain 310
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP 302
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=aer5FF8RdmQ&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=5042e837-c4e3-489a-a4a5-589d957654b0
Request Chain 311
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4276077296345607779
Request Chain 312
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=s2-c1UJiToJucJinG1V3nJU4mbM
Request Chain 336
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fglamour.globo.com%2F&domain=glamour.globo.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=YZmJyXxETUNWWlNZT3FOS0NDVEh4cnVvbFhjdk84aDNQSXJiWDZSNHorZ0FjQXF0dlE0dUIrTWlpNU5CQnYrcTdaYVRIN2gyekZJZFdjaUl3VDFIdm1Fdjh1SW8vSmVXMVhlM2hNbU5wS2ozcGVESjNVb1NYUkRGdm5ibUZpNjFpZVBpRktBTDdIcnpHRXhuZnlScStkeW1kdUZjV1daLzV3RHVEeU1NREVTUTUyblh0eXM1cXVmZGhVUW55U1BKLzF1Nzh5L3daSEFIMFVvb0tJckg0ekdkdXVycmxQTU5WZlBsOGtFOUdxZGtkcitLd2ZPbHhGZlNZRWNueVlZS1J5WWJldFJobzllR3RJYXV1NjlabG1hd1A0UT09fA&cppv=2
Request Chain 347
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4276077296345607779
Request Chain 348
  • https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID HTTP 302
  • https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_612ffa93-2cdc-4884-875c-60673a5fb803
Request Chain 350
  • https://cs.lkqd.net/cs?partnerId=85&redirect=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db30%26u%3D%24%24rawlkqduserid%24%24%26redirect%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D85%2526partnerUserId%253D%2524TF_USER_ID_ENC%2524&r=if HTTP 302
  • https://a.tribalfusion.com/i.match?p=b30&u=cK_eA7gHoeQ&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$ HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b30&u=cK_eA7gHoeQ&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$ HTTP 302
  • https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662274873668342
Request Chain 351
  • https://match.prod.bidr.io/cookie-sync/lkq HTTP 303
  • https://match.prod.bidr.io/cookie-sync/lkq?_bee_ppp=1 HTTP 303
  • https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AADwMk7F7BkAABENckpF8w
Request Chain 360
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=seedtag&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Request Chain 363
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1660292218712&pubconsent=&euconsent=&hasConsent=1 HTTP 302
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1660292218712&pubconsent=&euconsent=&hasConsent=1&rd=1
Request Chain 364
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Request Chain 368
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fappnexus%3Fchanneluid%3D%24UID HTTP 302
  • https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=4838819436260598658
Request Chain 369
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=3050&url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsmart%3Fchanneluid%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=3050&url=https://s.seedtag.com/cs/cookiesync/smart?channeluid=[sas_uid]&cklb=1 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/smart?channeluid=8768218848017526935
Request Chain 370
  • https://b1sync.zemanta.com/usersync/seedtag?puid=&gdpr=0&gdpr_consent=&us_privacy=$USPCONSENT&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__ HTTP 302
  • https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=&gdpr=0&us_privacy=$USPCONSENT
Request Chain 371
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=5jrh0rv&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://s.seedtag.com/cs/cookiesync/ttd?channeluid=b88f2951-bac5-41e7-bff4-9adb35ec6b09
Request Chain 372
  • https://x.bidswitch.net/sync?ssp=seedtag&user_id=&gdpr=0&gdpr_consent=&us_privacy=$USPCONSENT HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=seedtag HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=seedtag HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=bc77cc45-fdc5-4c9d-aaa4-0c86ddd72db0&ssp=seedtag HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
Request Chain 373
  • https://sync.search.spotxchange.com/partner?adv_id=8651&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fspotx%3Fchanneluid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8651&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fspotx%3Fchanneluid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=22d01a44-1a17-11ed-acf0-145284e10403 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/spotx?channeluid=22d04db5-1a17-11ed-9272-185744bf0403
Request Chain 374
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Frichaudience%3Fchanneluid%3D%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcs.seedtag.com%2F HTTP 303
  • https://spl.zeotap.com/?zdid=689&env=mWeb&eventType=pageview HTTP 302
  • https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=693065af-7793-4fce-4717-ba495f2f35d6&env=mWeb&eventType=pageview&id_mid_4=693065af-7793-4fce-4717-ba495f2f35d6&reqId=d5a7f02c-2cc7-4c73-5aee-3cb4d611479d&zdid=689
Request Chain 375
  • https://sync.search.spotxchange.com/partner?source=249286 HTTP 302
  • https://sync.search.spotxchange.com/partner?source=249286&__user_check__=1&sync_id=22d04dfd-1a17-11ed-9272-185744bf0403 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D&uid=CAESEBUuTVgII-7c7NRcBaVaff0&google_cver=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=spotx&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7028&uid=b88f2951-bac5-41e7-bff4-9adb35ec6b09&img=1 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YvYMeQAF1xc1xgA0&img=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/sx?gdpr=0&gdpr_consent= HTTP 303
  • https://sync.search.spotxchange.com/partner?adv_id=8304&uid=AADwMk7F7BkAABENckpF8w&gdpr=0 HTTP 302
  • https://sync.springserve.com/usersync?redirect_url=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D8876%26uid%3DSS_UUID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8876&uid=3d3621c0-cb59-4e32-b129-d62129eb503c HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=44&gdpr=0&gdpr_consent= HTTP 302
  • https://tags.bluekai.com/site/17724?id=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341&redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D7308%26uid%3D3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7308&uid=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=30&redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6653%26uid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6653&uid=3f4262f6-0c7b-4700-a042-2230177506f6&gdpr=0&gdpr_consent=
Request Chain 376
  • https://ad.360yield.com/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=ea9885a8-0f84-4e27-872a-648e2874a0f2
Request Chain 377
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191730&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D&s=191730&C=1 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=YvYMeptZyA.1HFbuQyqMsAAA%26479
Request Chain 378
  • https://ups.analytics.yahoo.com/ups/58427/occ HTTP 302
  • https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-RydbI5hE2uFDB9iSgTjz3M_1h9BFwOrDNIvwXc0-~A
Request Chain 380
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsovrn%3Fchanneluid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsovrn%3Fchanneluid%3D%24UID&sovrn_retry=true HTTP 307
  • https://s.seedtag.com/cs/cookiesync/sovrn?channeluid=FIewiLZHvvFnkDbISHKtAJTx
Request Chain 384
  • https://match.prod.bidr.io/cookie-sync/lkq HTTP 303
  • https://match.prod.bidr.io/cookie-sync/lkq?_bee_ppp=1 HTTP 303
  • https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AADwMk7F7BkAABENckpF8w
Request Chain 386
  • https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID HTTP 302
  • https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_f59ee970-2706-40c0-8d02-a96a6b530af8
Request Chain 388
  • https://sync.1rx.io/usersync2/lkqd HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1239820626 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/b88f2951-bac5-41e7-bff4-9adb35ec6b09 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D7%26partnerUserId%3DRX-505d6b14-b8dd-4151-861b-7b8be62c9851-005 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005
Request Chain 389
  • https://x.bidswitch.net/sync?ssp=lkqd HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=lkqd&bsw_custom_parameter=9f6c8083-3ab4-40a9-9e61-00d2d73f3398 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=lkqd&bsw_custom_parameter=9f6c8083-3ab4-40a9-9e61-00d2d73f3398 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=10e60be2-121c-4a78-ad2a-b2bc2b15a74a&ssp=lkqd&expires=30&user_group=5&bsw_param=9f6c8083-3ab4-40a9-9e61-00d2d73f3398 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=12&partnerUserId=9f6c8083-3ab4-40a9-9e61-00d2d73f3398&redirect=%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D43%26partnerUserId%3D9f6c8083-3ab4-40a9-9e61-00d2d73f3398%26redirect%3D%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D46%2526partnerUserId%253D9f6c8083-3ab4-40a9-9e61-00d2d73f3398 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=43&partnerUserId=9f6c8083-3ab4-40a9-9e61-00d2d73f3398&redirect=//cs.lkqd.net/cs?partnerId%3D46%26partnerUserId%3D9f6c8083-3ab4-40a9-9e61-00d2d73f3398 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=46&partnerUserId=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
Request Chain 390
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D13%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=13&partnerUserId=779dc6d7-1e55-47c6-b42b-4e6acd827fa5
Request Chain 391
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=e0d6q5j&ttd_tpi=1 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=22&partnerUserId=b88f2951-bac5-41e7-bff4-9adb35ec6b09
Request Chain 392
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3162 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3162&s_h=1 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=23&partnerUserId=f842d39a-2807-4d90-82ff-2b72e6e18d37
Request Chain 394
  • https://media.sabio.us/imp_pixel?invsrc=11&secure=1 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=39&partnerUserId=7178279213840977713
Request Chain 395
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd&s_h=1 HTTP 302
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=f842d39a-2807-4d90-82ff-2b72e6e18d37&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1266 HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/f842d39a-2807-4d90-82ff-2b72e6e18d37/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F HTTP 302
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F HTTP 302
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=f842d39a-2807-4d90-82ff-2b72e6e18d37?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1262 HTTP 302
  • https://tags.bluekai.com/site/5379?id=f842d39a-2807-4d90-82ff-2b72e6e18d37&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1263 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=281&buid=f842d39a-2807-4d90-82ff-2b72e6e18d37&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265
Request Chain 396
  • https://sync-tm.everesttech.net/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D HTTP 302
  • https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YvYMeQAF1xc1xgA0
Request Chain 397
  • https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D53%26partnerUserId%3D%25%25VGUID%25%25 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=53&partnerUserId=hMxmzlf716FU&ev=1&pid=561322
Request Chain 399
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=Y0tfZUE3Z0hvZVE HTTP 302
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEH_wnleCn6RqS9LRrUx5SWQ&google_cver=1
Request Chain 400
  • https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=76&gdpr=0&partnerUserId=gv-Pr4Su3viZrtivhvjE_dL90aGZrNv6gvRBfrwH
Request Chain 401
  • https://a.tribalfusion.com/i.match?p=b30&u=cK_eA7gHoeQ&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b30&u=cK_eA7gHoeQ&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662274873668336
Request Chain 402
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=118 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341%26partner_url%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D97%2526partnerUserId%253D3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341
Request Chain 403
  • https://s.ad.smaato.net/c/?adExInit=v HTTP 302
  • https://s.ad.smaato.net/c/?adExInit=v&cookieCheck=1 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=109&partnerUserId=6c322cab
Request Chain 404
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L6Q748YP-1X-5LKK
Request Chain 405
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEFzy_YDO2wB6CUspA27TPiU&google_cver=1
Request Chain 407
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8
Request Chain 408
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=b88f2951-bac5-41e7-bff4-9adb35ec6b09
Request Chain 409
  • https://ce.lijit.com/merge?pid=42&3pid=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 413
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=b5ec2475-b3b4-4e7c-ae4d-4ce10fdd3825
Request Chain 414
  • https://id5-sync.com/s/464/9.gif?puid=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/6/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/2/6/2.gif?puid=4838819436260598658&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMO-PxwOt7khudEAbM4oQdOGGog4hJ2pO1fy_9tag&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F5%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/3/5/3.gif?puid=3f4262f6-0c7b-4700-a042-2230177506f6&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=b88f2951-bac5-41e7-bff4-9adb35ec6b09&ttl=%%TTL%%
Request Chain 415
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=taboola&bds_param=9f6c8083-3ab4-40a9-9e61-00d2d73f3398 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=37bc2ea4-d6de-4028-8041-54e91ec2ac6d&expires=10&ssp=taboola&bsw_param=9f6c8083-3ab4-40a9-9e61-00d2d73f3398 HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
Request Chain 416
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=63a5f202-c472-42d0-9626-c25841625417 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=63a5f202-c472-42d0-9626-c25841625417&tbid=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8&query=taboola_hm%3D63a5f202-c472-42d0-9626-c25841625417&isDirect=0
Request Chain 418
  • https://eb2.3lift.com/xuid?mid=7772&xuid=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8&dongle=tbla HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Request Chain 421
  • https://sync.srv.stackadapt.com/sync?nid=140 HTTP 302
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=s2-c1UJiToJucJinG1V3nJU4mbM
Request Chain 422
  • https://x.bidswitch.net/sync?dsp_id=453&user_id=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
Request Chain 424
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=3832f7eb-6d12-4e42-833d-817cba42bcb7
Request Chain 451
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2fa9fdb29%26visitor%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=4838819436260598658&gdpr=0&gdpr_consent=
Request Chain 452
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26visitor%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=4838819436260598658&gdpr=0&gdpr_consent=
Request Chain 453
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=adyoulike HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=adyoulike HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=4985186688463408566&ssp=adyoulike HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=9f6c8083-3ab4-40a9-9e61-00d2d73f3398&name=BIDSWITCH
Request Chain 454
  • https://creativecdn.com/cm-notify?pi=adyoulike HTTP 302
  • https://creativecdn.com/cm-notify?pi=adyoulike&tc=1 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=zyA5VdCCDerQ1QP3TvEu&name=RTB_HOUSE&pi=adyoulike&tc=1
Request Chain 456
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=b88f2951-bac5-41e7-bff4-9adb35ec6b09&name=THE_TRADE_DESK
Request Chain 457
  • https://match.prod.bidr.io/cookie-sync/aul HTTP 303
  • https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AADwMk7F7BkAABENckpF8w&name=BEESWAX
Request Chain 458
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visitor%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=EuBSRz1bwaIrjLFeZgEv&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGNZQW2ZJ5LJCU2QKOKRAV6QSBJZHEKURGOR2GYPJXGIYCM5LJMQ6WEZDFMY3GEZBZGVRDONBVGBRDIZJWGJQTGMTEMI4GGN3EHBRTSZBGOZUXG2LUN5ZD2RLVIJJVE6RRMJ3WCSLSNJGEMZK2M5CXM&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGNZQW2ZJ5LJCU2QKOKRAV6QSBJZHEKURGOR2GYPJXGIYCM5LJMQ6WEZDFMY3GEZBZGVRDONBVGBRDIZJWGJQTGMTEMI4GGN3EHBRTSZBGOZUXG2LUN5ZD2RLVIJJVE6RRMJ3WCSLSNJGEMZK2M5CXM HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=EuBSRz1bwaIrjLFeZgEv
Request Chain 459
  • https://sync.e-volution.ai/4460e88f3323cf4d9f4263656a846075.gif?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dfcd0c0bfff5af32579cdcdb6ff804bf8%26visitor%3D%5BUID%5D%26name%3Devolution&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=fcd0c0bfff5af32579cdcdb6ff804bf8&visitor=9930cb3e-b9bc-4f8d-ba6b-6a95d8294df3&name=evolution
Request Chain 460
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdpr_consent= HTTP 307
  • https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=779dc6d7-1e55-47c6-b42b-4e6acd827fa5%20&gdpr_consent=null&gdpr=0
Request Chain 461
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visitor%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=CAj9tp6lCQS85i0jAlFa&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGNZQW2ZJ5LJCU2QKOKRAV6TSBKREVMRK7GFPTEJTUORWD2NZSGATHK2LEHVTDEZBZGEZTMY3GGUZWIZLEMU3WMOBTMJQTCNRRG4YWCMZXMZSGIJTWNFZWS5DPOI6UGQLKHF2HANTMINIVGOBVNEYGUQLMIZQQ&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGNZQW2ZJ5LJCU2QKOKRAV6TSBKREVMRK7GFPTEJTUORWD2NZSGATHK2LEHVTDEZBZGEZTMY3GGUZWIZLEMU3WMOBTMJQTCNRRG4YWCMZXMZSGIJTWNFZWS5DPOI6UGQLKHF2HANTMINIVGOBVNEYGUQLMIZQQ HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=CAj9tp6lCQS85i0jAlFa
Request Chain 462
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_user_id%7D HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=0801220407eff893dbec616e
Request Chain 463
  • https://sync.srv.stackadapt.com/sync?nid=33 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-b36f9cd5-4262-4e82-6e70-98a71b55779c$ip$149.56.153.179&name=STACKADAPT
Request Chain 464
  • https://sync.search.spotxchange.com/partner?adv_id=8778&redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D5a6dfefcb43521ff293762793ad668db%26visitor%3D%24SPOTX_USER_ID%26name%3DSPOTX HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=5a6dfefcb43521ff293762793ad668db&visitor=22d04db5-1a17-11ed-9272-185744bf0403&name=SPOTX
Request Chain 465
  • https://ads.stickyadstv.com/user-matching?id=3538&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=7ab967d40b91570ff51c4cdaa51fe5d6&name=FREEWHEEL&visitor=d1da37587edc87dd7d8c185575c8f6
Request Chain 466
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=c5cd35f8-357b-4232-8d3a-f00d790b0b65&name=BIDTELLECT
Request Chain 472
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Request Chain 473
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Request Chain 481
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=seedtag&khaos=L6Q748YP-1X-5LKK HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=L6Q748YP-1X-5LKK
Request Chain 482
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=globo.com&sn=ChromeSyncframe&so=3&topUrl=glamour.globo.com&bundle=tOY38l8lMkZRODhicWlTMjhscXBiTWM3MTduWFN4QkJCMlAlMkZCJTJGek1STFlieGFDYmFISUk3RGFYR3FiRmpRSnlkZFN2QW1tc21mb3Vobkg5U2YzNXhzeHZQMWVxYUM0NHpHRnJVU2ZLZGZkN3ZhT0ZVaHpXdVNNcE5wZWw2MWtBOW1hbDgxNyUyRkNSbjZXamEzQnY1S3RWQmRmODdTUSUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=yeuqY3xPNGZUbDdTamlKWWhUOGd1L2J6WVNpQ1A3bnBuNFFwRjZkeWlTYzJCUEJlOER5WW1IMnF4RCtWc1d4UU5leTVSRG45M3A0U0lrcjBYMWljeXNURkEwcW41cTdPNXg5ZmUrbUppV3VKWktKOXN2QTFmTWlYMlEwMDVaZW9pRk1TR0wxekpGdFQ3bEd0enlxZ1QyOVFYRXVPOFhkWUpTcXBmWHQ0eXhiblAvSUNYKzlReTFsZExHY1VWQzNvMHpabWZDWmlUKzJvTEFBUjY3NEdnd3VoeTluZ053MkgwQXcxcisvTjZ6TkJNMWdBa0VRYkQwMmVYQ2tjdXVlSkU1VUY1dm5FZllUQk1XblJGY2c0a3JHek9SZz09fA&cppv=2
Request Chain 488
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&dcc=t
Request Chain 497
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Request Chain 498
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L6Q748YP-1X-5LKK
Request Chain 499
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b88f2951-bac5-41e7-bff4-9adb35ec6b09&gdpr=0&gdpr_consent=&expires=30
Request Chain 500
  • https://id.rlcdn.com/709414.gif HTTP 307
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Request Chain 501
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/JzIdCHZSXTdKJL00lKLIBcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=681337929651169845
Request Chain 502
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6Q748YP-1X-5LKK&sigv=1&esig=2~f67e30361488b371d47aaa172aedc0e2b217c6d0
Request Chain 503
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODU4ODI5ZWI1ZDg3NGQwYmY2NTFhNWQ0OWVhMTZiZWEzODQ4YTZjYQ
Request Chain 504
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=PbkjCde4RK28kiq48Qqh9A&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=PbkjCde4RK28kiq48Qqh9A
Request Chain 506
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&khaos=L6Q748YP-1X-5LKK HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=L6Q748YP-1X-5LKK&name=RUBICON
Request Chain 508
  • https://sync.aniview.com/ssync?pid=5e0e296628a061270b21ccab&r=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3De8ecb87ff2ef3a3b16ba16c51e7986ac%26visitor%3D%5BAV_UID%5D%26name%3DOPENWEB_VIDEO&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=e8ecb87ff2ef3a3b16ba16c51e7986ac&visitor=e0a062c9-8bf8-48ab-bf86-90e0df03fa89&name=OPENWEB_VIDEO
Request Chain 511
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=779dc6d7-1e55-47c6-b42b-4e6acd827fa5&gdpr_consent=null&gdpr=0
Request Chain 512
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADwMk7F7BkAABENckpF8w&gdpr=0
Request Chain 514
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=f842d39a-2807-4d90-82ff-2b72e6e18d37&gdpr=0&gdpr_consent=
Request Chain 515
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 516
  • https://ssc-cms.33across.com/ps/?_=1660292219180.&ri=0010b00002MptHCAAZ&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X HTTP 302
  • https://s.seedtag.com/cs/cookiesync/33across?channeluid=2294083809199
Request Chain 517
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=the33across HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=1783777314954996696&expires=30&ssp=the33across HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=9f6c8083-3ab4-40a9-9e61-00d2d73f3398 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=9f6c8083-3ab4-40a9-9e61-00d2d73f3398&ts=1660292219&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 518
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1660292219180.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=3f4262f6-0c7b-4700-a042-2230177506f6
Request Chain 519
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-_yEpoWdE2uGlnYZ9c0U0j_kkvXerg2QO~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-_yEpoWdE2uGlnYZ9c0U0j_kkvXerg2QO%7EA&ts=1660292219&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 520
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=288bbe717b140ca3&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAEfVOUzjrYwgNp8Yg2AAAAAAA&expiration=1660378619&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAEfVOUzjrYwgNp8Yg2AAAAAAA&ts=1660292219&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 521
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1662884219%26external_user_id%3Db88f2951-bac5-41e7-bff4-9adb35ec6b09 HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1662884219&external_user_id=b88f2951-bac5-41e7-bff4-9adb35ec6b09
Request Chain 522
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzAzMjkzODE5MTQ1NDcxNTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEOy8uLIsPSwzt05dBvjJSjw&google_cver=1
Request Chain 525
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YvYMeQAF1xc1xgA0&gdpr=0&gdpr_consent=
Request Chain 526
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b4cf62f6-0c7b-4900-ab8c-6e8655895a65&gdpr=0&gdpr_consent=
Request Chain 527
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEd01rN0Y3QmtBQUJFTmNrcEY4dw&bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AADwMk7F7BkAABENckpF8w&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADwMk7F7BkAABENckpF8w
Request Chain 529
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 530
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=23234c52-1a17-11ed-9465-f3edc820c7ab
Request Chain 531
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=s2-c1UJiToJucJinG1V3nJU4mbM
Request Chain 532
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005&rndcb=7925476305 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadconductor%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadconductor%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=9e7f3da7-9383-53e0-8f00-1e45edf6123e&ssp=adconductor&expires=30&user_group=1&gdpr=&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/9f6c8083-3ab4-40a9-9e61-00d2d73f3398?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-505d6b14-b8dd-4151-861b-7b8be62c9851-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005
Request Chain 533
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=cd84a901-d0df-4be7-b718-962708b5da28&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=70B1E182-C5A6-4B0E-914D-DCB16A48E702
Request Chain 534
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=685754946922
Request Chain 535
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EuNKy5Se1OmpQM5&gdpr=0&gdpr_consent=
Request Chain 537
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7135786191051565085&uid=Q7135786191051565085&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7135786191051565085
Request Chain 539
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cLHhgsWmSw6RTdyxakjnAg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 540
  • https://idsync.rlcdn.com/420486.gif?partner_uid=70B1E182-C5A6-4B0E-914D-DCB16A48E702 HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=0da3d60a39531c26c7d0ccb0b2bd7b5b9a9feee8c0aac86c18c6336e20263184791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAwZGEzZDYwYTM5NTMxYzI2YzdkMGNjYjBiMmJkN2I1YjlhOWZlZWU4YzBhYWM4NmMxOGM2MzM2ZTIwMjYzMTg0NzkxNDI2YjU0MTdkY2UyMRAAGgwI-5jYlwYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAwZGEzZDYwYTM5NTMxYzI2YzdkMGNjYjBiMmJkN2I1YjlhOWZlZWU4YzBhYWM4NmMxOGM2MzM2ZTIwMjYzMTg0NzkxNDI2YjU0MTdkY2UyMRAAGgwI-5jYlwYSBAgCEABCAEoA&google_gid=CAESEECQuC0NUaqnHq52COehcF0&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=37ebf2bc-982a-4bc1-96f1-311c392b6bb1
Request Chain 541
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=68b862f6-0c7b-4a00-b2c4-cacfdb239ab0
Request Chain 542
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzBCMUUxODItQzVBNi00QjBFLTkxNEQtRENCMTZBNDhFNzAy&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 543
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHD19s7l5WMz-KQ2stn42hA&google_cver=1
Request Chain 544
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:8315754224554931B82C11B06ADF48C8
Request Chain 545
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4276077296345607779&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 546
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b88f2951-bac5-41e7-bff4-9adb35ec6b09
Request Chain 548
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=70B1E182-C5A6-4B0E-914D-DCB16A48E702&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-V0kHGOZE2uUqnoNOj8GydYDJj2djFnY-~A&gdpr=0&gdpr_consent=
Request Chain 550
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=1f908b89-879f-4467-acd7-d70027d2a07e&gdpr=0&gdpr_consent=
Request Chain 551
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=70B1E182-C5A6-4B0E-914D-DCB16A48E702&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3de659a29f5f0c9b&is_secure=true&networkId=17100&version=1&nuid=70B1E182-C5A6-4B0E-914D-DCB16A48E702&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAEenv8SllOlANBxLGhAAAAAAA&expiration=1660378619&nuid=70B1E182-C5A6-4B0E-914D-DCB16A48E702&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 552
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4838819436260598658&gdpr=0&gdpr_consent=
Request Chain 553
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l96el5GPz8CMj8mXk9nVxcfcwJmMjcrCl9Wb7ZIr
Request Chain 554
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341&gdpr=0&gdpr_consent=
Request Chain 555
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=9f6c8083-3ab4-40a9-9e61-00d2d73f3398&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dpubmatic%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=pubmatic&user_id=n-cnxRr_xB-fZyP8lkZj0 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9f6c8083-3ab4-40a9-9e61-00d2d73f3398&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 556
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B341_F47CC22C_FF438A0D&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 557
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4985186688463408566
Request Chain 561
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBbGtUls40sgK35ib-L7i_w&google_cver=1&google_push=AehlK4BeSa2-brZu28oj7klo7fKdzYy6Zuqke-tv-YKWulpOKZa-PiPMA5yfDBUOhFa4IvtEtnHDo8Eocz6xz85XDMJzPXdV8z-qOylmQVBfZ6wobjkZ-mLEzbzKmHvp5rd_5WU_MUa6OU0u HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDI3NjA3NzI5NjM0NTYwNzc3OQ==&gdpr=0&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEBbGtUls40sgK35ib-L7i_w&google_cver=1
Request Chain 564
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEIJtuY0t8ViZkyRC7Urpujc&google_cver=1&google_push=AehlK4DWW_BCEPwGvQnHf2n-8vZuYrGI1VFl1i5Tht1V6HS3HfoMMmsVnEI8eWrYXHlzxL3ihZK8uW-M-99T7ysictLrfK-CjV0VNwlsTxQeaLNXmKqUaunmutrj_SpQdfPVzVvfEe-hDfGB HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4DWW_BCEPwGvQnHf2n-8vZuYrGI1VFl1i5Tht1V6HS3HfoMMmsVnEI8eWrYXHlzxL3ihZK8uW-M-99T7ysictLrfK-CjV0VNwlsTxQeaLNXmKqUaunmutrj_SpQdfPVzVvfEe-hDfGB%26google_hm%3DBVBdaxS43UFRhht7i-YsmFE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4DWW_BCEPwGvQnHf2n-8vZuYrGI1VFl1i5Tht1V6HS3HfoMMmsVnEI8eWrYXHlzxL3ihZK8uW-M-99T7ysictLrfK-CjV0VNwlsTxQeaLNXmKqUaunmutrj_SpQdfPVzVvfEe-hDfGB&google_hm=BVBdaxS43UFRhht7i-YsmFE
Request Chain 565
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEGL5DJeBG3sIe5vuKJlC03Q&google_cver=1&google_push=AehlK4DVUWUuL-d-56-tFtWd4NXNTIPxjL3IS9ZTsaFTYYhVCoFTqssME9QsLDNxUVwMgXTVc9yOLy9H2zMOukCBlSmKNG9eQVBXKe17s-4y3QTnEFZLp5ZoT0ppSudcVI8OaI-QLIEijFEA HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEGL5DJeBG3sIe5vuKJlC03Q%26google_cver%3D1%26google_push%3DAehlK4DVUWUuL-d-56-tFtWd4NXNTIPxjL3IS9ZTsaFTYYhVCoFTqssME9QsLDNxUVwMgXTVc9yOLy9H2zMOukCBlSmKNG9eQVBXKe17s-4y3QTnEFZLp5ZoT0ppSudcVI8OaI-QLIEijFEA HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A8197508655130880941&exchange=193&google_gid=CAESEGL5DJeBG3sIe5vuKJlC03Q&google_cver=1&google_push=AehlK4DVUWUuL-d-56-tFtWd4NXNTIPxjL3IS9ZTsaFTYYhVCoFTqssME9QsLDNxUVwMgXTVc9yOLy9H2zMOukCBlSmKNG9eQVBXKe17s-4y3QTnEFZLp5ZoT0ppSudcVI8OaI-QLIEijFEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTgxOTc1MDg2NTUxMzA4ODA5NDE&google_push=AehlK4DVUWUuL-d-56-tFtWd4NXNTIPxjL3IS9ZTsaFTYYhVCoFTqssME9QsLDNxUVwMgXTVc9yOLy9H2zMOukCBlSmKNG9eQVBXKe17s-4y3QTnEFZLp5ZoT0ppSudcVI8OaI-QLIEijFEA
Request Chain 566
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEGWd-S1kGWWiuZjBY_4sR8c&google_cver=1&google_push=AehlK4ATLOX4-weAGNNVd-TdkZdMDR06fmZnR-hIkJQw-oHJ3TSIKja51WEvDEL3ELDqz6qjUbNRKWwUlfLY6s9SV_A_IjTxX2sGZgjYHSNwHgZsVBknjG4pbYjkG81SvCCwAwwDvT9X_4la HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AehlK4ATLOX4-weAGNNVd-TdkZdMDR06fmZnR-hIkJQw-oHJ3TSIKja51WEvDEL3ELDqz6qjUbNRKWwUlfLY6s9SV_A_IjTxX2sGZgjYHSNwHgZsVBknjG4pbYjkG81SvCCwAwwDvT9X_4la&google_hm=MTc4Mzc3NzMxNDk1NDk5NjY5Ng==
Request Chain 567
  • https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEBrrLmDQPLPsDdUfrpKreiU&google_cver=1&google_push=AehlK4CRBRITrGECB1Fw8xM-XvY3Mqlj7xljWF0MY4z59gbjQfnHfzG6bhrHvUVdUkbJ1gJuoZc6IzYQyNzezVOZDGjK7xxBD8uw-g3QtrUjGAuyMo6xYWXE2YKNXgjgDV8lbe1GuyMF-w2Mfw HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Demx_eb%26google_hm%3DNTM2MTE2NjAyOTIyMTk1OTQyMzJhYg%3D%3D&b64_redirect=aHR0cHM6Ly9jbS5nLmRvdWJsZWNsaWNrLm5ldC9waXhlbD9nb29nbGVfbmlkPWVteF9lYiZnb29nbGVfaG09TlRNMk1URTJOakF5T1RJeU1UazFPVFF5TXpKaFlnPT0=&ssp=google_ob HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=4838819436260598658&redirect=https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTM2MTE2NjAyOTIyMTk1OTQyMzJhYg==&b64_redirect=aHR0cHM6Ly9jbS5nLmRvdWJsZWNsaWNrLm5ldC9waXhlbD9nb29nbGVfbmlkPWVteF9lYiZnb29nbGVfaG09TlRNMk1URTJOakF5T1RJeU1UazFPVFF5TXpKaFlnPT0=&ssp=google_ob HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTM2MTE2NjAyOTIyMTk1OTQyMzJhYg==
Request Chain 571
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fuid%3D$UID HTTP 307
  • https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?uid=FIewiLZHvvFnkDbISHKtAJTx
Request Chain 572
  • https://pixel.advertising.com/ups/58170/sync?gdpr=1&gdpr_consent=&_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58170/sync?gdpr=1&gdpr_consent=&_origin=1&redir=true
Request Chain 573
  • https://ups.analytics.yahoo.com/ups/58368/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/1334b6ec0ff0dc970481738a2374448c/?uid=y-GGO5hFJE2uHPcDF0tm9CIuHvW1eL_xKfQl1VqTc-~A&gdpr=0&gdpr_consent=
Request Chain 574
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fuid%3D[sas_uid]&gdpr_consent=&nwid=2441/ HTTP 302
  • https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=3845884433550291021
Request Chain 575
  • https://spl.zeotap.com/?zdid=689&env=mWeb&eventType=pageview HTTP 302
  • https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=7351786a-e0d8-4f6b-5153-d1ba26190284&env=mWeb&eventType=pageview&id_mid_4=7351786a-e0d8-4f6b-5153-d1ba26190284&reqId=c88c84ab-7ebf-4cb7-41ee-73cf205a2030&zdid=689
Request Chain 576
  • https://id5-sync.com/s/286/9.gif?puid=e67ee749-143a-4422-8345-1zz1660292219&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.richaudience.com%2Fa6c163b098d05a413cd1682e26fae172%2F%3Fuid%3D%7BID5UID%7D HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/286/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/286/2/8/2.gif?puid=4838819436260598658&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMO-PxwOt7khudEAbM4oQdOGGog4hJ2pO1fy_9tag&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/286/3/7/3.gif?puid=3f4262f6-0c7b-4700-a042-2230177506f6&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F429%2F6%2F4.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/286/429/6/4.gif?puid=70B1E182-C5A6-4B0E-914D-DCB16A48E702&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F434%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/286/434/5/5.gif?puid=68c2bd3f-a362-4eac-be9c-d1e0fe3062fe&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/286/108/4/6.gif?puid=f89f2ecc-d918-4ba9-b6f0-2c45fbe382da&gdpr=0&gdpr_consent= HTTP 302
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F136%2F3%2F7.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/286/136/3/7.gif?puid=YvYMeQAF1xc1xgA0&gdpr=0&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEKXAM8HY5f6APKhmh_B-mRs&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEKXAM8HY5f6APKhmh_B-mRs&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4838819436260598658&opid=apx&ops=&utidl=tech:goo:CAESEKXAM8HY5f6APKhmh_B-mRs&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A28682834164&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/286/19/1/9.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
Request Chain 578
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=L6Q748YP-1X-5LKK HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=L6Q748YP-1X-5LKK HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L6Q748YP-1X-5LKK&ts=1660292220&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 582
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3De0a062c9-8bf8-48ab-bf86-90e0df03fa89%26biddername%3D55%26key%3D%24UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=e0a062c9-8bf8-48ab-bf86-90e0df03fa89&biddername=55&key=4838819436260598658
Request Chain 583
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Request Chain 584
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3De0a062c9-8bf8-48ab-bf86-90e0df03fa89%26biddername%3D2%26key%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=e0a062c9-8bf8-48ab-bf86-90e0df03fa89&biddername=2&key=22d04db5-1a17-11ed-9272-185744bf0403
Request Chain 585
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3De0a062c9-8bf8-48ab-bf86-90e0df03fa89%26biddername%3D72%26pid%3D5e0e296628a061270b21ccab%26key%3D%7BuserId%7D HTTP 302
  • https://tags.bluekai.com/site/17724?id=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3De0a062c9-8bf8-48ab-bf86-90e0df03fa89%26biddername%3D72%26pid%3D5e0e296628a061270b21ccab%26key%3D3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=e0a062c9-8bf8-48ab-bf86-90e0df03fa89&biddername=72&pid=5e0e296628a061270b21ccab&key=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341
Request Chain 590
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=4838819436260598658
Request Chain 592
  • https://ups.analytics.yahoo.com/ups/58558/occ HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=488792&extuid=y-RydbI5hE2uFDB9iSgTjz3M_1h9BFwOrDNIvwXc0-~A
Request Chain 595
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F2069.55%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=2120667406 HTTP 302
  • https://tags.bluekai.com/site/17724?id=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F2069.55%2F3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341%3Fzcc%3D0%26sspret%3D1%26rndcb%3D2120667406 HTTP 302
  • https://sync.1rx.io/usersync3/centro/2069.55/3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341?zcc=0&sspret=1&rndcb=2120667406 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D708476%26extuid%3DRX-505d6b14-b8dd-4151-861b-7b8be62c9851-005 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005
Request Chain 596
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D%24%7BUID%7D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=86d69b07-3e8c-4cfc-9a1f-40ef9a64da8e
Request Chain 597
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Fredir%3Dhttps%253A%252F%252Fvisitor.omnitagjs.com%252Fvisitor%252Fsync%253Fuid%253D9f93135e824096b627ff609f5cdee636%2526visitor%253D%257Buid%257D%2526name%253DOPENWEB HTTP 302
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D9f93135e824096b627ff609f5cdee636%26visitor%3D%7Buid%7D%26name%3DOPENWEB HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=89046e99fc5497cd&name=OPENWEB
Request Chain 604
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=b9766734-dc14-4292-bb72-182c28b3d90f HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=b9766734-dc14-4292-bb72-182c28b3d90f
Request Chain 606
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=eace6bae-4a54-4975-aeea-000922a479db HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=eace6bae-4a54-4975-aeea-000922a479db
Request Chain 607
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=4838819436260598658
Request Chain 609
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4276077296345607779&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 613
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=6c322cab
Request Chain 614
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=8315754224554931B82C11B06ADF48C8&ex=simpli.fi&status=ok
Request Chain 615
  • https://jadserve.postrelease.com/suid/101959?ntv_r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dnativo.com%26id%3DNTV_USER_ID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=7d3c15cb-e172-46cd-9df3-b15717929f10
Request Chain 624
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=5fd0be465bb90cb7&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAEgkzftH-yeAMPLsUdAAAAAAA&expiration=1660378620&is_secure=true
Request Chain 625
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=4838819436260598658&ex=appnexus.com
Request Chain 626
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4436417915014705237908
Request Chain 643
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17184&khaos=L6Q748YP-1X-5LKK HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=L6Q748YP-1X-5LKK
Request Chain 650
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=N3ZScVZzSnBZaVAzV0M1azVlNGd4dw&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESELQYgmFs68ofCNAgncefWRQ&google_cver=1
Request Chain 651
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=76a6b92fcea8122b&is_secure=true&networkId=14200&version=1&nuid= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAEfVOUzjrYxQMp4D20AAAAAAA&expiration=1660378620&nuid=&is_secure=true
Request Chain 652
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=95&gdpr=0&gdpr_consent= HTTP 302
  • https://tags.bluekai.com/site/17724?id=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341&redir=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D543793%26ev%3D3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341%26gdpr_in_effect%3D0%26gdpr_consent%3D HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341&gdpr_in_effect=0&gdpr_consent=
Request Chain 656
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YvYMeptZyA.1HFbuQyqMsAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAUtS0zSL0dGNue_Trz6X7A&google_cver=1&google_hm=2
Request Chain 657
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YvYMeptZyA-1HFbuQyqMsAAAAd8AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIIqKazOBv-WeVZiIl7EtM0&google_cver=1
Request Chain 658
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=b88f2951-bac5-41e7-bff4-9adb35ec6b09&expiration=1662884220&gdpr=0&gdpr_consent=
Request Chain 659
  • https://d.adroll.com/cm/index/ssp HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 661
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=23234c52-1a17-11ed-9465-f3edc820c7ab
Request Chain 662
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=s2-c1UJiToJucJinG1V3nJU4mbM
Request Chain 665
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=4838819436260598658
Request Chain 666
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_72b13e66-8638-4bdc-975a-2eec0f6e1321&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=9f6c8083-3ab4-40a9-9e61-00d2d73f3398 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=562c12ab-42ac-4d31-9b38-debb46a9cd2d&ssp=gumgum2&bsw_param=9f6c8083-3ab4-40a9-9e61-00d2d73f3398 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
Request Chain 667
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28YCQ7QQEIfw8y1OHumdK20MB8yS3ykV7A5eF1oDRx1RO8_lVLN2AVxq8p2UyLHrro%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28YCQ7QQEIfw8y1OHumdK20MB8yS3ykV7A5eF1oDRx1RO8_lVLN2AVxq8p2UyLHrro%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_72b13e66-8638-4bdc-975a-2eec0f6e1321&obuid=ENC(YCQ7QQEIfw8y1OHumdK20MB8yS3ykV7A5eF1oDRx1RO8_lVLN2AVxq8p2UyLHrro) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=YCQ7QQEIfw8y1OHumdK20MB8yS3ykV7A5eF1oDRx1RO8_lVLN2AVxq8p2UyLHrro HTTP 302
  • https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=outbrain&ssp_uuid=9f6c8083-3ab4-40a9-9e61-00d2d73f3398 HTTP 302
  • https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=outbrain&ssp_uuid=9f6c8083-3ab4-40a9-9e61-00d2d73f3398 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=outbrain&user_id=6cb36c40-8c62-4ffe-8686-dfa7226d5fb1 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=9f6c8083-3ab4-40a9-9e61-00d2d73f3398&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 668
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=4835b0b8-af06-4743-96e8-9017d36f1945
Request Chain 669
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-b36f9cd5-4262-4e82-6e70-98a71b55779c$ip$149.56.153.179
Request Chain 670
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-M9KZkjtE2pd6kc4txwSpO7nsRma6pUVHbmU2~A
Request Chain 671
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=1f908b89-879f-4467-acd7-d70027d2a07e
Request Chain 672
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=14E007207C1042BAB885E0FAC3A8C6AC
Request Chain 673
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP 303
  • https://usersync.gumgum.com/usersync?b=dit&i=di_8e26fc569f664441815e1
Request Chain 674
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_72b13e66-8638-4bdc-975a-2eec0f6e1321&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=CAj9tp6lCQS85i0jAlFa&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVBUC2RZORYDM3CDKFJTQNLJGBVEC3CGME HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVBUC2RZORYDM3CDKFJTQNLJGBVEC3CGME HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=CAj9tp6lCQS85i0jAlFa
Request Chain 675
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=ea9885a8-0f84-4e27-872a-648e2874a0f2
Request Chain 676
  • https://sync.1rx.io/usersync2/floor6?gdpr=&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F1506%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=7768230212 HTTP 302
  • https://tags.bluekai.com/site/17724?id=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F1506%2F3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341%3Fzcc%3D0%26sspret%3D1%26rndcb%3D7768230212 HTTP 302
  • https://sync.1rx.io/usersync3/centro/1506/3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341?zcc=0&sspret=1&rndcb=7768230212 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-505d6b14-b8dd-4151-861b-7b8be62c9851-005 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005
Request Chain 677
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=hMxmzlf716FU&ev=1&pid=558355
Request Chain 678
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=3845884433550291021
Request Chain 681
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=186046&cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__ HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=YvYMeptZyA.1HFbuQyqMsAAA%26479
Request Chain 682
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=YvYMeQAF1xc1xgA0
Request Chain 683
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=b88f2951-bac5-41e7-bff4-9adb35ec6b09&gdpr=0&gdpr_consent=
Request Chain 684
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=4838819436260598658
Request Chain 685
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAUtS0zSL0dGNue_Trz6X7A&google_cver=1
Request Chain 686
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvYMeptZyA.1HFbuQyqMsAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAUtS0zSL0dGNue_Trz6X7A&google_cver=1&google_hm=2
Request Chain 687
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJQdP2L75sQUYWi5nM4RxJ8&google_cver=1
Request Chain 688
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgzODgxOTQzNjI2MDU5ODY1OA%3D%3D
Request Chain 689
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=3f4262f6-0c7b-4700-a042-2230177506f6&gdpr=&gdpr_consent=
Request Chain 690
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=YvYMeQAF1xc1xgA0&gdpr=&gdpr_consent=
Request Chain 693
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=b88f2951-bac5-41e7-bff4-9adb35ec6b09
Request Chain 694
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&i=4838819436260598658brt53611660292219594232ab
Request Chain 695
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=YvYMfcCo5ssAAGs0pLYAAAAA
Request Chain 696
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=zyA5VdCCDerQ1QP3TvEu&pi=gumgum
Request Chain 697
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 724
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBbGtUls40sgK35ib-L7i_w&google_cver=1&google_push=AehlK4CkM23slm5nZsM2cj-e8oYKRx9s6g3Vg2vaKACC5A8cWuNenOckyyASqdrDYXIl4J1TnQasJkQdmlmGFgpfWsQ33PnCRXg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDI3NjA3NzI5NjM0NTYwNzc3OQ==&gdpr=0&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEBbGtUls40sgK35ib-L7i_w&google_cver=1
Request Chain 726
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEEEPDUE0YKvNkrk7DceXK-U&google_cver=1&google_push=AehlK4Cu0nTXIDEa4dpd46_CDGNLSKTH3KB9KS5cEizFF6VphGoj8zbfdHcwmIgL_bc9D6WBInIYWe2XDis_lHVaD6vUkXqdSbU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WXZZTWVRQUYxeGMxeGdBMA==&google_gid=CAESEEEPDUE0YKvNkrk7DceXK-U&google_cver=1&google_push=AehlK4Cu0nTXIDEa4dpd46_CDGNLSKTH3KB9KS5cEizFF6VphGoj8zbfdHcwmIgL_bc9D6WBInIYWe2XDis_lHVaD6vUkXqdSbU
Request Chain 727
  • https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESEMxikFl5KxVSVsQuYcfnVLE&google_cver=1&google_push=AehlK4DCjGjzhIfVkh3zCtsRKwanaHzESjJrJB_snCjlgqLGtYaXEFCLrSm7-sdY8167l14eucR8kQ0lgOQtkapNBTqJ_DUHlsg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AehlK4DCjGjzhIfVkh3zCtsRKwanaHzESjJrJB_snCjlgqLGtYaXEFCLrSm7-sdY8167l14eucR8kQ0lgOQtkapNBTqJ_DUHlsg
Request Chain 728
  • https://match.360yield.com/match/ebda?google_gid=CAESEDkjrX8MWVJrt13WL_btCag&google_cver=1&google_push=AehlK4DgBaifejKY4m197P1ZEec80xCCD5flJ7w2zoEPdWuHlNTynvx8scC7I70ikEtw2YQardGsnvejWPlrmhDrm8gpaf4ppgQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=6piFqA-ETieHKmSOKHSg8g&google_push=AehlK4DgBaifejKY4m197P1ZEec80xCCD5flJ7w2zoEPdWuHlNTynvx8scC7I70ikEtw2YQardGsnvejWPlrmhDrm8gpaf4ppgQ
Request Chain 729
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGMe7jIXixlMRyVDiE6hjoA&google_cver=1&google_push=AehlK4BP3OKSP0QMITN1b_Dr5GnahU-0V4F5kgBiQcmmwh5-RFF1enAKtwg8FRSar0HF_jgokthoNy8ueput-8ogaz9a4caxI5g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDQzNjQxNzkxNTAxNDcwNTIzNzkwOA%3D%3D&google_push=AehlK4BP3OKSP0QMITN1b_Dr5GnahU-0V4F5kgBiQcmmwh5-RFF1enAKtwg8FRSar0HF_jgokthoNy8ueput-8ogaz9a4caxI5g
Request Chain 730
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIXPZJ4DbysF7IGYq77mJKs&google_cver=1&google_push=AehlK4A7coDNuWSnnLijzJyH8_wkDRytUR0psax7EJ7rCkoRQJMdWCwbtlK2CE8pH5ktizQwUyN0iHapDUZPcUw46WkzJwfdCJFI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1FVVVjdXg1RTJ1RjFFdTNlLi5aT2lhdDdxMUc1eWJuen5B&google_push=AehlK4A7coDNuWSnnLijzJyH8_wkDRytUR0psax7EJ7rCkoRQJMdWCwbtlK2CE8pH5ktizQwUyN0iHapDUZPcUw46WkzJwfdCJFI
Request Chain 762
  • https://ad.doubleclick.net/ddm/activity/src=2507573;type=moat;cat=namas0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1660292221096?&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=2507573;dc_pre=CI_U38DuwPkCFZQCcQodzDUDOg;type=moat;cat=namas0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1660292221096?&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0 HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=2507573;dc_pre=CI_U38DuwPkCFZQCcQodzDUDOg;type=moat;cat=namas0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1660292221096?&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Request Chain 773
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:70B1E182-C5A6-4B0E-914D-DCB16A48E702 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=24d12650-1a17-11ed-afed-0af9eb55f11f&companyId=673&id=pubmatic_id:70B1E182-C5A6-4B0E-914D-DCB16A48E702
Request Chain 775
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=70B1E182-C5A6-4B0E-914D-DCB16A48E702 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=f89f2ecc-d918-4ba9-b6f0-2c45fbe382da%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b88f2951-bac5-41e7-bff4-9adb35ec6b09&ttd_puid=f89f2ecc-d918-4ba9-b6f0-2c45fbe382da%2C
Request Chain 778
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fglamour.globo.com%2F&domain=glamour.globo.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=-ggBVnxScEtmWTlRd1h0WXFXM0k0T1ByTDhKekhUYjNuZGxyVFkrTUN1TXZkUE4wVFZkYTJPNGZDNnZFdGZmT3JnUGhZV2JiUUx2MzltNkJoTHVsWjFqRU94M3JpZlNiRkU2cm9Xc015NU5QRlB0N1FsdG1JYU5SNVVSMlo0YXVsTWFkR2JvSlVRcG9IOVFxUDJ4VW1NQXpWa20vRGE3T0xoUEtMOHNBQS9DSGtwcWRWeEVwbld2ajJiREVKYlBGNFJSOWI0NUREcmtONXBqS0owSUJzT2RhSUY1WXZkM0IvaU9DZkZsTUVTYURJR0o2MEx6Qlg3MkR5aUtsd2NVK2gxUXoybmJGOSsxcDJMY3NYUVZRZHU3cGNmZz09fA&cppv=2
Request Chain 805
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=d1da37587edc87dd7d8c185575c8f6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3dnull&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=e98a0_7130900803883391788&gdpr=0&gdpr_consent=null HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZDFkYTM3NTg3ZWRjODdkZDdkOGMxODU1NzVjOGY2&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEHctj1uYrJEbTpiR3XMcMT0&google_cver=1&gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=b88f2951-bac5-41e7-bff4-9adb35ec6b09 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/d1da37587edc87dd7d8c185575c8f6?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-CAfy7e5E2oNeODdtOClIQM25PqIO3FNIolxDj4.0~A HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=4838819436260598658 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AADwMk7F7BkAABENckpF8w&gdpr=0 HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=EuNKy5Se1OmpQM5&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=4985186688463408566 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YvYMeQAF1xc1xgA0 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=3f4262f6-0c7b-4700-a042-2230177506f6&gdpr=0&gdpr_consent=
Request Chain 808
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDFkYTM3NTg3ZWRjODdkZDdkOGMxODU1NzVjOGY2&gdpr=0&gdpr_consent=
Request Chain 809
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=d1da37587edc87dd7d8c185575c8f6&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 854
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?dsp_user_mapping=true&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D849%26gdpr%3d0%26gdpr_consent%3dnull&159=CAESEHctj1uYrJEbTpiR3XMcMT0&23329=EuNKy5Se1OmpQM5&26913=AADwMk7F7BkAABENckpF8w&45=YvYMeQAF1xc1xgA0&529=3f4262f6-0c7b-4700-a042-2230177506f6&617=4985186688463408566&717=y-CAfy7e5E2oNeODdtOClIQM25PqIO3FNIolxDj4.0%7EA&892=b88f2951-bac5-41e7-bff4-9adb35ec6b09&951=4838819436260598658&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=849&gdpr=0&gdpr_consent=null HTTP 302
  • https://7e1d5.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D993%26userId%3d%23%7buser.id%7d&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=993&userId=e98a0_7130900803883391788 HTTP 302
  • https://dsp.adfarm1.adition.com/cookie/?ssp=12 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=202&userId=7130900816780785807 HTTP 302
  • https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=4276077296345607779 HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=7745397&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=1f908b89-879f-4467-acd7-d70027d2a07e HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=103&gdpr=0&gdpr_conset={gdpr_conset}&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D721%26userId%3D%7BuserId%7D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=721&userId=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341 HTTP 302
  • https://freewheel.adhaven.com/bid-engine/cs/b714c175b3fe12d9388dfc1431d76197/v1?rd=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1217%26userId%3D%24UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1217&userId=4c_612ffa93-2cdc-4884-875c-60673a5fb803 HTTP 302
  • https://um.simpli.fi/freewheel HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=8315754224554931B82C11B06ADF48C8 HTTP 302
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=561&userId=23234c52-1a17-11ed-9465-f3edc820c7ab HTTP 302
  • https://match.deepintent.com/usersync/132 HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1281&userId=di_8e26fc569f664441815e1
Request Chain 858
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDFkYTM3NTg3ZWRjODdkZDdkOGMxODU1NzVjOGY2&gdpr=0&gdpr_consent=
Request Chain 860
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=d1da37587edc87dd7d8c185575c8f6&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 902
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://umfw.adscience.nl/sync/freewheel&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1265&userId=o89YTUPMOE0M2nj7.sKqCQ-- HTTP 302
  • https://sync.1rx.io/usersync2/freewheel?gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F2067%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=3640108681 HTTP 302
  • https://sync.1rx.io/usersync3/appnexus/2067/4838819436260598658?zcc=0&sspret=1&rndcb=3640108681 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D457%26userId%3DRX-505d6b14-b8dd-4151-861b-7b8be62c9851-005 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=457&userId=RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005 HTTP 302
  • https://x.bidswitch.net/sync?ssp=stickyads&gdpr=0&gdpr_consent= HTTP 302
  • https://ums.acuityplatform.com/bum?tpid=29&uid=9f6c8083-3ab4-40a9-9e61-00d2d73f3398&bidswitch_ssp_id=stickyads HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=685754946922&expires=30&user_group=1&ssp=StickyAds
Request Chain 906
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDFkYTM3NTg3ZWRjODdkZDdkOGMxODU1NzVjOGY2&gdpr=0&gdpr_consent=
Request Chain 908
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=d1da37587edc87dd7d8c185575c8f6&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 939
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=a086202d-d569-435b-8706-1bbbff0d1632&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:cc7af9c12b90d058d68105cfddcc4a9b
Request Chain 940
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=YF6e9C6VxjsX58xNyCYiuQ==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 941
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=3f4262f6-0c7b-4700-a042-2230177506f6
Request Chain 942
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=1f908b89-879f-4467-acd7-d70027d2a07e
Request Chain 943
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341&gdpr=0&gdpr_consent=
Request Chain 948
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4838819436260598658
Request Chain 949
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADwMk7F7BkAABENckpF8w&expiration=1661501831
Request Chain 950
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3f4262f6-0c7b-4700-a042-2230177506f6
Request Chain 951
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=04030001_62f60c8713466&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_62f60c8713466
Request Chain 952
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8315754224554931B82C11B06ADF48C8
Request Chain 953
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4276077296345607779
Request Chain 954
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4838819436260598658
Request Chain 980
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://x.bidswitch.net/sync?ssp=stickyads&gdpr=0&gdpr_consent=null HTTP 302
  • https://dt.videohub.tv/ssframework/uid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D122%26user_id%3D%5BUSER_ID%5D%26expires%3D30%26ssp%3Dstickyads%26bsw_param%3D9f6c8083-3ab4-40a9-9e61-00d2d73f3398 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=122&user_id=CI-d93be1b9b1ae0d83c6d6154b02672d72&expires=30&ssp=stickyads&bsw_param=9f6c8083-3ab4-40a9-9e61-00d2d73f3398 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=204&userId=9f6c8083-3ab4-40a9-9e61-00d2d73f3398 HTTP 302
  • https://sync.extend.tv/freewheel HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=737&userId=b8e98277-baca-4851-97f2-5ef6fc879ef8 HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=169&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1362&userId=s2-c1UJiToJucJinG1V3nJU4mbM HTTP 302
  • https://a.tribalfusion.com/i.match?p=b25&u=d1da37587edc87dd7d8c185575c8f6&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D977%26userId%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=977&userId=18072662274873668336 HTTP 302
  • https://jelly.mdhv.io/v4/pixie HTTP 307
  • https://ads.stickyadstv.com/user-registering?dataProviderId=513&userId=735b3534-2f62-4f9e-a32c-a97cfede8ce0 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=190775&cb=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1025%26userId%3D_UID_ HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=YvYMeptZyA.1HFbuQyqMsAAA%26479 HTTP 302
  • https://freewheel-match.dotomi.com/match/bounce/current?networkId=41963&version=1 HTTP 302
  • https://freewheel-match.dotomi.com/match/bounce/current?DotomiTest=564028c333ed122b&is_secure=true&networkId=41963&version=1 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1249&userId=AAAGc64h4HhHXgN0vJc0AAAAAAA&expiration=1660378633&is_secure=true HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D&_cvt=t HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=609&userId=d6.76e04cdc434e403aa124f7bd7d148a83
Request Chain 984
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDFkYTM3NTg3ZWRjODdkZDdkOGMxODU1NzVjOGY2&gdpr=0&gdpr_consent=
Request Chain 986
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=d1da37587edc87dd7d8c185575c8f6&ex=freewheel.tv&gdpr=0&gdpr_consent=

992 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.protocolo7em7.com.br.hackeandoansiedade.space/ 		53 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.protocolo7em7.com.br.hackeandoansiedade.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.39.17.86 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns557098.ip-54-39-17.net
Software
LiteSpeed /
Resource Hash
f782d6fb6c487e3d38d77d8e3838355a618944325f43ec9111ddbca65d023746

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
14686
content-type
text/html
date
Fri, 12 Aug 2022 08:16:52 GMT
last-modified
Fri, 12 Aug 2022 04:08:48 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
css2
fonts.googleapis.com/ 		20 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&family=Roboto:wght@400;500;600;700;800&family=Montserrat:wght@400;500;600;700;800&display=swap
Requested by
Host: www.protocolo7em7.com.br.hackeandoansiedade.space
URL: https://www.protocolo7em7.com.br.hackeandoansiedade.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.protocolo7em7.com.br.hackeandoansiedade.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 08:16:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 12 Aug 2022 08:16:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Aug 2022 08:16:52 GMT
pbtRLP7329174.js
www.protocolo7em7.com.br.hackeandoansiedade.space/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.protocolo7em7.com.br.hackeandoansiedade.space/js/pbtRLP7329174.js
Requested by
Host: www.protocolo7em7.com.br.hackeandoansiedade.space
URL: https://www.protocolo7em7.com.br.hackeandoansiedade.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.39.17.86 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns557098.ip-54-39-17.net
Software
LiteSpeed /
Resource Hash
859bd8430351e5be5d1f9542b47bde1d3dc6b972e1c2cd65cb6adc0a54087ce4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.protocolo7em7.com.br.hackeandoansiedade.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:52 GMT
content-encoding
br
last-modified
Fri, 12 Aug 2022 04:08:48 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3697
expires
Fri, 19 Aug 2022 08:16:52 GMT
lWgjPs7823712.jpeg
img.imageboss.me/atm/cdn/u/JptmQ7vAE0TMgyM2GFsSpQU4L6Z2/l/ 		763 KB
764 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.imageboss.me/atm/cdn/u/JptmQ7vAE0TMgyM2GFsSpQU4L6Z2/l/lWgjPs7823712.jpeg
Requested by
Host: www.protocolo7em7.com.br.hackeandoansiedade.space
URL: https://www.protocolo7em7.com.br.hackeandoansiedade.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4876 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.protocolo7em7.com.br.hackeandoansiedade.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:52 GMT
via
1.1 5d840d432727e3561fd1a3de915212ca.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
EWR53-C2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 12 Aug 2022 08:16:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rEQkUpks%2F3FnKE7Oijovc7YRiHuSxqsp3jnYY%2BACf42QuB%2BECr79WznJNwosa4X9CRpjarr6FA5O4B49pdKKS%2Btb9sUUyZhrUBEifB8LKtVwftJR1H0q5yAx9Z1AkahrY%2BpZbqlIE2uin8iS0rE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
7397c57aab854bbe-YUL
x-amz-cf-id
AKQe_U1yTKBt1gos9JgvQxinyTjpitFkmLqkh-wwnoObYuq7w3KR6g==
xbfcSF6363937.png
img.imageboss.me/atm/cdn/u/JptmQ7vAE0TMgyM2GFsSpQU4L6Z2/l/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.imageboss.me/atm/cdn/u/JptmQ7vAE0TMgyM2GFsSpQU4L6Z2/l/xbfcSF6363937.png
Requested by
Host: www.protocolo7em7.com.br.hackeandoansiedade.space
URL: https://www.protocolo7em7.com.br.hackeandoansiedade.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4876 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.protocolo7em7.com.br.hackeandoansiedade.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:52 GMT
via
1.1 dee6858c751ff64f8ae28f155bee69b2.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
EWR53-C2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14176
last-modified
Fri, 12 Aug 2022 08:16:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYRGU%2BAbsGBysIk7HKV2jKtDnWH7pQ2ByZT%2FmCf8a7iolc68vCGx4n5meDJdvDsKZThTDwtKbQ%2F82thcdCnTPoh3jlkWRcJuxxyRo%2F6dehUvjeQLXTY422O04WkRv5bL8%2BRWLtJZwpY4qLCeios%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
7397c57aab874bbe-YUL
x-amz-cf-id
R2J81iWCnkjY6Lpd81XNPjRjcRf7LapU-0mfxLDeMBxIyjIbOKqfjA==
disable-devtool.min.js
fastly.jsdelivr.net/npm/disable-devtool/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fastly.jsdelivr.net/npm/disable-devtool/disable-devtool.min.js
Requested by
Host: www.protocolo7em7.com.br.hackeandoansiedade.space
URL: https://www.protocolo7em7.com.br.hackeandoansiedade.space/js/pbtRLP7329174.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.protocolo7em7.com.br.hackeandoansiedade.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
16009
x-jsd-version
0.2.5
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4567
etag
W/"2c15-EJyph8sVL3ZFjAh+jL0yI7mKYlk"
x-served-by
cache-fra19134-FRA, cache-yul12831-YUL
x-jsd-version-type
version
date
Fri, 12 Aug 2022 08:16:52 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
Primary Request melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
glamour.globo.com/lifestyle/noticia/2019/12/ 		567 KB
130 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Requested by
Host: www.protocolo7em7.com.br.hackeandoansiedade.space
URL: https://www.protocolo7em7.com.br.hackeandoansiedade.space/js/pbtRLP7329174.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
201.7.177.243 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
a791e3423749b4eb5b64a0f6820d326528860f99275d362669d15f6fe6977d9b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.protocolo7em7.com.br.hackeandoansiedade.space/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=10
content-encoding
gzip
content-length
131959
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 12 Aug 2022 08:16:53 GMT
expires
Fri, 12 Aug 2022 08:17:03 GMT
show-page-version
0
vary
X-Forwarded-Proto, Accept-Encoding, User-Agent, Wall-Subscription-Level, Origin
via
2.0 CachOS
wall-blocked-session
0
wall-subscription-level
0
wall-usl-status
x-bip
31438675 wall 15
x-cache-status
MISS
x-content-type-options
nosniff
x-mobile
desktop
x-request-id
591c0b37-d897-48be-9f40-a8f3699a04bd
x-served-from
Show-Bypass, Show Services GCP
x-thanos
0A81DC47
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&family=Roboto:wght@400;500;600;700;800&family=Montserrat:wght@400;500;600;700;800&display=swap
Requested by
Host: www.protocolo7em7.com.br.hackeandoansiedade.space
URL: https://www.protocolo7em7.com.br.hackeandoansiedade.space/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.protocolo7em7.com.br.hackeandoansiedade.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 08:16:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 12 Aug 2022 08:16:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Aug 2022 08:16:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&family=Roboto:wght@400;500;600;700;800&family=Montserrat:wght@400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.protocolo7em7.com.br.hackeandoansiedade.space
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 19:35:49 GMT
x-content-type-options
nosniff
age
132064
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Aug 2023 19:35:49 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&family=Roboto:wght@400;500;600;700;800&family=Montserrat:wght@400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.protocolo7em7.com.br.hackeandoansiedade.space
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 07:12:27 GMT
x-content-type-options
nosniff
age
263066
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Aug 2023 07:12:27 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&family=Roboto:wght@400;500;600;700;800&family=Montserrat:wght@400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.protocolo7em7.com.br.hackeandoansiedade.space
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 05:50:56 GMT
x-content-type-options
nosniff
age
267957
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Aug 2023 05:50:56 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&family=Roboto:wght@400;500;600;700;800&family=Montserrat:wght@400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.protocolo7em7.com.br.hackeandoansiedade.space
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 19:31:57 GMT
x-content-type-options
nosniff
age
132296
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Aug 2023 19:31:57 GMT
bold.woff2
s3.glbimg.com/cdn/fonts/opensans/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/bold.woff2
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
c7c63b43903d698f7c8b28360ce19c81b574db3288a8db01a29ac72ffba1327b

Request headers

Referer
https://glamour.globo.com/
Origin
https://glamour.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:54 GMT
x-openstack-request-id
tx6046ff5699674c6b8c50b-0061ba7764
last-modified
Tue, 25 Jun 2019 17:35:22 GMT
x-thanos
0AB24044
etag
8593a5a07cf620d4512fcb71cbcd07a6
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
cache-control
public, max-age=31536000
content-length
10284
accept-ranges
bytes
x-trans-id
tx6046ff5699674c6b8c50b-0061ba7764
x-request-id
b97c14a5-eac4-4920-b049-c4271a1bd0a2
x-timestamp
1561484121.35690
semibold.woff2
s3.glbimg.com/cdn/fonts/opensans/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/semibold.woff2
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
3211f0105eedb5873f087c4d715050124d6891cd2746f9e28b78759a80a818ca

Request headers

Referer
https://glamour.globo.com/
Origin
https://glamour.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:54 GMT
x-openstack-request-id
tx7634d3bd59db4c368c226-0061ba7763
last-modified
Tue, 25 Jun 2019 17:36:47 GMT
x-thanos
0AB24044
etag
365c53275ca5dad1584b7e0bd3a46c1e
vary
Accept-Encoding, Origin
content-type
application/font-woff2
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
cache-control
public, max-age=31536000
content-length
16172
accept-ranges
bytes
x-trans-id
tx7634d3bd59db4c368c226-0061ba7763
x-request-id
115ba471-8f40-45b9-a41b-b6b3b11e0dfd
x-timestamp
1561484206.27623
regular.woff2
s3.glbimg.com/cdn/fonts/opensans/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/regular.woff2
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7

Request headers

Referer
https://glamour.globo.com/
Origin
https://glamour.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:54 GMT
x-openstack-request-id
tx30a175daf3514cd5a66e3-0061ba7763
last-modified
Tue, 25 Jun 2019 17:36:35 GMT
x-thanos
0AB24044
etag
4124088fdd8c315a6d096b65b6cbf428
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
cache-control
public, max-age=31536000
content-length
10352
accept-ranges
bytes
x-trans-id
tx30a175daf3514cd5a66e3-0061ba7763
x-request-id
9bb3c6e0-ddd4-4bf3-9621-f27906dbf832
x-timestamp
1561484194.26376
light.woff2
s3.glbimg.com/cdn/fonts/opensans/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/light.woff2
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
a51690a59260fd30a04d20955e8e5432f7f05f90c13f04c953789d67548a66b8

Request headers

Referer
https://glamour.globo.com/
Origin
https://glamour.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:54 GMT
x-openstack-request-id
tx8fc92ac0b1b840909dec4-0061ba7764
last-modified
Tue, 25 Jun 2019 17:36:08 GMT
x-thanos
0AB24044
etag
98b6233d6ac91b3538d60fee0ce3393b
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
cache-control
public, max-age=31536000
content-length
10200
accept-ranges
bytes
x-trans-id
tx8fc92ac0b1b840909dec4-0061ba7764
x-request-id
d132af81-fe9f-4194-bff1-31d5b2e655be
x-timestamp
1561484167.30297
css2
fonts.googleapis.com/ 		22 KB
867 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Fraunces:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4a6b3d1991c4420dbb00831149756c1f8915ea0b1a62f4a54b42a8bd14416f32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 08:16:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 12 Aug 2022 08:16:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Aug 2022 08:16:53 GMT
v0.js
cdn.ampproject.org/ 		276 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9037edfb627bfd8802749b9afcc888ab9655a0859d4523835ec9263fd231e71
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72684
x-xss-protection
0
server
sffe
date
Fri, 12 Aug 2022 08:16:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"71cd8cbf65a5959f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 12 Aug 2022 08:16:53 GMT
utag.js
tags.tiqcdn.com/utag/globo/editora/prod/ 		233 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.216.220 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-220.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cdfe741e06acc6f308baeb84ef8f48866952d725de44e936e83bc24da308bbb0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:54 GMT
content-encoding
gzip
last-modified
Thu, 11 Aug 2022 17:24:01 GMT
server
AkamaiNetStorage
etag
"2243327b74a5e9f8caef0aa20a86ef57:1660238641.022158"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
expires
Fri, 12 Aug 2022 08:21:54 GMT
amp-social-share-0.1.js
cdn.ampproject.org/v0/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-social-share-0.1.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19e63d8365777324534181a2ca86959066ca42b0181944be1b81e508634536cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4791
x-xss-protection
0
server
sffe
date
Fri, 12 Aug 2022 08:16:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"939c476caa5d9a47"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 12 Aug 2022 08:16:53 GMT
amp-timeago-0.1.js
cdn.ampproject.org/v0/ 		37 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-timeago-0.1.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d2f0a1449cd6c28ffb0cba89d697e277ae2d14a789da8315e68c1a10cbb5b1b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9133
x-xss-protection
0
server
sffe
date
Fri, 12 Aug 2022 08:16:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"020246e935b47cdb"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 12 Aug 2022 08:16:53 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/v0/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-fit-text-0.1.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc6784a95bd4cc5589958d08e9fa305dae4d8892939d111e47a741722de2d8e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2514
x-xss-protection
0
server
sffe
date
Fri, 12 Aug 2022 08:16:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"457b1cd7d0b92514"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 12 Aug 2022 08:16:53 GMT
amp-bind-0.1.js
cdn.ampproject.org/v0/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-bind-0.1.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb4b6da30761816b59b7b0412562666f4d6763dfb4e59631f87820900fa52257
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16261
x-xss-protection
0
server
sffe
date
Fri, 12 Aug 2022 08:16:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"1756fe3e8925629b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 12 Aug 2022 08:16:53 GMT
amp-lightbox-gallery-0.1.js
cdn.ampproject.org/v0/ 		65 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-lightbox-gallery-0.1.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e145d4238be974c60f1056d98515e6d550f962fcd64cca7f7cf57db1e38fcea
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18991
x-xss-protection
0
server
sffe
date
Fri, 12 Aug 2022 08:16:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"7193a7f179d50bae"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 12 Aug 2022 08:16:53 GMT
amp-carousel-0.1.js
cdn.ampproject.org/v0/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-carousel-0.1.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62b011dddfa5f0584304df4f970b26af98f0adc6c4d8096cb0d87dd2abf9c787
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11540
x-xss-protection
0
server
sffe
date
Fri, 12 Aug 2022 08:16:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"d429736a89112d32"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 12 Aug 2022 08:16:53 GMT
amp-video-0.1.js
cdn.ampproject.org/v0/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-video-0.1.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32c59cb27a0cd35cf15d60b56fa55495811af9b5fc8fc99c7d2e086a9e3a59b7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15852
x-xss-protection
0
server
sffe
date
Fri, 12 Aug 2022 08:16:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"5533dc4e6e1101ce"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 12 Aug 2022 08:16:53 GMT
/
fonts.gstatic.com/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
css2
fonts.googleapis.com/ 		7 KB
618 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&display=swap
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
45e78216d62e7ef2a2c7d0bda526ddfb789444fb8a986b024d059373acb27c16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 07:15:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 12 Aug 2022 08:16:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Aug 2022 08:16:53 GMT
css2
fonts.googleapis.com/ 		3 KB
601 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Merriweather:wght@400;500;600;700&display=swap
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
59119d769463d6328c2791982090c033babaffd946a3616d3291db1bf6053fd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 08:16:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 12 Aug 2022 08:16:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Aug 2022 08:16:53 GMT
semibold.woff
s3.glbimg.com/cdn/fonts/opensans/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/semibold.woff
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
8deaf2f6487d8023283092a123cfe4c67b0d340dc59d94cf1c8abb57ff9ef2c7

Request headers

Referer
https://glamour.globo.com/
Origin
https://glamour.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:54 GMT
content-encoding
gzip
x-openstack-request-id
tx5a5029f0a9f341ef95476-0061ba7763
last-modified
Tue, 25 Jun 2019 17:36:43 GMT
x-thanos
0AB24044
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
*
x-timestamp
1561484202.97777
cache-control
public, max-age=31536000
x-trans-id
tx5a5029f0a9f341ef95476-0061ba7763
x-request-id
29f3db37-461e-4db9-85d9-58db165bd22b
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
semibold.ttf
s3.glbimg.com/cdn/fonts/opensans/ 		33 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/semibold.ttf
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
d717975fbc6815f9c86e4c87154a8e2249ec957687ff8477bb649b318c2fdd3a

Request headers

Referer
https://glamour.globo.com/
Origin
https://glamour.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:54 GMT
content-encoding
gzip
x-openstack-request-id
tx38efe3715aa8487e92108-00624ecd77
last-modified
Tue, 25 Jun 2019 17:36:40 GMT
x-thanos
0AB24044
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
*
x-timestamp
1561484199.01950
cache-control
public, max-age=31536000
x-trans-id
tx38efe3715aa8487e92108-00624ecd77
x-request-id
5fb1f768-8d49-4d76-a64e-f2ef249e3ce7
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
bold-webfont.woff2
s3.glbimg.com/cdn/fonts/proximanova/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/proximanova/bold-webfont.woff2
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
f40f5aae5f579b100046297556b20241064b7df6f453768a2c45448b99faf40d

Request headers

Referer
https://glamour.globo.com/
Origin
https://glamour.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:54 GMT
x-openstack-request-id
tx6660b07de200455f80980-0061ba7763
last-modified
Tue, 25 Jun 2019 17:41:50 GMT
x-thanos
0AB24044
etag
41d742c099d20517e060c4cd172c8891
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
cache-control
public, max-age=31536000
content-length
20968
accept-ranges
bytes
x-trans-id
tx6660b07de200455f80980-0061ba7763
x-request-id
b4df5080-0dee-4eb3-bbad-e828833095f3
x-timestamp
1561484509.26263
bold-webfont.woff
s3.glbimg.com/cdn/fonts/proximanova/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/proximanova/bold-webfont.woff
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
badff47be54c7116a014bab6ea632fee2dc666bb624cc7eacc84c3a4440b2e34

Request headers

Referer
https://glamour.globo.com/
Origin
https://glamour.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:54 GMT
x-openstack-request-id
tx0f13e90993a6420091806-0061ba7763
last-modified
Tue, 25 Jun 2019 17:41:45 GMT
x-thanos
0AB24044
etag
64ac44e2c8bd748dae65ce93d981eedf
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
cache-control
public, max-age=31536000
content-length
27248
accept-ranges
bytes
x-trans-id
tx0f13e90993a6420091806-0061ba7763
x-request-id
257ae0e3-0f29-44fc-9eee-8774d77a90d7
x-timestamp
1561484504.80684
bold-webfont.ttf
s3.glbimg.com/cdn/fonts/proximanova/ 		51 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/proximanova/bold-webfont.ttf
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
e7c9882961051fe8f15077a313665ba24be998f20295f96c76c0998a0e4ce59c

Request headers

Referer
https://glamour.globo.com/
Origin
https://glamour.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:54 GMT
x-openstack-request-id
tx1b0e36d0f68c457c8bcae-0061ba7763
last-modified
Tue, 25 Jun 2019 17:40:05 GMT
x-thanos
0AB24044
etag
dffe32cf44fbd4ca04391bc135b51365
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
cache-control
public, max-age=31536000
content-length
52180
accept-ranges
bytes
x-trans-id
tx1b0e36d0f68c457c8bcae-0061ba7763
x-request-id
ad30ea64-4697-47b1-a5c0-d6b71499d04f
x-timestamp
1561484404.75780
6NUu8FyLNQOQZAnv9bYEvDiIdE9Ea92uemAk_WBq8U_9v0c2Wa0K7iN7hzFUPJH58nib14c7qv8.woff2
fonts.gstatic.com/s/fraunces/v23/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/fraunces/v23/6NUu8FyLNQOQZAnv9bYEvDiIdE9Ea92uemAk_WBq8U_9v0c2Wa0K7iN7hzFUPJH58nib14c7qv8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fraunces:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94b62cbcd95b49b979fd6ad3e041290f25a6f5f66d924d00c8586237f279e672
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://glamour.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 06 Aug 2022 21:51:16 GMT
x-content-type-options
nosniff
age
469537
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36092
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:25:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Aug 2023 21:51:16 GMT
2019-12-02-melhores-memes-de-2019-11.jpg
s2.glbimg.com/61nSohZKRoahuCbd6WrblWe-MHA=/0x0:607x573/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2021/H/v/UxuVO2S9OWQxqj8R4ciQ/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/61nSohZKRoahuCbd6WrblWe-MHA=/0x0:607x573/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2021/H/v/UxuVO2S9OWQxqj8R4ciQ/2019-12-02-melhores-memes-de-2019-11.jpg
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
d4403ebd9944483d11101b07509dd5256e8d243ffb5a2d1c1337675085469edc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:54 GMT
via
2.0 CachOS
x-bip
73367557 ra03 11 05
age
34701
etag
"81877475607ec033950c61b4acec05b31df82170"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB1D009
access-control-allow-headers
Content-Type
content-length
51590
x-request-id
b4034d4a-23ce-4a55-b163-781d0c06b367
expires
Sat, 10 Sep 2022 21:53:39 GMT
item
recomendacao.globo.com/rec/v2/ 		29 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://recomendacao.globo.com/rec/v2/item?client_id=glamour&url=https%3A//glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&content_id=POST-TOP-24H&page=1&limit=10&photo_size=540x304/top/smart,810x456/top/smart,1080x608/top/smart&callback=bstn.cb.recommendationFirstFetch
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
131.0.25.26 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
131.0.25-26.prt.globo.com
Software
/
Resource Hash
b1fbea1e5a850c6e6f51d87f4321ae2af590c9a9ac53f7630ba3b1b071e2fcdc
Security Headers
Name Value
Strict-Transport-Security max-age=60

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:54 GMT
content-encoding
gzip
strict-transport-security
max-age=60
content-type
application/javascript;charset=utf-8
cache-control
max-age=600
content-length
5418
x-request-id
867c107e-c20e-4bba-8971-4a51955e81c1
expires
Fri, 12 Aug 2022 08:26:54 GMT
bastian-2021099fb8ce3b8dcf6be340411cb66f15f8d8.js
s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/ 		220 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-2021099fb8ce3b8dcf6be340411cb66f15f8d8.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
e8ac19d15945d11645cc68623bae41ca14067a00557eb3a849dbb41c38d96a4c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:54 GMT
content-encoding
gzip
x-openstack-request-id
tx17e5c57543b74bf080e09-0062d1a8cc
last-modified
Thu, 09 Sep 2021 11:10:03 GMT
x-thanos
0AB24044
vary
Accept-Encoding, Origin
content-type
application/javascript
x-timestamp
1631185802.53517
cache-control
public, max-age=2592000
x-trans-id
tx17e5c57543b74bf080e09-0062d1a8cc
x-request-id
fcf74faa-4874-40f0-ab51-d22509ad4552
47450872-bfd4-4cce-b8c4-92f361da2546.js
s3.glbimg.com/v1/AUTH_c631e406debd4c4fac98a09d48dc17d1/bastian-post/prod/glamour/6218c57c-857b-405e-90d7-c68be8206556/ 		50 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_c631e406debd4c4fac98a09d48dc17d1/bastian-post/prod/glamour/6218c57c-857b-405e-90d7-c68be8206556/47450872-bfd4-4cce-b8c4-92f361da2546.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
2f805f242affa5de478343055a8e0a2e449b4f7f7e62049626482ee35fd0d029

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:54 GMT
content-encoding
gzip
x-openstack-request-id
tx241120f835d34d5ea87ac-0062f60bd3
last-modified
Mon, 13 Dec 2021 14:36:21 GMT
x-thanos
0AB24044
vary
Accept-Encoding, Origin
content-type
application/javascript
x-timestamp
1639406180.56083
cache-control
public, max-age=180
x-trans-id
tx241120f835d34d5ea87ac-0062f60bd3
x-request-id
926f1d09-a5ae-48a2-8624-892fc7c01e11
47450872-bfd4-4cce-b8c4-92f361da2546.css
s3.glbimg.com/v1/AUTH_c631e406debd4c4fac98a09d48dc17d1/bastian-post/prod/glamour/6218c57c-857b-405e-90d7-c68be8206556/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_c631e406debd4c4fac98a09d48dc17d1/bastian-post/prod/glamour/6218c57c-857b-405e-90d7-c68be8206556/47450872-bfd4-4cce-b8c4-92f361da2546.css
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
509ef6cbf39ac9f7498c733a3b4699bfa113ff0ec1950f2d72245a52fc8039b6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:54 GMT
content-encoding
gzip
x-openstack-request-id
tx76e7cd2d2d9345d7949b0-0062f60bd2
last-modified
Mon, 13 Dec 2021 14:36:26 GMT
x-thanos
0AB24044
vary
Accept-Encoding, Origin
content-type
text/css; charset=utf-8
x-timestamp
1639406185.82554
cache-control
public, max-age=180
x-trans-id
tx76e7cd2d2d9345d7949b0-0062f60bd2
x-request-id
32dc4bc5-112b-42e9-80e8-0c0ba89c3106
api.min.js
p.glbimg.com/api/stable/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.glbimg.com/api/stable/api.min.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
97b81651ac630805fe9f93b8a9481cc286ddb6240b3964a647371f01bca28641
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-bip
68839034 ra09 20 07
age
767
content-length
13484
x-xss-protection
1; mode=block
x-request-id
704b934e-5d0b-4452-907b-60f38180c9b5
last-modified
Thu, 04 Nov 2021 17:23:50 GMT
x-thanos
0AB4D01B
etag
W/"61841726-9496"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
via
2.0 CachOS
cache-control
max-age=3600
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Fri, 12 Aug 2022 09:04:06 GMT
barra-globocom.min.css
s.glbimg.com/gl/ba/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/gl/ba/css/barra-globocom.min.css
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
e8a63752f7a4867483d3a66bb10da00f7048e9285b960bbf9e9d57713940dedb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-bip
73766480 ra09 20 08
age
683
content-length
4812
x-xss-protection
1; mode=block
x-request-id
11af7416-33b4-4df7-bfb9-fbcd49c835f0
last-modified
Wed, 29 Jun 2022 14:22:39 GMT
x-thanos
0AB4D01C
etag
W/"62bc602f-5248"
vary
Accept-Encoding, Origin
content-type
text/css
via
2.0 CachOS
cache-control
max-age=3600
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Fri, 12 Aug 2022 09:05:31 GMT
barra-globocom.min.js
s.glbimg.com/gl/ba/js/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/gl/ba/js/barra-globocom.min.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
02aa6ae7ef651439e9782b49b7b3ae86c88eb6e55b501437d16db2521b3e8de8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-bip
71615209 ra09 20 08
age
683
content-length
11882
x-xss-protection
1; mode=block
x-request-id
b230ac5b-2447-438d-b47e-996b49afdc4d
last-modified
Wed, 29 Jun 2022 14:22:39 GMT
x-thanos
0AB4D01C
etag
W/"62bc602f-80f4"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
via
2.0 CachOS
cache-control
max-age=3600
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Fri, 12 Aug 2022 09:05:30 GMT
2019-12-02-melhores-memes-de-2019-4.jpg
s2.glbimg.com/kX2fMOwHAQiE9JwYb2-95GzT2Jo=/0x0:607x607/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2021/a/8/FM8RP0S92SHW9Bzm5MYA/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/kX2fMOwHAQiE9JwYb2-95GzT2Jo=/0x0:607x607/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2021/a/8/FM8RP0S92SHW9Bzm5MYA/2019-12-02-melhores-memes-de-2019-4.jpg
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
f3402616df5b5f133e7f53c505699763f7fe71ea699559ad6e3cd063e221e591

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:54 GMT
via
2.0 CachOS
x-bip
71871239 ra03 11 05
age
107486
etag
"ca01da25581de2dd23e2e4af38f88bd5b4bc50a7"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB1D009
access-control-allow-headers
Content-Type
content-length
26866
x-request-id
448c637e-e2d0-424d-b2c7-761c9586c684
expires
Sat, 10 Sep 2022 00:28:41 GMT
2019-12-02-melhores-memes-de-2019-8.jpg
s2.glbimg.com/L3eufFgtY5u82lT_IIM-S_uHksg=/0x0:607x607/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2021/W/6/SliqaKQeWAMwHU9L6YNQ/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/L3eufFgtY5u82lT_IIM-S_uHksg=/0x0:607x607/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2021/W/6/SliqaKQeWAMwHU9L6YNQ/2019-12-02-melhores-memes-de-2019-8.jpg
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
780bab12ced7ead32f27db489d2a8f839fcc7a4ac9934414107513deca85bf85

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:54 GMT
via
2.0 CachOS
x-bip
68703406 ra03 11 05
age
101421
etag
"6ad8fdafba19039af671f2624c1eea0d2727b0e7"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB1D009
access-control-allow-headers
Content-Type
content-length
39428
x-request-id
6d1558c1-4ec2-431b-a2b1-371c1da44a8d
expires
Sat, 10 Sep 2022 02:53:16 GMT
bastian-202109ed66cd6dd5dbf855e6dd3aa92e287555.rest.css
s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/ 		31 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-202109ed66cd6dd5dbf855e6dd3aa92e287555.rest.css
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
2c27422a0b3735d52a4c541699b72416882ff32d3c7412b93be275d6803b5bf3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:54 GMT
content-encoding
gzip
x-openstack-request-id
tx5cefd4aa76a34e268334e-0062d1a8ce
last-modified
Thu, 09 Sep 2021 11:10:05 GMT
x-thanos
0AB24044
vary
Accept-Encoding, Origin
content-type
text/css
x-timestamp
1631185804.28317
cache-control
public, max-age=2592000
x-trans-id
tx5cefd4aa76a34e268334e-0062d1a8ce
x-request-id
b80974b3-85d2-4cc4-84ca-053dc4649389
truncated
/ 		727 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3945a98e43cd2167bfa9e8385ffa54335b9a393fa66af78f9b9deba11bd87470

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		738 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03bd05cfb6d0789c54678927cfbd8d3ab3c9b721cee69b3dec80dc9c521149dc

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f1e7751de7211682870afa390d8383cddbf7845eb9d83b700752bc26602a782

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		704 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c22597aa3feb104000e18b6426425e8a6a941663f489739d4e0f2aa7abc1905

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
jquery.min.js
s3.glbimg.com/cdn/libs/jquery/1.8.3/ 		91 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

Referer
https://glamour.globo.com/
Origin
https://glamour.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:54 GMT
content-encoding
gzip
x-openstack-request-id
txaebbbf50ec684665b3c41-00629a1c7c
last-modified
Tue, 09 Oct 2018 19:06:54 GMT
x-thanos
0AB24044
vary
Accept-Encoding, Origin
content-type
application/javascript
access-control-allow-origin
*
x-timestamp
1539112013.52960
cache-control
max-age=31536000
x-trans-id
txaebbbf50ec684665b3c41-00629a1c7c
x-request-id
6de942ca-4bb9-460c-bbba-607e7d81ea04
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
1aa2241f8aedf804f59cfeb4a5846422.js
s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/ 		286 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/1aa2241f8aedf804f59cfeb4a5846422.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
fb22014695a5f5bdc5c00620f486206901b0eca5086df694b06c501e0b56757d

Request headers

Referer
https://glamour.globo.com/
Origin
https://glamour.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:54 GMT
content-encoding
gzip
x-openstack-request-id
tx320cc545ed504d57aa405-0062f600b2
x-trans-id
tx320cc545ed504d57aa405-0062f600b2
content-length
96688
x-request-id
7bc98abe-2861-46c0-b234-20f32cb412be
last-modified
Fri, 03 Jun 2022 18:00:56 GMT
x-thanos
0AB24044
etag
bc4071f2304e4117e1942da2a26c16c3
vary
Accept-Encoding, Origin
content-type
text/javascript
access-control-allow-origin
*
x-timestamp
1654279255.75493
cache-control
public, max-age=3600
accept-ranges
bytes
access-control-expose-headers
x-object-meta-cache-control, content-language, cache-control, expires, last-modified, etag, x-timestamp, pragma, x-trans-id, x-container-meta-cache-control, content-type, x-openstack-request-id, authorization
settings.min.js
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/settings/stable/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/settings/stable/settings.min.js
Requested by
Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
61577749b4423c492bfe2f3bfff475e3397fb3738794c289f783be6b03457194

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:54 GMT
content-encoding
gzip
x-openstack-request-id
txbb6b1635fe174a52bb98e-0062f606d1
last-modified
Wed, 22 Jun 2022 17:30:21 GMT
x-thanos
0AB24044
vary
Accept-Encoding, Origin
x-object-meta-mtime
1651581775.000000
x-timestamp
1655919020.49545
cache-control
public, max-age=3600
content-type
application/javascript
x-trans-id
txbb6b1635fe174a52bb98e-0062f606d1
x-request-id
5def12f8-a63b-49fe-88a6-4a4b7f23c3f3
3f8d3ecef466141cc689f2c328647ec5.css
s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3f8d3ecef466141cc689f2c328647ec5.css
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
d342081333ea08ed17938ded78539131f5393b1d6a5155e3cabd86fb4393691f

Request headers

Referer
https://glamour.globo.com/
Origin
https://glamour.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:54 GMT
content-encoding
gzip
x-openstack-request-id
txa54488a2b20f485aa079c-0062ed448d
x-trans-id
txa54488a2b20f485aa079c-0062ed448d
content-length
1400
x-request-id
c9a76ea5-8005-47e5-8b2b-8f89e5039faf
last-modified
Fri, 22 Jul 2022 16:14:39 GMT
x-thanos
0AB24044
etag
face5f8b8da23afc6c4d41d73d5a85f9
vary
Accept-Encoding, Origin
content-type
text/css
access-control-allow-origin
*
x-timestamp
1658506478.61712
cache-control
public, max-age=604800
accept-ranges
bytes
access-control-expose-headers
x-object-meta-cache-control, content-language, cache-control, expires, last-modified, etag, x-timestamp, pragma, x-trans-id, x-container-meta-cache-control, content-type, x-openstack-request-id, authorization
truncated
/ 		203 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc3e891ad0d8075876d0f7572482f1f249345583b89459f485e59299931bc99d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		204 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02f70f4d57c4052c276b262f5d5b72135ed3238aa4936dd368e3e1534eb6e8fb

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		436 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93f45bd0df53776d65c03af696f72e8857a3049863b07852ba2998ecce3160a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		507 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2faeb72dc6c6dd034ad0fe3a1326105213eb42cc9fdde9560f645ee2dd1c4c2c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
opensans-light-webfont.woff
s.glbimg.com/gl/ba/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/gl/ba/fonts/opensans-light-webfont.woff
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
dea42e0f179347a75dd9fa41636bd1fa1ae92397bcde89a1389eeb8c0ace0fca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://glamour.globo.com/
Origin
https://glamour.globo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
via
2.0 CachOS
x-content-type-options
nosniff
x-bip
102505239 ra02 01 07
age
116476
content-length
20184
x-xss-protection
1; mode=block
x-request-id
f843fded-25b5-4daa-870c-420e524b0d35
last-modified
Wed, 29 Jun 2022 14:22:41 GMT
x-thanos
0AB15009
etag
"62bc6031-4ed8"
vary
Origin
content-type
application/x-font-woff
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Wed, 17 Aug 2022 23:55:38 GMT
login-callback.ghtml
glamour.globo.com/ Frame CC18
Redirect Chain
  • https://id.globo.com/auth/realms/globo.com/protocol/openid-connect/auth?client_id=glamour%40apps.globoid&redirect_uri=https%3A%2F%2Fglamour.globo.com%2Flogin-callback.ghtml&state=17dfd93e-78d7-46e2...
  • https://glamour.globo.com/login-callback.ghtml
345 B
799 B 		Document
General
Check archive.org
Download Go to
Full URL
https://glamour.globo.com/login-callback.ghtml
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
201.7.177.243 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
956bd91287fd5d85b711fd51418e53c6eeb3536134044ce39f67fb20938e160c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=10
content-encoding
gzip
content-length
244
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 12 Aug 2022 08:16:55 GMT
expires
Fri, 12 Aug 2022 08:17:05 GMT
show-page-version
0
vary
X-Forwarded-Proto, Accept-Encoding, User-Agent, Wall-Subscription-Level
via
2.0 CachOS
wall-blocked-session
0
wall-subscription-level
0
wall-usl-status
x-bip
31438690 wall 15
x-cache-status
HIT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-mobile
desktop
x-request-id
0064ba40-7120-499c-8287-30ee580589e4
x-served-from
Show-Bypass, Show Services GCP
x-thanos
0A81DC47
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store, must-revalidate, max-age=0
content-length
0
date
Fri, 12 Aug 2022 08:16:55 GMT
location
https://glamour.globo.com/login-callback.ghtml#error=login_required&state=17dfd93e-78d7-46e2-ae24-5b97caf1ea9c
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-content-type-options
nosniff
x-xss-protection
1; mode=block
screen-shot-2022-08-11-at-18.35.40.png
s2.glbimg.com/uWLKr-50PRI5WJ3WCuzmOV5Abhg=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2022/m/o/2C7W1iTtaq5AJkiEGjHA/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/uWLKr-50PRI5WJ3WCuzmOV5Abhg=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2022/m/o/2C7W1iTtaq5AJkiEGjHA/screen-shot-2022-08-11-at-18.35.40.png
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-2021099fb8ce3b8dcf6be340411cb66f15f8d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
c5680006a0020c286352de20225a126344eb67756e02ee08ef28f856f5749e83

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:54 GMT
via
2.0 CachOS
x-bip
70145480 ra03 11 05
age
37304
etag
"a8dacb6f154c54ae68eb96900ddc77e388861fe1"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB1D009
access-control-allow-headers
Content-Type
content-length
17646
x-request-id
41e98a98-1b36-4565-ae95-ea880b5202ec
expires
Sat, 10 Sep 2022 21:42:30 GMT
screen-shot-2022-08-11-at-16.39.41.png
s2.glbimg.com/8t6jlmirgAvgK5Gg-p4Yv8J6MqE=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2022/Z/n/1plWBbQkatGBQbB1hnsw/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/8t6jlmirgAvgK5Gg-p4Yv8J6MqE=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2022/Z/n/1plWBbQkatGBQbB1hnsw/screen-shot-2022-08-11-at-16.39.41.png
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-2021099fb8ce3b8dcf6be340411cb66f15f8d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
09d2053c4da898ebb8b692bdbea45bc2d24975fa1ba4c4f5d2cd120f27b537ef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:54 GMT
via
2.0 CachOS
x-bip
69950555 ra03 11 05
age
44648
etag
"740f5dab8cbafb8d62150b645ca54bf815fe5bf8"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB1D009
access-control-allow-headers
Content-Type
content-length
25138
x-request-id
71684683-81a0-4b68-af4f-420e4c7b78fa
expires
Sat, 10 Sep 2022 19:52:21 GMT
jamie-campbell-compara-bolsonaro-a-vilao.jpeg
s2.glbimg.com/L1KOXuYFC-WDGQ2mfTsKd8-g8F4=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2022/E/F/Mz8ATlRTak8zUX0aNcmw/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/L1KOXuYFC-WDGQ2mfTsKd8-g8F4=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2022/E/F/Mz8ATlRTak8zUX0aNcmw/jamie-campbell-compara-bolsonaro-a-vilao.jpeg
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-2021099fb8ce3b8dcf6be340411cb66f15f8d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
0d3f8f59059882d6474a602604cbd3471a1c188a868751f883fb9f72c7837224

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:54 GMT
via
2.0 CachOS
x-bip
73367564 ra03 11 05
age
20627
etag
"8a61fa1b88c492e37fda8207ccd98245d369c914"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB1D009
access-control-allow-headers
Content-Type
content-length
15754
x-request-id
aeee6ded-8716-4992-85ff-1eeb60721406
expires
Sun, 11 Sep 2022 02:18:40 GMT
screen-shot-2022-08-11-at-21.53.06.png
s2.glbimg.com/oYMqcnC2Blh_ohrrVYPVt70BZt0=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2022/w/V/LSMmDpRgaKcNSX29NF7w/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/oYMqcnC2Blh_ohrrVYPVt70BZt0=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2022/w/V/LSMmDpRgaKcNSX29NF7w/screen-shot-2022-08-11-at-21.53.06.png
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-2021099fb8ce3b8dcf6be340411cb66f15f8d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
06d345376987d7bff3531bde3c1672164d2b5280ca9d8207835597d154cf1503

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:54 GMT
via
2.0 CachOS
x-bip
68703414 ra03 11 05
age
25377
etag
"e9caa9b224af56ae72d9ab056212913ab18576bf"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB1D009
access-control-allow-headers
Content-Type
content-length
12478
x-request-id
da88f0eb-9918-44ce-bd5c-b061cc2aebed
expires
Sun, 11 Sep 2022 01:05:28 GMT
screen-shot-2022-08-11-at-21.41.24.png
s2.glbimg.com/5blC73lfpBX188yGRyqg1Ux53EQ=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2022/i/Z/XjpvniSBaNVApRWBRChA/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/5blC73lfpBX188yGRyqg1Ux53EQ=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2022/i/Z/XjpvniSBaNVApRWBRChA/screen-shot-2022-08-11-at-21.41.24.png
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-2021099fb8ce3b8dcf6be340411cb66f15f8d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
005169e1a76ad24ddf9926ea3ceec57d291e91c9b8af19beb9a81d621b2c608a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:54 GMT
via
2.0 CachOS
x-bip
69294817 ra03 11 05
age
26059
etag
"06c9687caaad6ea46ecff2a53d527501f5d8250a"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB1D009
access-control-allow-headers
Content-Type
content-length
12788
x-request-id
83fb1f02-588a-4c00-a52f-dcfbafa077de
expires
Sun, 11 Sep 2022 00:47:45 GMT
horizon-client-js.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-client-js.min.js
Requested by
Host: s.glbimg.com
URL: https://s.glbimg.com/gl/ba/js/barra-globocom.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
content-encoding
gzip
x-openstack-request-id
tx036cea43d0404d6b9cec6-0062f60bdb
last-modified
Fri, 13 Nov 2020 17:21:38 GMT
x-thanos
0AB24044
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1605288097.88717
cache-control
public, max-age=600
x-trans-id
tx036cea43d0404d6b9cec6-0062f60bdb
x-request-id
76cdc24f-0c1d-42c9-89d1-4d73f161e4b1
glb-pv-min.js
s.glbimg.com/bu/rt/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/bu/rt/js/glb-pv-min.js
Requested by
Host: s.glbimg.com
URL: https://s.glbimg.com/gl/ba/js/barra-globocom.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-bip
74154870 ra09 20 08
age
750
content-length
969
x-xss-protection
1; mode=block
x-request-id
3535850e-42e0-47f2-8793-8d288b9a9abc
last-modified
Mon, 04 Feb 2019 16:44:48 GMT
x-thanos
0AB4D01C
etag
W/"5c586c00-703"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
via
2.0 CachOS
cache-control
max-age=3600
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Fri, 12 Aug 2022 09:04:24 GMT
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6035227/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
368 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
13.224.214.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-16.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:10:18 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
398
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
content-length
0
x-amz-cf-id
WRV68rghwW61DvI5fN8lqwZDhDU9sYNKwoub61QByQD80LsdQyqr0g==

Redirect headers

location
/internal-c2/default/cs.js
date
Fri, 12 Aug 2022 08:16:55 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
content-length
0
x-amz-cf-id
NnE0RNBOHWfU2f9PKIWA14n-bD5RHA5BhM5DjgJoUVbSnek58uOUyg==
x-cache
Miss from cloudfront
/
cocoon.globo.com/v2/ 		26 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cocoon.globo.com/v2/
Requested by
Host: s.glbimg.com
URL: https://s.glbimg.com/gl/ba/js/barra-globocom.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.153.86 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
86.153.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e8e49d12d085acc1fd8d7c49c729225d667eb15f10f6b89eebc8798ab3964c25

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
via
1.1 google
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
access-control-allow-methods
POST, OPTIONS
p3p
CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=6035227&ns__t=1660292214926&ns_c=UTF-8&c8=Melhores%20do%20ano%3A%20os%20memes%20mais%20engra%C3%A7ados%20de%202019%20%7C%20Lifestyle%20%7C%20Glamour&c7=ht...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=6035227&ns__t=1660292214926&ns_c=UTF-8&c8=Melhores%20do%20ano%3A%20os%20memes%20mais%20engra%C3%A7ados%20de%202019%20%7C%20Lifestyle%20%7C%20Glamour&c7=h...
43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=6035227&ns__t=1660292214926&ns_c=UTF-8&c8=Melhores%20do%20ano%3A%20os%20memes%20mais%20engra%C3%A7ados%20de%202019%20%7C%20Lifestyle%20%7C%20Glamour&c7=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&c9=https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
13.224.214.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-16.phl50.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
content-length
43
x-amz-cf-id
UlntvhbtvBVbQcJEIdFdZ82T4wITYfiZyaHf0lO2yUGbLehIHfnNsQ==
x-cache
Miss from cloudfront
content-type
image/gif

Redirect headers

location
/p2?c1=2&c2=6035227&ns__t=1660292214926&ns_c=UTF-8&c8=Melhores%20do%20ano%3A%20os%20memes%20mais%20engra%C3%A7ados%20de%202019%20%7C%20Lifestyle%20%7C%20Glamour&c7=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&c9=https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F
date
Fri, 12 Aug 2022 08:16:55 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
content-length
0
x-amz-cf-id
4JfCtbAcYlbQMYnsMKSi0bcBydqsicnRy0QHGKcz1zpzT0sMnyAbvg==
x-cache
Miss from cloudfront
selected-alternatives
globo-ab.globo.com/v2/ 		294 B
695 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://globo-ab.globo.com/v2/selected-alternatives?experiments=player-isolated-experiment-02&skipImpressions=true
Requested by
Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.215.230.239 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
239.230.215.35.bc.googleusercontent.com
Software
/
Resource Hash
2be7234b34cf2aae9acbea78c6d10c4a249bc4ea968d2db8d95df3352555cb55
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
strict-transport-security
max-age=300; includeSubDomains
trace-id
ed37e72469c49b53
access-control-allow-headers
user,User-Agent,Content-Type,GLBUID,GLBID,GLBEXP,x-client-user-agent,x-client-version,x-device-id,x-platform-id,x-canonical-uri,GLOBO_ID
horizon-pageview
horizon.globo.com/auth-session/activity/glamour/ 		0
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://horizon.globo.com/auth-session/activity/glamour/horizon-pageview?object=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&Referrer=https%253A%252F%252Fwww.protocolo7em7.com.br.hackeandoansiedade.space%252F&tags=&client_version=0.3.11
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.211.79.33 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
33.79.211.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=60

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
x-served-from
hzt-tsuru
content-length
0
strict-transport-security
max-age=60
content-type
text/plain; charset=UTF-8
tv4.min.js
s3.glbimg.com/cdn/libs/tv4/1.3.0/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/libs/tv4/1.3.0/tv4.min.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/1aa2241f8aedf804f59cfeb4a5846422.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
content-encoding
gzip
x-openstack-request-id
tx33e147beb484409984d37-00619540ba
last-modified
Fri, 25 May 2018 14:11:50 GMT
x-thanos
0AB24044
vary
Accept-Encoding, Origin
content-type
application/javascript
x-timestamp
1527257509.32548
cache-control
public, max-age=31536000
x-trans-id
tx33e147beb484409984d37-00619540ba
x-request-id
8b847568-715d-45a6-a267-2d281394503b
ww.js
cdn.ampproject.org/rtv/012207281718002/ 		51 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207281718002/ww.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e15f26e9756818be75c82a0a4098bc9f3a6652aaaaaf427d041abda9f8bea187
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
text/plain
Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
116160
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14450
x-xss-protection
0
server
sffe
date
Thu, 11 Aug 2022 00:00:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6a3275fa340d99e2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 11 Aug 2023 00:00:55 GMT
profiling.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/profiling/ 		93 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/profiling/profiling.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
192d2eb7078526e7974933da14512e5f5d64902e654d1e4ee5b421abbf169a3b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
content-encoding
gzip
x-openstack-request-id
txc2904f1585ed4f2dadae2-0062f60bf9
last-modified
Wed, 12 May 2021 17:50:53 GMT
x-thanos
0AB24044
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1620841852.71626
cache-control
public, max-age=180
x-trans-id
txc2904f1585ed4f2dadae2-0062f60bf9
x-request-id
c52273c9-2642-453c-9fa8-6f04710ad9e8
tm13574.js
tag.navdmp.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/tm13574.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1acaf1b84c7c6a5a7ae96e4b9cce92c540c0c8ebbb0e56f8ff473917e2e9a72

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Sep 2021 18:45:04 GMT
server
cloudflare
age
2287
etag
W/"6137b330-4291"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
7397c589dc9d4bd7-YUL
content-type
application/javascript
expires
Fri, 12 Aug 2022 07:44:00 GMT
sexqhznbn.js
cdn.krxd.net/controltag/ 		75 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/sexqhznbn.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d4c5d952297366d4e340d33bef112d53749ea1b14f3bc9bbbe9c8dc9d73bb354

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Fri, 12 Aug 2022 08:16:55 GMT
via
1.1 varnish, 1.1 varnish
age
306
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
20793
x-served-by
config-service-a006-ash-prod.krxd.net, cache-iad-kjyo7100101-IAD, cache-yul12824-YUL
x-response-time
0
x-do-esi
esi
x-timer
S1660292215.350416,VS0,VE0
etag
"bb2b5013e6723d132478a4ab059baadafc322579"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 5
15688_glamour.js
ads.rubiconproject.com/prebid/ 		342 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/prebid/15688_glamour.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.229.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-229-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
df2817cfb4d03ce94385daa5ef6f90a26b2781d27bd683b088791006b0dad707

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 06:41:03 GMT
server
Apache
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
100825
expires
Fri, 12 Aug 2022 10:48:48 GMT
horizon-common-hit.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
322a189a59e4c2bb88503d921a1c3335f2d02c678083ec71e78891b9a9d316f2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
content-encoding
gzip
x-openstack-request-id
txe180a1ccf6334d30a5237-0062f57280
last-modified
Tue, 26 Apr 2022 21:17:08 GMT
x-thanos
0AB24044
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1651007827.47156
cache-control
max-age=86400
x-trans-id
txe180a1ccf6334d30a5237-0062f57280
x-request-id
aad313c6-ca6d-49d0-9036-44e9a2856c95
glb-pv-min.js
s.glbimg.com/bu/rt/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/bu/rt/js/glb-pv-min.js?utv=ut4.44.201810192103
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-bip
71942435 ra09 20 08
age
751
content-length
969
x-xss-protection
1; mode=block
x-request-id
9efb5135-a557-4999-b5ce-4b765acbdcb1
last-modified
Mon, 04 Feb 2019 16:44:48 GMT
x-thanos
0AB4D01C
etag
W/"5c586c00-703"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
via
2.0 CachOS
cache-control
max-age=3600
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Fri, 12 Aug 2022 09:04:24 GMT
tiny.js
static.infoglobo.com.br/paywall/js/ 		244 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/js/tiny.js?utv=ut4.44.202112201735
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
Apache /
Resource Hash
724eafc293cd5fd2c41267fa31a29de4bf0dd79a0dc7262294ea64da51f03d77

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:16:47 GMT
Content-Encoding
gzip
Age
8
grace
none
X-Cache
HIT
Connection
Keep-Alive
Content-Length
55115
Last-Modified
Thu, 11 Aug 2022 20:00:17 GMT
Server
Apache
ETag
"a0430497-3cea8-5e5fc9d4ad640"
vary
X-Forwarded-Proto
Content-Type
text/javascript
Access-Control-Allow-Origin
*
cache-control
public, max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
X-Cache-Hits
2
api.min.js
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/api/stable/web/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/api/stable/web/api.min.js?loading-agent=global-webdeps
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
350a236162231dd999bdaec121ffa79193036e95d894ca6dd067096488d128a5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
content-encoding
gzip
x-openstack-request-id
tx51c97e58b24e4b24961c7-0062f60be0
last-modified
Wed, 22 Jun 2022 17:27:03 GMT
x-thanos
0AB24044
vary
Accept-Encoding, Origin
x-object-meta-mtime
1652878055.000000
x-timestamp
1655918822.63985
cache-control
public, max-age=3600
content-type
application/javascript
x-trans-id
tx51c97e58b24e4b24961c7-0062f60be0
x-request-id
5223f0d1-0095-4044-b9b0-3fed6253eaf5
cadun.js
s.glbimg.com/pc/ca/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/pc/ca/cadun.js?loading-agent=global-webdeps
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
9f07eb1d3485dabe204a944ab51fd4d7b4f2247c58f170714cfb40ff118af06e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-bip
71942436 ra09 20 08
age
115953
content-length
5547
x-xss-protection
1; mode=block
x-request-id
f32c4914-9913-4e45-80d5-585703fa6b40
last-modified
Wed, 27 Jan 2021 20:50:06 GMT
x-thanos
0AB4D01C
etag
W/"6011d1fe-3759"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
via
2.0 CachOS
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 18 Aug 2022 00:04:21 GMT
globo-ab.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.4.0/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.4.0/globo-ab.min.js?loading-agent=global-webdeps
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
e8bf9ccc765b5576c8b86e1f75a308e112cea4c1ead476dcf94720d10fa6fb0d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
content-encoding
gzip
x-openstack-request-id
txbfeabf6b789445f5b3510-0062f60c30
last-modified
Thu, 12 May 2022 20:00:29 GMT
x-thanos
0AB24044
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1652385628.79171
cache-control
public, max-age=180
x-trans-id
txbfeabf6b789445f5b3510-0062f60c30
x-request-id
afde3e5f-4676-46a5-8eb2-76e8ce199366
globo-ab-v2.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/globo-ab-v2.min.js?loading-agent=global-webdeps
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
60b0f8f7a630b8cf83d4c29ddd3e6e614b119208fe97a96cae6dc6311541671b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
content-encoding
gzip
x-openstack-request-id
tx9287e25ad2a740f3a3be0-0062f54247
last-modified
Wed, 24 Oct 2018 17:17:43 GMT
x-thanos
0AB24044
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1540401462.48634
cache-control
public, max-age=86400
x-trans-id
tx9287e25ad2a740f3a3be0-0062f54247
x-request-id
52e98be8-dc9e-4bec-90c2-87c9647f5c95
globo-ab.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.0/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.0/globo-ab.min.js?loading-agent=global-webdeps
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
bb396c659a45cda460f579b753cf3a53f83eb8198bd344af0a2e2d9030ef910f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
content-encoding
gzip
x-openstack-request-id
txbfb4eb5967d04a818d5fd-0062f60bc3
last-modified
Tue, 19 May 2020 15:37:59 GMT
x-thanos
0AB24044
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1589902678.74751
cache-control
public, max-age=180
x-trans-id
txbfb4eb5967d04a818d5fd-0062f60bc3
x-request-id
e1e815b0-75c9-4656-a962-ed0865934d5e
publicidade.css
s3.glbimg.com/v1/AUTH_b3eff1d540ba48dd8558daf4d094c778/assets/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_b3eff1d540ba48dd8558daf4d094c778/assets/publicidade.css
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
4e5a8df78e43e83e6ca4b7af38833a508483d29e3c5332b7dc19a0ac9b27c692

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
content-encoding
gzip
x-openstack-request-id
tx324c8ac596e94ac787acb-0062f60c21
last-modified
Tue, 12 Feb 2019 18:01:54 GMT
x-thanos
0AB24044
vary
Accept-Encoding, Origin
content-type
text/css
x-timestamp
1549994513.97827
cache-control
public, max-age=180
x-trans-id
tx324c8ac596e94ac787acb-0062f60c21
x-request-id
ec1874b3-641d-4268-b41a-f45d0c54ec4b
loader.js
cdn.taboola.com/libtrc/editoraglobonetwork/ 		628 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Requested by
Host: www.protocolo7em7.com.br.hackeandoansiedade.space
URL: https://www.protocolo7em7.com.br.hackeandoansiedade.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
763a506cb23c2a4f1bc4ddcdf66ac3a3888105d061a79df024075f1936ca60ed

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
hArcow5KZI.pjv3nXarHsl2V3gNZGdDK
content-encoding
gzip
age
0
via
1.1 varnish
x-cache
MISS
x-from-cache
1
x-envoy-upstream-service-time
10
content-length
44115
x-amz-id-2
h7VJuCSz/qgYDo3Ur3cvPyxv6jqyKdbiKeUDlqWhkb69aY/uhr02yBZQMTrUqoYhsnIfAXZRe7E=
x-served-by
cache-yul12824-YUL
last-modified
Thu, 11 Aug 2022 15:12:23 UTC
server
nginx
x-timer
S1660292215.364726,VS0,VE53
etag
"b9a393b4b7dc9e67c00b0253053f457b56af4992"
vary
Accept-Encoding, Accept-Encoding
x-amz-request-id
JZKQ8E2RJMZ7YGX6
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
date
Fri, 12 Aug 2022 08:16:55 GMT
abp
16
x-cache-hits
0
ivc.js
gadasource.storage.googleapis.com/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gadasource.storage.googleapis.com/ivc.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2010 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 07:32:54 GMT
content-encoding
gzip
age
2641
x-guploader-uploadid
ADPycds_ch4STesliM3oST2xCZn0eNyGXWWlImpHkzf0T6k1HqeiHDU5GhatdH_UoIoijOTyrK45fyfNgML28zYVmlMXLWbvxLFs
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24321
last-modified
Mon, 02 Sep 2019 19:50:51 GMT
server
UploadServer
etag
"cdaa61cbc24c48191196b45b31a7e18b"
vary
Accept-Encoding
x-goog-hash
crc32c=okr5pw==, md5=zaphy8JMSBkRlrRbMafhiw==
x-goog-generation
1567453851562424
cache-control
public, max-age=3600
x-goog-stored-content-length
24321
accept-ranges
bytes
content-type
text/plain
expires
Fri, 12 Aug 2022 08:32:54 GMT
/
usergate.globo.com/ 		28 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://usergate.globo.com/
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.198.44.170 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
170.44.198.35.bc.googleusercontent.com
Software
/
Resource Hash
d417f2a8969ee12d9da170e14e2adfb981dc5ac544221efbf318a4ff938c54ca

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
access-control-allow-headers
User-Agent,Content-Type,Cookie,X-App,GLBID,GST
7fc0660f-f6c7-4251-8b53-db01a1ef6d46
https://glamour.globo.com/ 		51 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://glamour.globo.com/7fc0660f-f6c7-4251-8b53-db01a1ef6d46
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dcd5b9a91e8e19b305fbbe3a2feca57e21d63b91dbe5949929b52a38f5435bd2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
52088
Content-Type
text/javascript
usr
usr.navdmp.com/ 		77 B
287 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usr.navdmp.com/usr?v=7&acc=13574&upd=1&new=1&wst=0&wct=1&wla=1&dsy=0
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43977bc41ef9da8273e34586920994a653514ac1801284fbc0e8ded13a5a7247

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
public
date
Fri, 12 Aug 2022 08:16:55 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
7397c58a5cf24bd7-YUL
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
content-type
application/javascript
expires
Fri, 12 Aug 2022 09:16:55 GMT
callback.min.js
s3.glbimg.com/v1/AUTH_05f06ca986b54d6e9c5df94927ccf7fc/libs/globoid-js/prod/ Frame CC18 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_05f06ca986b54d6e9c5df94927ccf7fc/libs/globoid-js/prod/callback.min.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/login-callback.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
b9f6160b7ea7d0645d6201d24919b7289061f8d021e3c245ad5dd7b00ec66ff2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
content-encoding
gzip
x-openstack-request-id
txc7cacab1ee9d4bf98f503-0062f60c28
last-modified
Thu, 01 Apr 2021 19:16:32 GMT
x-thanos
0AB24044
vary
Accept-Encoding, Origin
content-type
text/html
x-timestamp
1617304591.88878
cache-control
public, max-age=180
x-trans-id
txc7cacab1ee9d4bf98f503-0062f60c28
x-request-id
a53b5c8b-0e8d-4aa2-9f33-2bb5281327c2
controltag.js.387e8802bbd0d9fbfa52c1546d7297df
cdn.krxd.net/ctjs/ 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sexqhznbn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d1872ace7c3af8a214bec239d58ad3d4f3e0d5eee7a18bb416aa9cd28fff233d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Fri, 12 Aug 2022 08:16:55 GMT
content-encoding
gzip
age
9168264
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
537432
content-length
84742
x-served-by
cache-yul12824-YUL
last-modified
Thu, 28 Apr 2022 05:17:05 GMT
x-timer
S1660292215.368391,VS0,VE0
etag
"387e8802bbd0d9fbfa52c1546d7297df"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Sun, 25 Apr 2032 05:17:04 GMT
schemas
horizon-schemas.globo.com/ 		131 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://horizon-schemas.globo.com/schemas
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/1aa2241f8aedf804f59cfeb4a5846422.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.81.117 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-81-117.prt.globo.com
Software
/
Resource Hash
742d62cba6fc55f840fe34fccbd7e4b4dce2f281af618251c4e24490f12e4722
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-bip
209183251 ra09 20 15
age
7116
vary
X-Forwarded-Proto, Accept-Encoding, Origin
content-length
12277
x-xss-protection
1; mode=block
x-request-id
36f71788-31d2-4045-a6d3-962f0e9e4383
access-control-allow-origin
https://glamour.globo.com
x-thanos
0AB4D022
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/json; charset=UTF-8
via
2.0 CachOS
cache-control
max-age=7200, public
accept-ranges
bytes
proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame 2E52 		805 B
827 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
37142736
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
525
content-type
text/html
date
Fri, 12 Aug 2022 08:16:55 GMT
etag
"3d2100fd7107262ecb55ce6847f01fa5"
expires
Fri, 19 Feb 2027 17:50:50 GMT
last-modified
Tue, 21 Feb 2017 17:50:54 GMT
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
169322
x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
x-served-by
cache-yul12824-YUL
x-timer
S1660292215.415705,VS0,VE0
cadun.js
s.glbimg.com/pc/ca/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/pc/ca/cadun.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/profiling/profiling.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
9f07eb1d3485dabe204a944ab51fd4d7b4f2247c58f170714cfb40ff118af06e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-bip
71942439 ra09 20 08
age
115954
content-length
5547
x-xss-protection
1; mode=block
x-request-id
09e95c0e-da51-4908-85ed-57ce1f85afd0
last-modified
Wed, 27 Jan 2021 20:50:06 GMT
x-thanos
0AB4D01C
etag
W/"6011d1fe-3759"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
via
2.0 CachOS
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 18 Aug 2022 00:04:21 GMT
i
ivccf.ivcbrasil.org.br/ 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivccf.ivcbrasil.org.br/i?stm=1660292215476&e=pv&url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&page=Melhores%20do%20ano%3A%20os%20memes%20mais%20engra%C3%A7ados%20de%202019%20%7C%20Lifestyle%20%7C%20Glamour&refr=https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F&tv=js-2.9.2-SNAPSHOT&tna=cf&aid=134&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&eid=7980b570-c6ae-401c-a5e6-9a9fdecf6f2f&dtm=1660292215475&vp=1600x1200&ds=1600x16754&vid=1&sid=25c74b41-c90d-4932-b4a3-37b1c09a1c45&duid=c95393ee-7298-4e26-aae1-df32ba26de54&fp=1040110208
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.73.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-73-181.us-west-2.compute.amazonaws.com
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:16:55 GMT
Server
Apache/2.4.51 () OpenSSL/1.0.2k-fips
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
sexqhznbn.js
cdn.krxd.net/controltag/ Frame 2E52 		75 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/sexqhznbn.js
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d4c5d952297366d4e340d33bef112d53749ea1b14f3bc9bbbe9c8dc9d73bb354

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Fri, 12 Aug 2022 08:16:55 GMT
via
1.1 varnish, 1.1 varnish
age
306
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
20793
x-served-by
config-service-a006-ash-prod.krxd.net, cache-iad-kjyo7100101-IAD, cache-yul12824-YUL
x-response-time
0
x-do-esi
esi
x-timer
S1660292215.484376,VS0,VE0
etag
"bb2b5013e6723d132478a4ab059baadafc322579"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 6
5007d44e-09d1-49b7-8c99-6b1cc38c3cbc
consumer.krxd.net/consent/get/ 		235 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9f1508da4c7e232fecfa9d9ca9c8d6d4097d449c91b20d51903af021612c1214

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a015-ash-prod.krxd.net, cache-yul12834-YUL
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1660292216.520814,VS0,VE17
content-length
192
x-cache-hits
0, 0
load.js
widget.perfectmarket.com/editoraglobonetwork/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/editoraglobonetwork/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a631724cecac8cf46ece583f5717dce6335c12c4e364c837a9aa376e85b43322

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
96SXZm1_vuUWZ2qonXeDPFXCMBPcVT5j
content-encoding
gzip
etag
"f720015773ac2581bfedfc349bc4a9d1"
age
0
x-cache
HIT, HIT
content-length
2143
x-amz-id-2
cnjeOwfSd6Sen4BKWSQSdN0/VDCS4c6HzGD6DY0QzgYeJsWVfWKFB8cnVmQh3JFR9DZXh90GmSI=
x-served-by
cache-lax10681-LGB, cache-yul12825-YUL
last-modified
Wed, 11 May 2022 16:32:46 GMT
server
AmazonS3
x-timer
S1660292216.554927,VS0,VE155
date
Fri, 12 Aug 2022 08:16:55 GMT
vary
Accept-Encoding,,
x-amz-request-id
2K032BC9W83ZN268
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 1
impl.20220811-9-RELEASE.js
cdn.taboola.com/libtrc/ 		679 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220811-9-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
a9f542c0d98b1deb323f1f9963046534e7a98b6f9fbaca32cdb8d49f377c1151

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
tOCpXfpX3YcCLPOluidGWdt9utJwBbSW
content-encoding
br
etag
"cf8cf3840874e1dfab09c56604f542ac"
age
26906
x-cache
HIT
content-length
143612
x-amz-id-2
1i7t2JDP0VnCav8DI9yf+h+P6VMkwCOHt3R1RamiVF1lBGbuMQxa7tPE4Ek7CzYPkqhmWEmiDw0=
x-served-by
cache-yul12824-YUL
last-modified
Thu, 11 Aug 2022 08:46:33 GMT
server
AmazonS3-br
x-timer
S1660292216.515497,VS0,VE0
date
Fri, 12 Aug 2022 08:16:55 GMT
vary
Accept-Encoding
x-amz-request-id
ZBBA0GNFM1HQBHRH
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
12
x-cache-hits
35180
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-16.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 12 Aug 2022 06:44:56 GMT
content-encoding
gzip
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
age
5520
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
GyJFpuozx-nRzix1DnExMD4Xl2u379SNbqGrfQJb6P5DLifCRStpnw==
tr5
cdn.taboola.com/libtrc/ 		3 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/tr5?abgroup=connect-video-trc-11_ctrl
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
via
1.1 varnish
server
Varnish
x-timer
S1660292216.516869,VS0,VE0
x-served-by
cache-yul12824-YUL
x-cache
HIT
content-type
text/html
cache-control
private,max-age=14400
accept-ranges
bytes
content-length
3
retry-after
0
x-cache-hits
0
req
cdn.navdmp.com/ 		6 B
79 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=113571d6e3122eaec847a61f9510&acc=13574&url=https%3A//glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&ref=https%3A//www.protocolo7em7.com.br.hackeandoansiedade.space/&tit=Melhores%20do%20ano%3A%20os%20memes%20mais%20engra%E7ados%20de%202019%20%7C%20Lifestyle%20%7C%20Glamour
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7397c58b7d8a4bd7-YUL
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/x-javascript
usermatch.gif
beacon.krxd.net/ 		0
337 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/usermatch.gif?partner=navegg&partner_uid=113571d6e3122eaec847a61f9510
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.227.59.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-59-83.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1660292215
x-served-by
beacon-n037-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
controltag.js.387e8802bbd0d9fbfa52c1546d7297df
cdn.krxd.net/ctjs/ Frame 2E52 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sexqhznbn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d1872ace7c3af8a214bec239d58ad3d4f3e0d5eee7a18bb416aa9cd28fff233d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Fri, 12 Aug 2022 08:16:55 GMT
content-encoding
gzip
age
9168264
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
537433
content-length
84742
x-served-by
cache-yul12824-YUL
last-modified
Thu, 28 Apr 2022 05:17:05 GMT
x-timer
S1660292216.538498,VS0,VE0
etag
"387e8802bbd0d9fbfa52c1546d7297df"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Sun, 25 Apr 2032 05:17:04 GMT
player.min.js
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/ 		2 MB
567 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js
Requested by
Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
d40cab4ec6db14c7529e89eaacc0090060628c00d0016897ec357fd7c513753d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
content-encoding
gzip
x-openstack-request-id
txb00470b8447942baadd1b-0062f60c67
last-modified
Wed, 03 Aug 2022 16:59:28 GMT
x-thanos
0AB24044
vary
Accept-Encoding, Origin
x-object-meta-mtime
1659544810.000000
x-timestamp
1659545967.72691
cache-control
public, max-age=3600
content-type
application/javascript
x-trans-id
txb00470b8447942baadd1b-0062f60c67
x-request-id
1fe89a2f-0997-46c1-842c-7eefca5c3e9d
chooseAndIncrement
globo-mab.globo.com/mab/bastian-advwblt-r5:glamour:desktop:multicontent:ep/ 		164 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://globo-mab.globo.com/mab/bastian-advwblt-r5:glamour:desktop:multicontent:ep/chooseAndIncrement
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.0/globo-ab.min.js?loading-agent=global-webdeps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.215.207.122 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.215.35.bc.googleusercontent.com
Software
/
Resource Hash
11499e232303192686b4bc5d943f89c6310724941446a4539f7595728fb5b68c
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
strict-transport-security
max-age=300; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
trace-id
f7e66534b7c65fee
access-control-allow-headers
user,User-Agent,Content-Type,GLBUID,GLBID,GLBEXP,x-client-user-agent,x-client-version,x-device-id,x-platform-id,x-canonical-uri,GLOBO_ID
chooseAndIncrement
globo-mab.globo.com/mab/bastian-advwblt-r5:glamour:desktop:multicontent:dinamico/ 		170 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://globo-mab.globo.com/mab/bastian-advwblt-r5:glamour:desktop:multicontent:dinamico/chooseAndIncrement
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.0/globo-ab.min.js?loading-agent=global-webdeps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.215.207.122 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.215.35.bc.googleusercontent.com
Software
/
Resource Hash
92242b91deb192dc1c5202e458216198d0625837158581f6cc53d316c78ef5c6
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
strict-transport-security
max-age=300; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
trace-id
616a8da4c82873e8
access-control-allow-headers
user,User-Agent,Content-Type,GLBUID,GLBID,GLBEXP,x-client-user-agent,x-client-version,x-device-id,x-platform-id,x-canonical-uri,GLOBO_ID
b
sb.scorecardresearch.com/ 		0
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1660292215545&ns_c=UTF-8&c7=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&c8=Melhores%20do%20ano%3A%20os%20memes%20mais%20engra%C3%A7ados%20de%202019%20%7C%20Lifestyle%20%7C%20Glamour&c9=https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-16.phl50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
C827i7rERWSwqaqnpB8oylobt491p_DnK_eXJHiibEJQwf2tdvMJUg==
x-cache
Miss from cloudfront
logged
cocoon.globo.com/v2/user/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cocoon.globo.com/v2/user/logged
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.153.86 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
86.153.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://glamour.globo.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 12 Aug 2022 08:16:55 GMT
server
nginx
via
1.1 google
login.css
s.glbimg.com/pc/ca/ 		846 B
837 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/pc/ca/login.css
Requested by
Host: s.glbimg.com
URL: https://s.glbimg.com/pc/ca/cadun.js?loading-agent=global-webdeps
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
d3decc75ba01ec53d1204eee13646967c5ec5ae009d0172ff3a06d38e0c8ef44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-bip
74154877 ra09 20 08
age
115953
content-length
431
x-xss-protection
1; mode=block
x-request-id
51cb4a0b-43e6-4e82-887b-418631a8b142
last-modified
Wed, 27 Jan 2021 20:50:06 GMT
x-thanos
0AB4D01C
etag
W/"6011d1fe-34e"
vary
Accept-Encoding, Origin
content-type
text/css
via
2.0 CachOS
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 18 Aug 2022 00:04:21 GMT
logged
cocoon.globo.com/v2/user/ 		186 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cocoon.globo.com/v2/user/logged
Requested by
Host: s.glbimg.com
URL: https://s.glbimg.com/pc/ca/cadun.js?loading-agent=global-webdeps
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.153.86 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
86.153.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
518eb4f81c722adbda4fa0a1d788728a617d011ea0cfab5df71ecb3bd20cadab

Request headers

Referer
https://glamour.globo.com/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
via
1.1 google
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
access-control-allow-methods
POST, OPTIONS
p3p
CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
186
card-interference-detector.20220811-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/card-interference-detector.20220811-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
804efc569b2ed1f64500e28e2eac05a57d219bd8077231b7d2bf1d710a26bbef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
bt7LIHoxMPCo9I7V2cWoM_N.4FGWv.yx
content-encoding
gzip
etag
"109801a1ba7ccc17f2ad7d68b81ee62c"
age
13
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2180
x-amz-id-2
jkUt8BJ/DN8f0kVyPu61wpv1RKyMKskY81mEzvsleLp4Dn70e05Z6e6bJUmEwyhVLj/wh8J1aI8=
x-served-by
cache-yul12824-YUL
last-modified
Thu, 11 Aug 2022 16:02:16 GMT
server
AmazonS3
x-timer
S1660292216.571999,VS0,VE1
date
Fri, 12 Aug 2022 08:16:55 GMT
vary
Accept-Encoding
x-amz-request-id
WM9NHWK02Q28V8HH
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
12
x-cache-hits
1
5007d44e-09d1-49b7-8c99-6b1cc38c3cbc
consumer.krxd.net/consent/get/ Frame 2E52 		220 B
247 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
003fe474efc84a3f88bc64c110744384802f812171556fe82d36ea92ed101d13

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a015-ash-prod.krxd.net, cache-yul12834-YUL
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1660292216.635568,VS0,VE19
content-length
186
x-cache-hits
0, 0
15688-pbjs-floors.json
ads.rubiconproject.com/floors/ 		31 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/15688-pbjs-floors.json
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_glamour.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.229.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-229-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d862e8493cbcd2912b3a5ec4650a26410f05cb2c3b70889b4a5b34e8319df57c

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 07:41:02 GMT
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
2933
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220812
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_glamour.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08b86397e087dba0f354e4279d8e957549335a8384cbb11e9381128f23ae40cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
18954
x-jsd-version
1.0.1429
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19122-FRA, cache-iad-kiad7000090-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66e-zNzrEEpPj8suNjLEFeVGTjHpk8w"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GTVY5RNzp4OIa%2FbULCe8sAncCEsBAmdy%2F6y5VbAq4HXoBmeTaJ%2FBKoODoxDtAA5%2FLhOPO4Gljpr46%2BQ2ozQnV9k3bQ%2FIDoopt6JyvKuYFnlK0yBYlb8S1TouO2lhT3FuFM5f10hQHy1SGw5Ba0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
7397c58c7d3c7139-YUL
access-control-expose-headers
*
usermatch.gif
beacon.krxd.net/ Frame 2E52
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=google
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=UEEyZ1M4Zzc
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEM8myiSmXJhcEUmEdX5NJ80&google_cver=1
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEM8myiSmXJhcEUmEdX5NJ80&google_cver=1
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
54.227.59.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-59-83.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
cache-control
private, no-cache, no-store
x-request-time
D=28 t=1660292215
x-served-by
beacon-n002-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEM8myiSmXJhcEUmEdX5NJ80&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 2E52
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=UEEyZ1M4Zzc
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm=&google_hm=UEEyZ1M4Zzc&google_tc=
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEM8myiSmXJhcEUmEdX5NJ80&google_cver=1
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEM8myiSmXJhcEUmEdX5NJ80&google_cver=1
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
54.227.59.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-59-83.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
cache-control
private, no-cache, no-store
x-request-time
D=63 t=1660292215
x-served-by
beacon-n017-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEM8myiSmXJhcEUmEdX5NJ80&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
26357
stags.bluekai.com/site/ Frame 2E52 		62 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/26357?id=PA2gS8g7
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.205.90 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-205-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length
62
content-type
image/gif
usermatch.gif
beacon.krxd.net/ Frame 2E52
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://gum.criteo.com/sync?s=1&c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=FeZ3bjMLb2l4KnqUYzAkmV-VKxuzMz5z
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=FeZ3bjMLb2l4KnqUYzAkmV-VKxuzMz5z
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
54.227.59.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-59-83.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
cache-control
private, no-cache, no-store
x-request-time
D=29 t=1660292216
x-served-by
beacon-n034-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=FeZ3bjMLb2l4KnqUYzAkmV-VKxuzMz5z
date
Fri, 12 Aug 2022 08:16:55 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
7507
content-length
218
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
p
sb.scorecardresearch.com/ Frame 2E52 		43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=PA2gS8g7&rn=1660292216
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-16.phl50.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:55 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
content-length
43
x-amz-cf-id
ZlzJBHHK_EP7W3OhLoAcbPosm9woqJPphNL--doubHvM9mfplhMNSQ==
x-cache
Miss from cloudfront
content-type
image/gif
demconf.jpg
dpm.demdex.net/ Frame 2E52
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=66757&&dpuuid=PA2gS8g7
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=66757&&dpuuid=PA2gS8g7
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=66757&&dpuuid=PA2gS8g7
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Server
52.27.120.158 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-27-120-158.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v035-06d683dd1.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
F8layPqFSwo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v035-01db466ca.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
iJqvxqEQSTo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=66757&&dpuuid=PA2gS8g7
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
usermatch.gif
beacon.krxd.net/ Frame 2E52
Redirect Chain
  • https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fadnxs_uid%3D%24UID
  • https://beacon.krxd.net/usermatch.gif?adnxs_uid=7468824964832256333
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?adnxs_uid=7468824964832256333
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
54.227.59.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-59-83.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1660292216
x-served-by
beacon-n008-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:56 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
7f74d520-fee1-4803-a57a-2fc827819137
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://beacon.krxd.net/usermatch.gif?adnxs_uid=7468824964832256333
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
ib.adnxs.com/ Frame 2E52
Redirect Chain
  • https://ib.adnxs.com/mapuid?member=1780&user=PA2gS8g7
  • https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember%3D1780%26user%3DPA2gS8g7
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember%3D1780%26user%3DPA2gS8g7
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:56 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
d00fdef3-afe1-4cd6-8c8d-7739c779690b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:56 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
5ec275d5-488b-4658-80a2-e62d54a5957b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember%3D1780%26user%3DPA2gS8g7
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
379708.gif
idsync.rlcdn.com/ Frame 2E52 		42 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/379708.gif?partner_uid=PA2gS8g7
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 08:16:55 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
token
token.rubiconproject.com/ Frame 2E52 		0
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=27384&puid=krux_id&gdpr=0
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usersync
pixel-sync.sitescout.com/connectors/krux/ Frame 2E52
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=sitescout
  • https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=PA2gS8g7
  • https://pixel-sync.sitescout.com/connectors/krux/usersync?cookieQ=1&foreign_id=PA2gS8g7
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/connectors/krux/usersync?cookieQ=1&foreign_id=PA2gS8g7
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
207.198.113.86 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:55 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location
https://pixel-sync.sitescout.com/connectors/krux/usersync?cookieQ=1&foreign_id=PA2gS8g7
date
Fri, 12 Aug 2022 08:16:55 GMT
server
AC1.1
content-length
0
usermatch.gif
beacon.krxd.net/ Frame 2E52
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=verizon
  • https://cms.analytics.yahoo.com/cms?partner_id=KRUX&_hosted_id=PA2gS_tb
  • https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-rhhegqxE2puwUPmBW8Vg30kix6VFertPLA--~A
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-rhhegqxE2puwUPmBW8Vg30kix6VFertPLA--~A
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
54.227.59.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-59-83.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
cache-control
private, no-cache, no-store
x-request-time
D=86 t=1660292216
x-served-by
beacon-n023-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 12 Aug 2022 08:16:56 GMT
via
http/1.1 spdc0115.tgt.bf1.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-rhhegqxE2puwUPmBW8Vg30kix6VFertPLA--~A
content-length
0
sync
sync.navdmp.com/ Frame 2E52
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=navegg
  • https://sync.navdmp.com/sync?prtid=30&salid=PA2gS_tb
6 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.navdmp.com/sync?prtid=30&salid=PA2gS_tb
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7397c58e3f724bd7-YUL
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript

Redirect headers

location
https://sync.navdmp.com/sync?prtid=30&salid=PA2gS_tb
date
Fri, 12 Aug 2022 08:16:55 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a018-ash-prod.krxd.net
RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005
sync.targeting.unrulymedia.com/csync/ Frame 2E52
Redirect Chain
  • https://sync.1rx.io/usersync/krux/PA2gS8g7?dspret=1
  • https://sync.1rx.io/usersync/krux/PA2gS8g7?zcc=1&cb=1660292216101
  • https://sync.targeting.unrulymedia.com/csync/RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Server
199.127.204.147 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:16:56 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:56 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
getdata.xgi
r.nexac.com/e/ Frame 2E52 		0
0
pmk-202010011.11.js
widget.perfectmarket.com/editoraglobonetwork/ 		118 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/editoraglobonetwork/pmk-202010011.11.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/editoraglobonetwork/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f54ab1e32dd2faf787fd0c28a5b92b033d19ece20de5f26114e2d13c7f5a5e96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
mt6MQyBByZVRtgC8luVZNo8BBOOswaIf
content-encoding
gzip
etag
"d7b72fd3620fcd4e69dac981832e644f"
age
1464496
x-cache
HIT, HIT
content-length
32407
x-amz-id-2
+HIvO0HQz7T8IjzZURl9r5Oxce4US1ZLgRCL/mX1Ej7ekOmTuIodpmrJZU4z/bLGUNdhCiwAFqI=
x-served-by
cache-sna10724-LGB, cache-yul12825-YUL
last-modified
Wed, 11 May 2022 16:32:46 GMT
server
AmazonS3
x-timer
S1660292216.726124,VS0,VE0
date
Fri, 12 Aug 2022 08:16:55 GMT
vary
Accept-Encoding,,
x-amz-request-id
RSM53DGHMSGYKXYK
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
2, 2
glamour
horizon-track.globo.com/event/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://horizon-track.globo.com/event/glamour
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/1aa2241f8aedf804f59cfeb4a5846422.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.211.79.33 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
33.79.211.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryNOofc8dbXAJ1dgXX

Response headers
glamour
horizon-track.globo.com/event/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://horizon-track.globo.com/event/glamour
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/1aa2241f8aedf804f59cfeb4a5846422.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.211.79.33 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
33.79.211.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryAJoiH16Jb8xPAmgf

Response headers
cd
cd.navdmp.com/ 		6 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cd.navdmp.com/cd?prtid=13574&prtusridr=85b50f881da67f14706126a289b10d9e358dcf5d
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7397c58fe86e4bd7-YUL
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/x-javascript
json
trc.taboola.com/editoraglobo-glamour/trc/3/ 		20 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/editoraglobo-glamour/trc/3/json?tim=08%3A16%3A56.256&lti=connect-video-trc-11_ctrl&data=%7B%22id%22%3A676%2C%22ii%22%3A%22%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1660209119929%2C%22vi%22%3A1660292216254%2C%22cv%22%3A%2220220811-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22pev%22%3A7963%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml%22%2C%22vpi%22%3A%22%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml%22%2C%22e%22%3A%22https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A16754%2C%22nsid%22%3A%22editoraglobonetwork%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A14370.15625%2C%22mw%22%3A648%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22connect-video-trc-11_ctrl%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220811-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
caa780d674f5cfd7b4b28a8234c10fe04d9893b7754b4c3f9cd874b78b282d1e

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
301
date
Fri, 12 Aug 2022 08:16:56 GMT
content-encoding
gzip
server
nginx
x-timer
S1660292216.347290,VS0,VE301
x-served-by
cache-yul12824-YUL
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
1.tiny.js
static.infoglobo.com.br/paywall/js/ 		27 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/js/1.tiny.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js?utv=ut4.44.202112201735
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
Apache /
Resource Hash
92beaf913adfabfeb48f932e23ccf17abf94fa30f563ff5fcf8bacfa44803f8d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:06:31 GMT
Content-Encoding
gzip
Age
624
grace
none
X-Cache
HIT
Connection
Keep-Alive
Content-Length
4712
Last-Modified
Thu, 11 Aug 2022 20:00:17 GMT
Server
Apache
ETag
"a048cf29-6cf3-5e5fc9d4ad640"
vary
X-Forwarded-Proto
Content-Type
text/javascript
Access-Control-Allow-Origin
*
cache-control
public, max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
X-Cache-Hits
1106
17.tiny.js
static.infoglobo.com.br/paywall/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/js/17.tiny.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js?utv=ut4.44.202112201735
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
Apache /
Resource Hash
0773df1b62b926ff11baafce486c991a745d481e6791b9d07ce6f628b4bdd593

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:06:33 GMT
Content-Encoding
gzip
Age
623
grace
none
X-Cache
HIT
Connection
Keep-Alive
Content-Length
1870
Last-Modified
Thu, 11 Aug 2022 20:00:17 GMT
Server
Apache
ETag
"a034525a-16ac-5e5fc9d4ad640"
vary
X-Forwarded-Proto
Content-Type
text/javascript
Access-Control-Allow-Origin
*
cache-control
public, max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
X-Cache-Hits
1118
load
experience.tinypass.com/xbuilder/experience/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=VnaP3rYVKc
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js?utv=ut4.44.202112201735
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3d802214cdaf6276aa13b5b161820bbc80660cf9429124233334b07a2d7978e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
HIT
age
3588
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Mdaqhgrcfas
wn
prod-exp-10-0-82-143
last-modified
Fri, 12 Aug 2022 07:03:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=1800
cf-ray
7397c590e96eca67-YUL
expires
Fri, 12 Aug 2022 08:46:56 GMT
utag.31.js
tags.tiqcdn.com/utag/globo/editora/prod/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/globo/editora/prod/utag.31.js?utv=ut4.44.202208092051
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.216.220 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-220.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ffe04091b035ae1bfe76e90d8dcccb0e4eab5b04334576832341d6da0b9fd91d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
content-encoding
gzip
last-modified
Tue, 05 Jul 2022 21:36:00 GMT
server
AkamaiNetStorage
etag
"889e12c3ba12601315a1f9a4d10d289c:1657056960.407941"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
2644
expires
Sat, 27 Aug 2022 08:16:56 GMT
utag.29.js
tags.tiqcdn.com/utag/globo/editora/prod/ 		1 KB
938 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/globo/editora/prod/utag.29.js?utv=ut4.44.201911252014
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.216.220 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-220.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9d4f298b9266e5e548da14a56548eedc87dff49e1fc054dc7fd7b19cf0db55d0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Fri, 12 Aug 2022 08:16:56 GMT
content-encoding
gzip
last-modified
Tue, 05 Jan 2021 14:22:22 GMT
server
AkamaiNetStorage
etag
"c1b2fbf362855ad1a62e74c71220384b:1609856542.812869"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
695
expires
Sat, 27 Aug 2022 08:16:56 GMT
utag.51.js
tags.tiqcdn.com/utag/globo/editora/prod/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/globo/editora/prod/utag.51.js?utv=ut4.44.202208021326
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.216.220 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-220.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
377b3c43b8176e2a1681c6bc4882ddee51e33b441574459744a084f09766ea1c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
content-encoding
gzip
last-modified
Tue, 02 Aug 2022 13:26:45 GMT
server
AkamaiNetStorage
etag
"ba27229cd3456cd9ea1a7e4ba1bb14f9:1659446805.224968"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
5727
expires
Sat, 27 Aug 2022 08:16:56 GMT
utag.53.js
tags.tiqcdn.com/utag/globo/editora/prod/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/globo/editora/prod/utag.53.js?utv=ut4.44.202112102028
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.216.220 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-220.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2dd7e9ca358d9a52e8adcfcab0180e50beb4449a987ee747c69e605fa35fbee3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Fri, 12 Aug 2022 08:16:56 GMT
content-encoding
gzip
last-modified
Fri, 10 Dec 2021 18:57:46 GMT
server
AkamaiNetStorage
etag
"1c8c6a0c57481b0b164f54b996ee26ea:1639162666.189666"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1285
expires
Sat, 27 Aug 2022 08:16:56 GMT
utag.66.js
tags.tiqcdn.com/utag/globo/editora/prod/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/globo/editora/prod/utag.66.js?utv=ut4.44.202205271340
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.216.220 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-220.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
af7f7d9dbec7daf5a6f7d58196b10fdaf2f0e97a15a981e5f180cedb9495739a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
content-encoding
gzip
last-modified
Fri, 27 May 2022 13:41:12 GMT
server
AkamaiNetStorage
etag
"0d7a2931edf9422154c55de8f25d7b01:1653658872.493828"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
3691
expires
Sat, 27 Aug 2022 08:16:56 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.31.js?utv=ut4.44.202208092051
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
sffe /
Resource Hash
703365d6b927fac7d6cd9b549802f77c5ab8dceeac4c835967b8dc30b359c26e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28681
x-xss-protection
0
server
sffe
etag
"1301 / 184 of 1000 / last-modified: 1660255589"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 12 Aug 2022 08:16:56 GMT
15688-pbjs-floors.json
ads.rubiconproject.com/floors/ 		31 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/15688-pbjs-floors.json
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_glamour.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.229.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-229-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d862e8493cbcd2912b3a5ec4650a26410f05cb2c3b70889b4a5b34e8319df57c

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 07:41:02 GMT
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
2933
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220812
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_glamour.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08b86397e087dba0f354e4279d8e957549335a8384cbb11e9381128f23ae40cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
18955
x-jsd-version
1.0.1429
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19122-FRA, cache-iad-kiad7000090-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66e-zNzrEEpPj8suNjLEFeVGTjHpk8w"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3cqVx03s1K2jHrjy0F8PXPvaNnbZ2FLDFlbTV%2FKtUTStujnFGlTtjiJVuRM9zDENvxQJGeSA%2FvKtx7Sp3MC0z2wk4Yu9UxSE%2FPlQ%2B9l9d6lKwIWzi%2F9Yaur3r6zDdaZkuugt%2BUKIcQ2sMhhurM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
7397c59289047139-YUL
access-control-expose-headers
*
J2lZajxx.js
cdn.krxd.net/controltag/ 		107 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/J2lZajxx.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.29.js?utv=ut4.44.201911252014
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
231e3afb8ac1d691297cb2ceb6829e229f45f52b0b6f50c2590d62e700736926

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Fri, 12 Aug 2022 08:16:56 GMT
via
1.1 varnish, 1.1 varnish
age
1161
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
22626
x-served-by
config-service-a005-ash-prod.krxd.net, cache-iad-kcgs7200157-IAD, cache-yul12824-YUL
x-response-time
1
x-do-esi
esi
x-timer
S1660292216.433975,VS0,VE0
etag
"f2b73a291a6a1993c72ecb64294e82098936d5eb"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 5
hotjar-2732676.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2732676.js?sv=6
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-77.phl50.r.cloudfront.net
Software
/
Resource Hash
d98635d4183431392ba335cfcadf625e77e45b23962d09e6d38a4efbda4a7923
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
PHL50-C1
etag
W/d3e59255aa71755bbc9b2cf28e86cc53
strict-transport-security
max-age=86400; includeSubDomains
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-amz-cf-id
hJIQ-NdwVxtOg8Ivn2kv7J_RJ-7ZtktImC2nJESHdhGCDTGp_Irhzw==
via
1.1 934f97734451ac135c3e6c1480f72d4e.cloudfront.net (CloudFront)
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6684
date
Fri, 12 Aug 2022 06:25:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 12 Aug 2022 08:25:32 GMT
js
www.googletagmanager.com/gtag/ 		200 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WE4K4RF1F3
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1ab59d6e63478519b5cfd073162dc5190e45b183e662c26d51ca9291c62fb7be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73056
x-xss-protection
0
expires
Fri, 12 Aug 2022 08:16:56 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
216 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=globo/editora/202208111723&cb=1660292216434
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.216.220 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-220.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Fri, 12 Aug 2022 08:16:56 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Fri, 12 Aug 2022 08:26:56 GMT
controltag.js.387e8802bbd0d9fbfa52c1546d7297df
cdn.krxd.net/ctjs/ 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/J2lZajxx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d1872ace7c3af8a214bec239d58ad3d4f3e0d5eee7a18bb416aa9cd28fff233d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Fri, 12 Aug 2022 08:16:56 GMT
content-encoding
gzip
age
9168265
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
537434
content-length
84742
x-served-by
cache-yul12824-YUL
last-modified
Thu, 28 Apr 2022 05:17:05 GMT
x-timer
S1660292216.450372,VS0,VE0
etag
"387e8802bbd0d9fbfa52c1546d7297df"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Sun, 25 Apr 2032 05:17:04 GMT
proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame 18D9 		805 B
844 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
37142737
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
525
content-type
text/html
date
Fri, 12 Aug 2022 08:16:56 GMT
etag
"3d2100fd7107262ecb55ce6847f01fa5"
expires
Fri, 19 Feb 2027 17:50:50 GMT
last-modified
Tue, 21 Feb 2017 17:50:54 GMT
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
169323
x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
x-served-by
cache-yul12824-YUL
x-timer
S1660292216.477995,VS0,VE0
tinypass.min.js
cdn.tinypass.com/api/ 		308 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=VnaP3rYVKc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
112813d060ca6e046a3d7d89db478d5f9793d1f522d4a09ee6171310f4506c6e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
4409
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
B0S1RWNGGNZZTGFK
x-amz-id-2
C0YUhfSSRvKJySUOUZIx2Hnkzz9MRRy1uMNFgBu3HNYwIvvSSn9mXVKRzmgqyRPj504mKe0jsQw=
last-modified
Wed, 10 Aug 2022 08:08:53 GMT
server
cloudflare
etag
W/"748f70daf6e0634086fe4ec86b359bdc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
7397c59169a9ca67-YUL
expires
Fri, 12 Aug 2022 12:16:56 GMT
J2lZajxx.js
cdn.krxd.net/controltag/ Frame 18D9 		107 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/J2lZajxx.js
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
231e3afb8ac1d691297cb2ceb6829e229f45f52b0b6f50c2590d62e700736926

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Fri, 12 Aug 2022 08:16:56 GMT
via
1.1 varnish, 1.1 varnish
age
1161
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
22626
x-served-by
config-service-a005-ash-prod.krxd.net, cache-iad-kcgs7200157-IAD, cache-yul12824-YUL
x-response-time
1
x-do-esi
esi
x-timer
S1660292217.501181,VS0,VE0
etag
"f2b73a291a6a1993c72ecb64294e82098936d5eb"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 6
controltag.js.387e8802bbd0d9fbfa52c1546d7297df
cdn.krxd.net/ctjs/ Frame 18D9 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/J2lZajxx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d1872ace7c3af8a214bec239d58ad3d4f3e0d5eee7a18bb416aa9cd28fff233d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Fri, 12 Aug 2022 08:16:56 GMT
content-encoding
gzip
age
9168265
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
537435
content-length
84742
x-served-by
cache-yul12824-YUL
last-modified
Thu, 28 Apr 2022 05:17:05 GMT
x-timer
S1660292217.518443,VS0,VE0
etag
"387e8802bbd0d9fbfa52c1546d7297df"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Sun, 25 Apr 2032 05:17:04 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
5007d44e-09d1-49b7-8c99-6b1cc38c3cbc
consumer.krxd.net/consent/get/ 		220 B
306 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1724c5cef41157e912641bd88a4db5325b61d630ad1b879c9c71045051aad45a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a011-ash-prod.krxd.net, cache-yul12834-YUL
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1660292217.538161,VS0,VE20
content-length
184
x-cache-hits
0, 0
advertising.js
www.npttech.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/1.tiny.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5476 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1724
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
JNMEQGQ9NJ9E6X1S
x-amz-id-2
fxImh/8M8kos4PfArLZQ66EMsMP9XUBIudAFPFkNaHH9tQrUf3+tzsmbOphXS4daZ7ig6eUbrKc=
last-modified
Wed, 19 Jun 2019 08:25:01 GMT
server
cloudflare
etag
W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JhJbqkTr35lA8%2Fl8ick9OmHGp4qkdn2JE0svjLK25fT4UCrKZqMloo0ycQNNGEbOB09Q%2BMNWKRAOYtUu1SDXBsG2mOmzVs8jouo2LBdpgBE%2FP71eAi7cUsbw9nQfPhpMg11DajzviOistQTsFUU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
x-amz-version-id
hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray
7397c591ec20714a-YUL
5007d44e-09d1-49b7-8c99-6b1cc38c3cbc
consumer.krxd.net/consent/get/ Frame 18D9 		220 B
259 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1724c5cef41157e912641bd88a4db5325b61d630ad1b879c9c71045051aad45a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a011-ash-prod.krxd.net, cache-yul12834-YUL
vary
Accept-Encoding
x-cache
MISS, HIT
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1660292217.563648,VS0,VE0
content-length
184
x-cache-hits
0, 1
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-WE4K4RF1F3&gtm=2oe880&_p=756794352&gdid=dYmQxMT&cid=437779693.1660292217&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660292216&sct=1&seg=0&dl=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&dr=https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F&dt=Melhores%20do%20ano%3A%20os%20memes%20mais%20engra%C3%A7ados%20de%202019%20%7C%20Lifestyle%20%7C%20Glamour&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WE4K4RF1F3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022080801.js
securepubads.g.doubleclick.net/gpt/ 		385 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
sffe /
Resource Hash
227fff75c4236d888dd7f5b7bdb52a1f7128ce90ca02e6e2b4c33a501ea4c89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 10:50:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
249977
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134395
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 08:39:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 09 Aug 2023 10:50:39 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		1 KB
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=glamour.globo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
075c3e65454fb849762a9835ed4ff5c11cf3206f04a1562af7f3c5d0e807bfde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 08:16:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
367
x-xss-protection
0
expires
Fri, 12 Aug 2022 08:16:56 GMT
get.js
buy.tinypass.com/api/v3/anon/captcha/ 		153 B
403 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=VnaP3rYVKc
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebbec664e3d94cc9ac27c02aa072e11f1601ac52642916074649ef26a7171de8
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
MyfthgrxntV
pragma
wn
prod-dash-10-0-113-131
last-modified
Fri, 12 Aug 2022 08:11:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
server-time
0.002
cache-control
public, max-age=1200
cf-ray
7397c5926a02ca67-YUL
expires
Fri, 12 Aug 2022 08:36:56 GMT
cx.cce.js
cdn.cxense.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:7a8::268b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
eb578e5229cead21a487f38f0428ce5362cc04b13dfbc686cb380be538c0e79f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:16:56 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 May 2022 19:29:56 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5964
Expires
Fri, 12 Aug 2022 09:16:56 GMT
execute
c2.piano.io/xbuilder/experience/ 		17 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=VnaP3rYVKc
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
304efaacc8eb40941516a8289bc15f40c13f044d4b38e068dd82da51861a4018
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 12 Aug 2022 08:16:57 GMT
content-encoding
gzip
vary
Accept-Encoding, Origin
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
oivkuxbywp
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
7397c5948ab34bd7-YUL
usermatch.gif
beacon.krxd.net/ Frame 18D9
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=google
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=UEEyZ1NfdGI
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEM8myiSmXJhcEUmEdX5NJ80&google_cver=1
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEM8myiSmXJhcEUmEdX5NJ80&google_cver=1
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
54.227.59.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-59-83.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
cache-control
private, no-cache, no-store
x-request-time
D=27 t=1660292216
x-served-by
beacon-n006-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEM8myiSmXJhcEUmEdX5NJ80&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 18D9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=UEEyZ1NfdGI
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEM8myiSmXJhcEUmEdX5NJ80&google_cver=1
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEM8myiSmXJhcEUmEdX5NJ80&google_cver=1
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
54.227.59.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-59-83.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
cache-control
private, no-cache, no-store
x-request-time
D=25 t=1660292216
x-served-by
beacon-n013-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEM8myiSmXJhcEUmEdX5NJ80&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
26357
stags.bluekai.com/site/ Frame 18D9 		62 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/26357?id=PA2gS_tb
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.205.90 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-205-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length
62
content-type
image/gif
usermatch.gif
beacon.krxd.net/ Frame 18D9
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=_TuwO9beujRk8qjagnCzNQqCL7sJZVt5
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=_TuwO9beujRk8qjagnCzNQqCL7sJZVt5
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
54.227.59.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-59-83.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
cache-control
private, no-cache, no-store
x-request-time
D=27 t=1660292216
x-served-by
beacon-n007-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=_TuwO9beujRk8qjagnCzNQqCL7sJZVt5
date
Fri, 12 Aug 2022 08:16:56 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2867
content-length
218
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
p
sb.scorecardresearch.com/ Frame 18D9 		43 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=PA2gS_tb&rn=1660292217
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-16.phl50.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
content-length
43
x-amz-cf-id
1BDoCnbNlZW7m87DddO8sFpc2Fl99k4Caik4hAf-PByZ83zD8rj2SA==
x-cache
Miss from cloudfront
content-type
image/gif
ibs:dpid=66757&&dpuuid=PA2gS_tb
dpm.demdex.net/ Frame 18D9 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=66757&&dpuuid=PA2gS_tb
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.27.120.158 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-27-120-158.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v035-09c393055.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
9rN7IGC2QJA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
usermatch.gif
beacon.krxd.net/ Frame 18D9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID
  • https://beacon.krxd.net/usermatch.gif?adnxs_uid=4838819436260598658
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?adnxs_uid=4838819436260598658
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
54.227.59.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-59-83.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
cache-control
private, no-cache, no-store
x-request-time
D=27 t=1660292216
x-served-by
beacon-n010-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:56 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
38cee2f1-fdb1-45d4-a3a7-b47eed8bcccb
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://beacon.krxd.net/usermatch.gif?adnxs_uid=4838819436260598658
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mapuid
ib.adnxs.com/ Frame 18D9 		43 B
963 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/mapuid?member=1780&user=PA2gS_tb
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:56 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
ea3c5ff0-f279-4edd-bbe3-9ea680e2dc8b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
379708.gif
idsync.rlcdn.com/ Frame 18D9 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/379708.gif?partner_uid=PA2gS_tb
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 08:16:56 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
token
token.rubiconproject.com/ Frame 18D9 		0
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=27384&puid=krux_id&gdpr=0
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usersync
pixel-sync.sitescout.com/connectors/krux/ Frame 18D9
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=sitescout
  • https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=PA2gS_tb
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=PA2gS_tb
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
207.198.113.86 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:56 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location
https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=PA2gS_tb
date
Fri, 12 Aug 2022 08:16:56 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a018-ash-prod.krxd.net
usermatch.gif
beacon.krxd.net/ Frame 18D9
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=verizon
  • https://cms.analytics.yahoo.com/cms?partner_id=KRUX&_hosted_id=PA2gS_tb
  • https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-rhhegqxE2puwUPmBW8Vg30kix6VFertPLA--~A
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-rhhegqxE2puwUPmBW8Vg30kix6VFertPLA--~A
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
54.227.59.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-59-83.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
cache-control
private, no-cache, no-store
x-request-time
D=30 t=1660292216
x-served-by
beacon-n022-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 12 Aug 2022 08:16:56 GMT
via
http/1.1 spdc0115.tgt.bf1.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-rhhegqxE2puwUPmBW8Vg30kix6VFertPLA--~A
content-length
0
sync
sync.navdmp.com/ Frame 18D9
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=navegg
  • https://sync.navdmp.com/sync?prtid=30&salid=PA2gS_tb
6 B
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.navdmp.com/sync?prtid=30&salid=PA2gS_tb
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7397c592d9b54bd7-YUL
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript

Redirect headers

location
https://sync.navdmp.com/sync?prtid=30&salid=PA2gS_tb
date
Fri, 12 Aug 2022 08:16:56 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a003-ash-prod.krxd.net
RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005
sync.targeting.unrulymedia.com/csync/ Frame 18D9
Redirect Chain
  • https://sync.1rx.io/usersync/krux/PA2gS_tb?dspret=1
  • https://sync.targeting.unrulymedia.com/csync/RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Server
199.127.204.147 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:16:57 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:56 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
getdata.xgi
r.nexac.com/e/ Frame 18D9 		0
0
tb
15.taboola.com/ 		41 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=editoraglobo-glamour&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails&uuip=Feed%20-%20Below%20Article%20Thumbnails&cisrf=https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F&cirf=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&encoded=1&uid=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8&variant=-100|1786072057&callback=TRC.videoTagCallbacks.videoCallback1&cb=1660292216681&tagid=&cntry=CA&platform=1&sesid=2baaefe5c0d02c2630e7a946441c0f1f&itemid=/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&viewid=1660292216254&geolat=&geoing=&deviceifa=&appid=&sd=v2_2baaefe5c0d02c2630e7a946441c0f1f_1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8_1660292216_1660292216_EKD_SRi-64KJqTAgASgBMCY4iegHQOr1B0iny9kDUK7MB1gAYABo8cHPn4bN__V_cAE&ri=fa3c7eb4d38d66fa5fd2337feeccad21&appname=&cdb=&gdprApplies=false&rid=&sii=8695623456658807949&oee=true&tpubid=1212320&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=QC&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1207970&prcnt=&layer=&normp=1&gvv=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220811-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7e4112260244d385a6d8b7e60bd6da0ca6b638ded968352a851c2c44710adf92

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
content-encoding
gzip
access-control-allow-origin
https://glamour.globo.com
machineid
1178
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-yul12824-YUL
pragma
no-cache
server
nginx
x-timer
S1660292217.689607,VS0,VE33
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://us-wf.taboola.com>; rel=preconnect
x-cache-hits
0
feed-card-placeholder.20220811-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20220811-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ca2f8f228065ec4d96c340d978b000470a6d91beef8233ea9bb7290f1314d15

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
b5mo_wrpBUl_O4BbmAcEzlSoMlwmL.Vj
content-encoding
gzip
etag
"82c0773e73c7febdc1883d9ec1cedde8"
age
98
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1263
x-amz-id-2
NyIIjWSx84duQEts5GiY1Z3iqr/X+lwSggb7BXcfiX1q0DGo0qwPQWu7ozLBaVs1wcvsplF8gag=
x-served-by
cache-yul12824-YUL
last-modified
Thu, 11 Aug 2022 16:00:22 GMT
server
AmazonS3
x-timer
S1660292217.700890,VS0,VE0
date
Fri, 12 Aug 2022 08:16:56 GMT
vary
Accept-Encoding
x-amz-request-id
1S7YGA7C1P6DH2XW
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
40
x-cache-hits
37
distance-from-article.20220811-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20220811-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a92e76d18931a457d983f0d0b224a302ee771e38caa1c083cb0f6a8230ed7a5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
Rqs5GyCVcY3rRXxoJ1JTzshwnhtGD.Gh
content-encoding
gzip
etag
"12de72c9c95794b4a319fcc48d825df3"
age
7
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1012
x-amz-id-2
s4ek1jvZfdoUGcrZUk5Qfsm2+RfmPZy86bPEqJKL+Y4NXxjsQi15IzxZCUrt45nRT/vjua+L2dk=
x-served-by
cache-yul12824-YUL
last-modified
Thu, 11 Aug 2022 16:02:22 GMT
server
AmazonS3
x-timer
S1660292217.726555,VS0,VE0
date
Fri, 12 Aug 2022 08:16:56 GMT
vary
Accept-Encoding
x-amz-request-id
VM5BQ9XRDTS01R6E
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
40
x-cache-hits
1
article-detection.20220811-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20220811-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9b0c4938a0e90427f421041a5beb3e0a47976cb54940446f207f9f44cd93071

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
NGoxIAmw7NBsVOIZAsz9qU4ucmj5eLgG
content-encoding
gzip
etag
"111510d2e98b0b4cecb9b209bbe324e5"
age
7
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1235
x-amz-id-2
zsuP+0UEXxpbRlEoWWfm5vbuWkurs49lqvEuRKQIBcbYI5AU59NtLmnHaoMZMPuRSHdWb6SMJfs=
x-served-by
cache-yul12824-YUL
last-modified
Thu, 11 Aug 2022 16:02:10 GMT
server
AmazonS3
x-timer
S1660292217.726597,VS0,VE0
date
Fri, 12 Aug 2022 08:16:56 GMT
vary
Accept-Encoding
x-amz-request-id
VM53KGPH9WM7RMMV
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
40
x-cache-hits
1
8314438e-1240-4037-ade5-bfeaed299a90.css
cdn.taboola.com/static/83/ 		451 B
534 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/static/83/8314438e-1240-4037-ade5-bfeaed299a90.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68a4909c6b8a33d5355c1ef06ee9caff0286db5252efedcf509859a82cdc5463

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
CkT0watBV7AEsiEughRkYLexggZw11Ym
content-encoding
gzip
etag
"1802e318f880ad7e5c7030e9da649cf6"
age
4993
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
222
x-amz-id-2
aOaZ+6O+VZLqbYkPmzf14aLoRuE55POT4DLyc0VyAF+O/j2LS3NdwCqLbuFOzyjBfgFMWZIbdz8=
x-served-by
cache-yul12824-YUL
last-modified
Tue, 07 Jul 2020 17:40:49 GMT
server
AmazonS3
x-timer
S1660292217.730176,VS0,VE0
date
Fri, 12 Aug 2022 08:16:56 GMT
vary
Accept-Encoding
x-amz-request-id
BWZ4CVNZX75VGY98
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
text/css
abp
40
x-cache-hits
3
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
age
5
via
1.1 varnish
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
t/7n4EnlOxMv9QjeIGmaVz3MHJdT1tPxWd0z+aetSJCFaCcUtI6Yo8BdICwNQKlUMhQ7XsrLFp0=
x-served-by
cache-yul12824-YUL
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1660292217.732478,VS0,VE0
date
Fri, 12 Aug 2022 08:16:56 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
DSG45KF11AQPJ7J7
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
*
abp
40
x-cache-hits
3
userx.20220811-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20220811-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
63a28c51e7c1337423ee8c3fb46729a843e5c22f732430c9ef4df2d2fed9bbaf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
0qbWyF3ZiCxco4WS3g1RzL8cLAiz4d39
content-encoding
gzip
etag
"ec9a13f6325e91653faf3c93a0db2976"
age
65
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
K4cQXf35Shwgat7Vsdmu2tatvoO5DuULsJCUL7OmyZLV2xodoF+vxWZfA7Y7WF0Ag7uTKH0YEWU=
x-served-by
cache-yul12824-YUL
last-modified
Thu, 11 Aug 2022 16:01:15 GMT
server
AmazonS3
x-timer
S1660292217.742236,VS0,VE0
date
Fri, 12 Aug 2022 08:16:56 GMT
vary
Accept-Encoding
x-amz-request-id
10HKQ0HF6SJJWFR4
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
40
x-cache-hits
14
explore-more.20220811-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20220811-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3950b61f47b64cf9e4f32374b82c362ddc94f9ba19feb685d15d391f6324c5bc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
BfHCxlohNE8DtAmCoHQWVmA5rCZIWlOV
content-encoding
gzip
etag
"68e221264c56d5ef797afdaa24860a86"
age
77
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5563
x-amz-id-2
FQZWMZUJKECSoTHYo2jUNAQLAVIfsDleI0fzhBf+2mhGd+FVkxofiKRTdOifEyQY6B9j2yqJh00=
x-served-by
cache-yul12824-YUL
last-modified
Thu, 11 Aug 2022 16:00:20 GMT
server
AmazonS3
x-timer
S1660292217.742320,VS0,VE0
date
Fri, 12 Aug 2022 08:16:56 GMT
vary
Accept-Encoding
x-amz-request-id
Y0JZPAXW2J0E4KE1
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
40
x-cache-hits
184
feed-view.20220811-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-view.20220811-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f5b8585e46b09fae99979bd20852b55730201f1b8b8631a41e741f48c63b0827

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
tlTlhpUiqxUJvQBDS.HagwVyG1LysUD1
content-encoding
gzip
etag
"0af7c5e2c9d2cf333b9083a14e42533f"
age
49
x-cache
HIT
x-amz-replication-status
PENDING
content-length
6527
x-amz-id-2
Tngk/KYJ1ukvyJjeARIWQVva7IeV2eLBhMbjGJI81zHuDwwu5QSF8AANSuGsbBzdvja1xeuyVR4=
x-served-by
cache-yul12824-YUL
last-modified
Thu, 11 Aug 2022 16:00:28 GMT
server
AmazonS3
x-timer
S1660292217.743666,VS0,VE0
date
Fri, 12 Aug 2022 08:16:56 GMT
vary
Accept-Encoding
x-amz-request-id
YCNZXKPDRX1XVB9N
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
40
x-cache-hits
3
debug
us-trc-events.taboola.com/editoraglobo-glamour/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-trc-events.taboola.com/editoraglobo-glamour/log/2/debug?tim=08%3A16%3A56.719&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01&llvl=2&id=4040&cv=20220811-9-RELEASE&lt=connect-video-trc-11_ctrl&pct=1
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17347
debug
us-trc-events.taboola.com/editoraglobo-glamour/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-trc-events.taboola.com/editoraglobo-glamour/log/2/debug?tim=08%3A16%3A56.722&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01&llvl=2&id=2280&cv=20220811-9-RELEASE&lt=connect-video-trc-11_ctrl&pct=1
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17347
abtests
trc.taboola.com/editoraglobo-glamour/log/3/ 		0
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/editoraglobo-glamour/log/3/abtests?route=US:US:V&lti=connect-video-trc-11_ctrl&ri=fa3c7eb4d38d66fa5fd2337feeccad21&sd=v2_2baaefe5c0d02c2630e7a946441c0f1f_1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8_1660292216_1660292216_EKD_SRi-64KJqTAgASgBMCY4iegHQOr1B0iny9kDUK7MB1gAYABo8cHPn4bN__V_cAE&ui=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8&pi=/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&wi=8695623456658807949&pt=text&vi=1660292216254&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22rendered%22%2C%22type%22%3A%7B%22renderingHeight%22%3A2925%2C%22scrollHeight%22%3A0%7D%2C%22eventTime%22%3A1660292216728%7D&tim=08%3A16%3A56.728&id=2882&llvl=2&cv=20220811-9-RELEASE&
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-vcl-time-ms
21
pragma
no-cache
date
Fri, 12 Aug 2022 08:16:56 GMT
via
1.1 varnish
server
nginx
x-timer
S1660292217.754572,VS0,VE21
x-served-by
cache-yul12824-YUL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
supply-feature
trc.taboola.com/editoraglobo-glamour/log/3/ 		0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/editoraglobo-glamour/log/3/supply-feature?route=US:US:V&lti=connect-video-trc-11_ctrl&ri=fa3c7eb4d38d66fa5fd2337feeccad21&sd=v2_2baaefe5c0d02c2630e7a946441c0f1f_1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8_1660292216_1660292216_EKD_SRi-64KJqTAgASgBMCY4iegHQOr1B0iny9kDUK7MB1gAYABo8cHPn4bN__V_cAE&ui=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8&pi=/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&wi=8695623456658807949&pt=text&vi=1660292216254&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=08%3A16%3A56.735&id=7719&llvl=2&cv=20220811-9-RELEASE&
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-vcl-time-ms
21
pragma
no-cache
date
Fri, 12 Aug 2022 08:16:57 GMT
via
1.1 varnish
server
nginx
x-timer
S1660292217.011195,VS0,VE21
x-served-by
cache-yul12824-YUL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
farzad-mohsenvand-tbuescuqmja-unsplash.jpeg
s2.glbimg.com/KQHigKVUuOZa50AF9SI1e5hRC58=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2022/s/p/QiPaVYSwWdvqYEukvIFg/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/KQHigKVUuOZa50AF9SI1e5hRC58=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2022/s/p/QiPaVYSwWdvqYEukvIFg/farzad-mohsenvand-tbuescuqmja-unsplash.jpeg
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
f4aa60d9f40ce68b6b53b2d873ef986a5a730a4e15d0b3c9521a150a51b96eaf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
via
2.0 CachOS
x-bip
69950566 ra03 11 05
age
61525
etag
"abbd623b88597791369824b5eb702ece6f7f8de3"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB1D009
access-control-allow-headers
Content-Type
content-length
8634
x-request-id
70392411-a695-44df-87c1-f75a793408ec
expires
Sat, 10 Sep 2022 15:01:07 GMT
captura-de-tela-2022-08-11-as-07.59.58.png
s2.glbimg.com/aXBVe21WCP_QMD5v6DS4dKyyGe0=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2022/T/8/4a9B4DQMuOQsJbxhjgOw/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/aXBVe21WCP_QMD5v6DS4dKyyGe0=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2022/T/8/4a9B4DQMuOQsJbxhjgOw/captura-de-tela-2022-08-11-as-07.59.58.png
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
bd88eb7c3e67db69685d5230db27e260be1c43eb2719a231801870445926d406

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
via
2.0 CachOS
x-bip
71705008 ra03 11 05
age
75841
etag
"ce8b81665ded7b64a1810b21286e9075d0c6d540"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB1D009
access-control-allow-headers
Content-Type
content-length
21504
x-request-id
5dfa719d-5df3-4f44-b3f3-83767a542ac2
expires
Sat, 10 Sep 2022 11:04:51 GMT
social
us-trc-events.taboola.com/editoraglobo-glamour/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-trc-events.taboola.com/editoraglobo-glamour/log/3/social?route=US:US:V&lti=connect-video-trc-11_ctrl&ri=fa3c7eb4d38d66fa5fd2337feeccad21&sd=v2_2baaefe5c0d02c2630e7a946441c0f1f_1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8_1660292216_1660292216_EKD_SRi-64KJqTAgASgBMCY4iegHQOr1B0iny9kDUK7MB1gAYABo8cHPn4bN__V_cAE&ui=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8&pi=/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&wi=8695623456658807949&pt=text&vi=1660292216254&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml%22%2C%22rref%22%3A%22https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Melhores%20do%20ano%3A%20os%20memes%20mais%20engra%C3%A7ados%20de%202019%22%2C%22sec%22%3A%22Lifestyle%22%2C%22aut%22%3A%5B%22Reda%C3%A7%C3%A3o%20Glamour%22%5D%2C%22img%22%3A%22https%3A%2F%2Fs2.glbimg.com%2F5RKybay3Hp0rg_rXAqhNaKBPUrw%3D%2F1200x%2Fsmart%2Ffilters%3Acover()%3Astrip_icc()%2Fi.s3.glbimg.com%2Fv1%2FAUTH_ba3db981e6d14e54bb84be31c923b00c%2Finternal_photos%2Fbs%2F2021%2FH%2Fv%2FUxuVO2S9OWQxqj8R4ciQ%2F2019-12-02-melhores-memes-de-2019-11.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=08%3A16%3A56.764&id=889&llvl=2&cv=20220811-9-RELEASE&
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 12 Aug 2022 08:16:56 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/3.8.8/ 		101 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.8.8/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220811-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
991985a765bb2b998996edefdf292ad2952f7e2e20e9253c6cc49d6f84145f96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:57 GMT
via
1.1 144825e0e5f4523d1f7ce8c9b62cd908.cloudfront.net (CloudFront), 1.1 varnish
age
256352
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
29588
x-served-by
cache-yul12824-YUL
last-modified
Tue, 09 Aug 2022 09:03:43 GMT
server
AmazonS3
x-timer
S1660292217.011193,VS0,VE0
etag
"0a5cf65af3b066623cc44d6503fa9e6b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
YUL62-C2
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
wzDTR7cMsw1mSgtmmCDiD5tUg7TH-b3N35DrKLziVnmrmuFXbdHYEw==
x-cache-hits
22491
publisher:getClientId
ampcid.google.ca/v1/ 		3 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.ca/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Aug 2022 08:16:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
modules.3ccc2561e7224ffbf999.js
script.hotjar.com/ 		249 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.3ccc2561e7224ffbf999.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2732676.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-103.phl50.r.cloudfront.net
Software
/
Resource Hash
2bc0d230e02afee1971f61273cc72443a06d1c0fadb96d63cece02834aa4c7cd
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 15:01:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
148549
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains
content-length
65052
access-control-allow-origin
*
last-modified
Wed, 10 Aug 2022 15:00:34 GMT
etag
"ed926f4e963f2602835aab2f77b3bea9"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 8db0da5790a86a83533944290a7dab9a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
6x0e4On-I_23xo_2HMXECkzeISu_Eq0FqGd1jBO94UPzQ5a5iUdUIw==
cx.js
cdn.cxense.com/ 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:7a8::268b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9bd4ff7240465b5c2581ec1281d3ae758200f39e01df0e180e3b42aacd1c54c6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:16:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Aug 2022 09:03:19 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26917
Expires
Fri, 12 Aug 2022 09:16:56 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		323 B
781 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15688&site_id=265214&zone_id=1312714&size_id=198&eid_pubcid.org=cdf74e9b-d4ff-4fb4-a63f-4134b31c453c%5E1&rf=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&tg_i.aupname=%2F85042905.*%26pub-in-.*&tg_i.pbadslot=%2F85042905%2Fglamour%2Flifestyle&tk_flint=dmpbjs_v6.24.1&x_source.tid=f0753dfb-78c5-4769-b6b8-8750d22ac8f6&l_pb_bid_id=397a4ec169d917&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.007553777368576986
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_glamour.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
00a8d121436905044f5829ca36147acc5ea8a2cc8f2a2108cb8e2f7296d2e1ae

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:57 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
323
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_glamour.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
4b32f78521845faa59c27c659b65acfba39e9bd0e6b8fba56d4f2d4fbafa87c5

Request headers

Referer
https://glamour.globo.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Aug 2022 08:16:57 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://glamour.globo.com
access-control-max-age
600
age
0
content-length
0
date
Fri, 12 Aug 2022 08:16:57 GMT
server
ATS/9.1.10.25
supply-feature
trc.taboola.com/editoraglobo-glamour/log/3/ 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/editoraglobo-glamour/log/3/supply-feature?route=US:US:V&lti=connect-video-trc-11_ctrl&ri=fa3c7eb4d38d66fa5fd2337feeccad21&sd=v2_2baaefe5c0d02c2630e7a946441c0f1f_1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8_1660292216_1660292216_EKD_SRi-64KJqTAgASgBMCY4iegHQOr1B0iny9kDUK7MB1gAYABo8cHPn4bN__V_cAE&ui=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8&pi=/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&wi=8695623456658807949&pt=text&vi=1660292216254&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=08%3A16%3A56.918&id=539&llvl=2&cv=20220811-9-RELEASE&
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-vcl-time-ms
21
pragma
no-cache
date
Fri, 12 Aug 2022 08:16:57 GMT
via
1.1 varnish
server
nginx
x-timer
S1660292217.020628,VS0,VE21
x-served-by
cache-yul12824-YUL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
supply-feature
trc.taboola.com/editoraglobo-glamour/log/3/ 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/editoraglobo-glamour/log/3/supply-feature?route=US:US:V&lti=connect-video-trc-11_ctrl&ri=fa3c7eb4d38d66fa5fd2337feeccad21&sd=v2_2baaefe5c0d02c2630e7a946441c0f1f_1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8_1660292216_1660292216_EKD_SRi-64KJqTAgASgBMCY4iegHQOr1B0iny9kDUK7MB1gAYABo8cHPn4bN__V_cAE&ui=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8&pi=/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&wi=8695623456658807949&pt=text&vi=1660292216254&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=08%3A16%3A56.921&id=1696&llvl=2&cv=20220811-9-RELEASE&
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-vcl-time-ms
20
pragma
no-cache
date
Fri, 12 Aug 2022 08:16:57 GMT
via
1.1 varnish
server
nginx
x-timer
S1660292217.020631,VS0,VE20
x-served-by
cache-yul12824-YUL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		375 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
603db0f6c2713ca7a57c9091bf85634c48fb5cabcb99cb718a8cbfefb0631f7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127744
x-xss-protection
0
expires
Fri, 12 Aug 2022 08:16:57 GMT
ima3_dai.js
imasdk.googleapis.com/js/sdkloader/ 		480 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3_dai.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef4086a8cf179f863e997d75540de101848b0b43d85b3c8a75e662cb2e50f533
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
161514
x-xss-protection
0
expires
Fri, 12 Aug 2022 08:16:57 GMT
box-54d18b2ccd1c7fa42c71f18525ba4ad0.html
vars.hotjar.com/ Frame 3809 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-54d18b2ccd1c7fa42c71f18525ba4ad0.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2732676.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-88.phl50.r.cloudfront.net
Software
/
Resource Hash
3b534eeaf216d2e54730d1c9bb15344f4b78712e6c781d31555585c51651e989
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
930530
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 01 Aug 2022 13:48:07 GMT
etag
"b310868fbdb4c8ee7d37e1b85ae269fa"
last-modified
Mon, 01 Aug 2022 13:47:35 GMT
strict-transport-security
max-age=86400; includeSubDomains
vary
Accept-Encoding
via
1.1 cf426d8f6e10e609055662f292295434.cloudfront.net (CloudFront)
x-amz-cf-id
PmVcSasEJ9yXdoyEgClms9YQZFH5-xjHjCZGtMqvYlbyqVZACUykzg==
x-amz-cf-pop
PHL50-C1
x-cache
Hit from cloudfront
x-robots-tag
none
collect
stats.g.doubleclick.net/j/ 		1 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-29532176-1&cid=437779693.1660292217&jid=327401415&gjid=1647017513&_gid=1700218470.1660292217&_u=ICDAgAABAAQCAE~&z=698594224
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 12 Aug 2022 08:16:57 GMT
content-type
text/plain
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=756794352&t=pageview&_s=1&dl=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&dr=https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F&ul=en-us&de=UTF-8&dt=Melhores%20do%20ano%3A%20os%20memes%20mais%20engra%C3%A7ados%20de%202019%20%7C%20Lifestyle%20%7C%20Glamour&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=ICDAgAABAAQC~&jid=327401415&gjid=1647017513&cid=437779693.1660292217&tid=UA-29532176-1&_gid=1700218470.1660292217&cd2=multi-content%20-%20materia&cd19=responsivo&cd20=801914769712392704&cd21=anonymous&cd22=%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&cd43=20191209&z=471108180
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 19:04:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
47539
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
0.tiny.js
static.infoglobo.com.br/paywall/js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/js/0.tiny.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js?utv=ut4.44.202112201735
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
Apache /
Resource Hash
dbff361120b68fef0d37e18d9a64530c432f9c7ee025253d1084c8d32fa88f66

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:06:47 GMT
Content-Encoding
gzip
Age
609
grace
none
X-Cache
HIT
Connection
Keep-Alive
Content-Length
5220
Last-Modified
Thu, 11 Aug 2022 20:00:17 GMT
Server
Apache
ETag
"a05b9512-4ecd-5e5fc9d4ad640"
vary
X-Forwarded-Proto
Content-Type
text/javascript
Access-Control-Allow-Origin
*
cache-control
public, max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
X-Cache-Hits
553
2.tiny.js
static.infoglobo.com.br/paywall/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/js/2.tiny.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js?utv=ut4.44.202112201735
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
Apache /
Resource Hash
fbac4ad8670acaf09b2d4ad862bf2d407f99c8ee193c48979faeb8dccd4f6883

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

proj
esc
Date
Fri, 12 Aug 2022 08:07:05 GMT
Content-Encoding
gzip
Age
591
grace
none
X-Cache
HIT
Connection
Keep-Alive
Content-Length
1455
Last-Modified
Thu, 11 Aug 2022 20:00:17 GMT
Server
Apache
ETag
"a03d3377-10e1-5e5fc9d4ad640"
vary
X-Forwarded-Proto
Content-Type
text/javascript
Access-Control-Allow-Origin
*
cache-control
public, max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
X-Cache-Hits
310
subscribe-button.js
static.infoglobo.com.br/paywall/valor-subscribe-button/v1/scripts/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/valor-subscribe-button/v1/scripts/subscribe-button.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js?utv=ut4.44.202112201735
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
Apache /
Resource Hash
ac2b0b24d095a1cbd0b3a8a099a9df8c82013e2901a7a46a0a47c1b50d941e05

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:09:19 GMT
Content-Encoding
gzip
Age
458
grace
none
X-Cache
HIT
Connection
Keep-Alive
Content-Length
692
Last-Modified
Thu, 11 Aug 2022 19:58:21 GMT
Server
Apache
ETag
"a06500f6-7a3-5e5fc9660d140"
vary
X-Forwarded-Proto
Content-Type
text/javascript
Access-Control-Allow-Origin
*
cache-control
public, max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
X-Cache-Hits
98
7.tiny.js
static.infoglobo.com.br/paywall/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/js/7.tiny.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js?utv=ut4.44.202112201735
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
Apache /
Resource Hash
a336595607ff8e8bb0ce3d49613de82ead1e92232a13101a16828ca1dcc97bf9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

proj
esc
Date
Fri, 12 Aug 2022 08:07:34 GMT
Content-Encoding
gzip
Age
563
grace
none
X-Cache
HIT
Connection
Keep-Alive
Content-Length
1275
Last-Modified
Thu, 11 Aug 2022 20:00:17 GMT
Server
Apache
ETag
"a04d9907-e00-5e5fc9d4ad640"
vary
X-Forwarded-Proto
Content-Type
text/javascript
Access-Control-Allow-Origin
*
cache-control
public, max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
X-Cache-Hits
286
sp1.html
cdn.cxense.com/ Frame E438 		684 B
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/sp1.html
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:7a8::268b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
379
Content-Type
text/html
Date
Fri, 12 Aug 2022 08:16:57 GMT
Expires
Mon, 22 Aug 2022 08:16:57 GMT
Last-Modified
Tue, 11 Jan 2022 07:21:04 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
cx.js
cdn.cxense.com/ Frame E438 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:7a8::268b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9bd4ff7240465b5c2581ec1281d3ae758200f39e01df0e180e3b42aacd1c54c6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.cxense.com/sp1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:16:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Aug 2022 09:03:19 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26917
Expires
Fri, 12 Aug 2022 09:16:57 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=756794352&t=event&_s=2&dl=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&dr=https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F&ul=en-us&de=UTF-8&dt=Melhores%20do%20ano%3A%20os%20memes%20mais%20engra%C3%A7ados%20de%202019%20%7C%20Lifestyle%20%7C%20Glamour&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Tipo%20de%20Cadastro&ea=Pageview&el=An%C3%B4nimo&_u=KCDAgAABAAQCAE~&jid=&gjid=&cid=437779693.1660292217&tid=UA-29532176-1&_gid=1700218470.1660292217&z=1167564320
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 19:04:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
47539
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
p1.js
p1cluster.cxense.com/ Frame E438 		47 B
638 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p1cluster.cxense.com/p1.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.40.89.32 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
d5bde0e0d1ae23665b9682470e6a4c1446538ed040cec07920d0fd468d43a0cb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:57 GMT
last-modified
Sat, 12 Feb 2022 08:16:57 GMT
server
Jetty(9.4.28.v20200408)
etag
13l9d7dwviwmn1bj08gu6ia946
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
private, proxy-revalidate
content-type
text/javascript;charset=utf-8
content-length
47
expires
Sat, 12 Aug 2023 08:16:57 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=glamour.globo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 08:16:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		45 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1034367253092003&correlator=2009137487445426&eid=31068869&output=ldjh&gdfp_req=1&vrg=2022080801&ptt=17&impl=fif&iu_parts=85042905%2Cglamour%2Clifestyle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90%7C728x90%7C970x250%7C1x1%7C970x150&ifi=1&adks=3229887313&sfv=1-0-38&fsapi=false&prev_scp=Editora.pos%3DTop%26editora.url%3Dmelhores-do-ano-os-memes-mais-engracados-de-2019%26Editora.random%3D9&eri=1&cust_params=ognCluster%3D%26kuid%3D&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1660292217357&lmt=1660292217&dlt=1660292213624&idt=3224&adxs=315&adys=215&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&ref=https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F&frm=20&vis=1&psz=1600x250&msz=1600x0&fws=4&ohw=1600&ga_vid=437779693.1660292217&ga_sid=1660292217&ga_hid=756794352&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
e053354723c0c1a0fbfef78430b37c3079acb14153404ec19d34a6a8d04b8631
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
x-xss-protection
0
google-lineitem-id
6082032893
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138400649675
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1034367253092003&correlator=2599991386012708&eid=31068869&output=ldjh&gdfp_req=1&vrg=2022080801&ptt=17&impl=fif&iu_parts=85042905%2Cglamour%2Clifestyle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=2&adks=3576296953&sfv=1-0-38&fsapi=false&prev_scp=Editora.pos%3DTop%26editora.url%3Dmelhores-do-ano-os-memes-mais-engracados-de-2019%26Editora.random%3D5&eri=1&cust_params=ognCluster%3D%26kuid%3D&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1660292217363&lmt=1660292217&dlt=1660292213624&idt=3224&adxs=892&adys=773&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&ref=https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=4&ohw=1600&ga_vid=437779693.1660292217&ga_sid=1660292217&ga_hid=756794352&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
6272093589ae62c375bd91a0e1beb5e9d16162124c95b3598b34991da7fd8f93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9621
x-xss-protection
0
google-lineitem-id
5709452580
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138351778082
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1034367253092003&correlator=4106913244619328&eid=31068869&output=ldjh&gdfp_req=1&vrg=2022080801&ptt=17&impl=fif&iu_parts=85042905%2Cglamour%2Clifestyle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=640x480%7C640x360&ifi=3&adks=3850837918&sfv=1-0-38&fsapi=false&prev_scp=Editora.pos%3DInread%26editora.url%3Dmelhores-do-ano-os-memes-mais-engracados-de-2019&eri=1&cust_params=ognCluster%3D%26kuid%3D&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1660292217367&lmt=1660292217&dlt=1660292213624&idt=3224&adxs=0&adys=2066&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&ref=https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F&frm=20&vis=1&psz=1600x1965&msz=1600x0&fws=4&ohw=1600&ga_vid=437779693.1660292217&ga_sid=1660292217&ga_hid=756794352&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
ac5a12f395d97c17ecc9826991a8018e6ba113937ef5ac4bb33bb6451cbcaa74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9469
x-xss-protection
0
google-lineitem-id
4565038482
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138336733253
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1034367253092003&correlator=1182642987861365&eid=31068869&output=ldjh&gdfp_req=1&vrg=2022080801&ptt=17&impl=fif&iu_parts=85042905%2Cglamour%2Clifestyle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=4&adks=3935049410&sfv=1-0-38&fsapi=false&prev_scp=Editora.pos%3Din-image%26editora.url%3Dmelhores-do-ano-os-memes-mais-engracados-de-2019&eri=1&cust_params=ognCluster%3D%26kuid%3D&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1660292217370&lmt=1660292217&dlt=1660292213624&idt=3224&adxs=0&adys=5637&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&ref=https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F&frm=20&vis=1&psz=1600x130&msz=1600x0&fws=4&ohw=1600&ga_vid=437779693.1660292217&ga_sid=1660292217&ga_hid=756794352&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
8f70a7b48917ad6de4290cb08c66599256a1cd7b255b97dda65e081a17ef1d9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9395
x-xss-protection
0
google-lineitem-id
5705163548
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138351052101
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1034367253092003&correlator=2875876297827176&eid=31068869&output=ldjh&gdfp_req=1&vrg=2022080801&ptt=17&impl=fif&iu_parts=85042905%2Cglamour%2Clifestyle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&adks=2074024431&sfv=1-0-38&fsapi=false&prev_scp=Editora.pos%3DDhtml%26editora.url%3Dmelhores-do-ano-os-memes-mais-engracados-de-2019&eri=1&cust_params=ognCluster%3D%26kuid%3D&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1660292217373&lmt=1660292217&dlt=1660292213624&idt=3224&adxs=0&adys=5637&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&ref=https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F&frm=20&vis=1&psz=1600x130&msz=1600x0&fws=4&ohw=1600&ga_vid=437779693.1660292217&ga_sid=1660292217&ga_hid=756794352&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
d247fe6a3bb51adeba758c6cd8ff5263a87656162cb0cdcf4bfedef557c46e83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9409
x-xss-protection
0
google-lineitem-id
5693016947
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138358623781
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
066da66e2e5b10bb8a1c7caabfa9442a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4DE0 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://066da66e2e5b10bb8a1c7caabfa9442a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 08:16:57 GMT
expires
Sat, 12 Aug 2023 08:16:57 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gl_footer_desk.gif
s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/mobiliario_revistas/00_atual/glamour/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/mobiliario_revistas/00_atual/glamour/gl_footer_desk.gif
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
e6f842ccb9f05ede4f39819492a3c2ef22fd899c3c667da47fd2e8349ea62722

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:57 GMT
x-openstack-request-id
tx78998d5eb05c4b6a94b86-0062f60bc5
last-modified
Fri, 27 May 2022 17:58:48 GMT
x-trans-id
tx78998d5eb05c4b6a94b86-0062f60bc5
x-thanos
0AB24044
etag
3ad27a649e6954cc9f3589a9f7bd392d
vary
Accept-Encoding, Origin
content-type
image/gif
x-timestamp
1653674327.54869
cache-control
public, max-age=180
accept-ranges
bytes
content-length
8181
x-request-id
829575fc-42df-475b-aba4-45556c63d6a6
st
imprnjmp.taboola.com/ Frame FABE 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7j2sCFgPFLCTVYqRz5gTFLCTVYqRz5gUAAAAGBvQHJGTzLBYW48qt3Dgsa9FqMFsLlwvbWjJYDmfDkXMyXFiMQAKDkWk4WznWKufEthYtfAu3xLbYrVWr3Ww0WpkcC5txCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8b1NB0Onyue73O7HD7XZe7zuy3-O0av9svdtpcntPz7PLL_aanx-nwSwaL5V4x2atdZqPf8vK8RX63wu536z1vtcvt8rzVDqfnrbL7LA-Pw-T3vEUut2SwWM51RtPbbAcAAACAB4CqpwWIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhMRwDQCTDYHokAOh_XbT5eUw-wMA4OEBBABAAIMEoID3tATg46zsBAAAAAAAAACA5f___z9mgF5vQQZA5D2nB-DBB-CBiECziBEAAABAJU7m7NGkTqgsqgAACNKtAK4AAAIEI0FuA8MAAAAKxECs1VM161opxxboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQDQBAmvAkir3aLyAAwNovIAAAm7oBALwFwIWcDppOh891r9f9fnfB5W_6e_xmv2_l9s01frddYrkLHR6vy2E3-R12z9Nlcphcds3h4XH5RUfQisFgdQqxG84Gu8lgtZsdAAAAwN3___8_Hoi1eqpmXSulHohMHA6XzeXaGEaGycYy2wxWvoVzNBuNFhvDzDHz3pkcp8JMLmplX4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzG_CFqPVZLJZDmfLxWQwHA1Ho_0NxGA0wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmJj4Fp7dYLZWbVyetWjksa0VDpdtrZosPBaTx2Wy2IZr0etjeq5szsXMuEXBgK-9CC7SicrkNP0tD5_Zb_G7dWaH2--6XMQSzckincgu-8rE4XDZXK6NYWSYbCyzzWDlWzhHs9FosTHMHDN_Y-JbeHaD2Vq1cXnWopHHtlY4XLa1arLwWEwel8liG65Fr4_pubI5FzPjvjGbDSbLyWQx2zdms8FkOZksZvsWl8TvVJpu2WhLZZwaPAenZ2FzmKWly2dk9CmPCWFpdz63JlaXt6Ywdg5mg8I3boyEumli5_dr_Y6DRRFLBKeLdCJ6GU8XsUTytEgnModn41tZTCPPcGSbzRyumcmy2exmLpfH4zBZFhOxRGm6SCd6sdPm8pyeZ5df7jc9PU6HXzJYLPeKyV7tMhv9lpfnLfK7FXa_W-95q11ul-etdjg9b5XdZ3l4HCa_5y1yuSWDxXKuM5reZov6jw4xWs5Vs7litZkrdstVAgAAAAAAAABYwpR5EwAAAIDTYHar5W61XACJP1Ddn_CmLyxlCstdvNYHO7FZ7sbixo8pyuQ0_S0Pn9lv8bt1Zofb77pcGUDCTZR5s2eCWKvVsgYAABDABgAACODWzVsgOiS3D7TEhVIv_MgF!&cmcv=&pix=undefined&cb=1660292217425&uv=3213&tms=1660292217425&abt=adh5c-1_vA!dfrc_vA!esv_vA!inc_all_video_vA!t45!ttdfpc_vA!tvrTotal_vB!ufm_vE&ru=https://www.protocolo7em7.com.br.hackeandoansiedade.space/&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=df31ab8e-9ca2-4506-89a6-209868d928ab&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.8.8/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5f6d2afa3dd286add8b53779b539dee552eca159e41a4c255829bad31c73a538

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Fri, 12 Aug 2022 08:16:57 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12824-YUL
x-timer
S1660292217.436288,VS0,VE21
sync
us-match.taboola.com/ Frame 2F23 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us-match.taboola.com/sync?dast=V7j2sCFgPFLCTVYqRz5gTFLCTVYqRz5gUAAAAGBvQHJGTzLBYW48qt3Dgsa9FqMFsLlwvbWjJYDmfDkXMyXFiMQAKDkWk4WznWKufEthYtfAu3xLbYrVWr3Ww0WpkcC5txCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8b1NB0Onyue73O7HD7XZe7zuy3-O0av9svdtpcntPz7PLL_aanx-nwSwaL5V4x2atdZqPf8vK8RX63wu536z1vtcvt8rzVDqfnrbL7LA-Pw-T3vEUut2SwWM51RtPbbAcAAACAB4CqpwWIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhMRwDQCTDYHokAOh_XbT5eUw-wMA4OEBBABAAIMEoID3tATg46zsBAAAAAAAAACA5f___z9mgF5vQQZA5D2nB-DBB-CBiECziBEAAABAJU7m7NGkTqgsqgAACNKtAK4AAAIEI0FuA8MAAAAKxECs1VM161opxxboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQDQBAmvAkir3aLyAAwNovIAAAm7oBALwFwIWcDppOh891r9f9fnfB5W_6e_xmv2_l9s01frddYrkLHR6vy2E3-R12z9Nlcphcds3h4XH5RUfQisFgdQqxG84Gu8lgtZsdAAAAwN3___8_Hoi1eqpmXSulHohMHA6XzeXaGEaGycYy2wxWvoVzNBuNFhvDzDHz3pkcp8JMLmplX4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzG_CFqPVZLJZDmfLxWQwHA1Ho_0NxGA0wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmJj4Fp7dYLZWbVyetWjksa0VDpdtrZosPBaTx2Wy2IZr0etjeq5szsXMuEXBgK-9CC7SicrkNP0tD5_Zb_G7dWaH2--6XMQSzckincgu-8rE4XDZXK6NYWSYbCyzzWDlWzhHs9FosTHMHDN_Y-JbeHaD2Vq1cXnWopHHtlY4XLa1arLwWEwel8liG65Fr4_pubI5FzPjvjGbDSbLyWQx2zdms8FkOZksZvsWl8TvVJpu2WhLZZwaPAenZ2FzmKWly2dk9CmPCWFpdz63JlaXt6Ywdg5mg8I3boyEumli5_dr_Y6DRRFLBKeLdCJ6GU8XsUTytEgnModn41tZTCPPcGSbzRyumcmy2exmLpfH4zBZFhOxRGm6SCd6sdPm8pyeZ5df7jc9PU6HXzJYLPeKyV7tMhv9lpfnLfK7FXa_W-95q11ul-etdjg9b5XdZ3l4HCa_5y1yuSWDxXKuM5reZov6jw4xWs5Vs7litZkrdstVAgAAAAAAAABYwpR5EwAAAIDTYHar5W61XACJP1Ddn_CmLyxlCstdvNYHO7FZ7sbixo8pyuQ0_S0Pn9lv8bt1Zofb77pcGUDCTZR5s2eCWKvVsgYAABDABgAACODWzVsgOiS3D7TEhVIv_MgF!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.8.8/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
f00b3475acef664a9005d3a715b6bb852c1ba74e8755ebe6b529345fa3420036

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Fri, 12 Aug 2022 08:16:57 GMT
machineid
3109
server
nginx
st
us-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7j2sCFgPFLCTVYqRz5gTFLCTVYqRz5gUAAAAGBvQHJGTzLBYW48qt3Dgsa9FqMFsLlwvbWjJYDmfDkXMyXFiMQAKDkWk4WznWKufEthYtfAu3xLbYrVWr3Ww0WpkcC5txCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8b1NB0Onyue73O7HD7XZe7zuy3-O0av9svdtpcntPz7PLL_aanx-nwSwaL5V4x2atdZqPf8vK8RX63wu536z1vtcvt8rzVDqfnrbL7LA-Pw-T3vEUut2SwWM51RtPbbAcAAACAB4CqpwWIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhMRwDQCTDYHokAOh_XbT5eUw-wMA4OEBBABAAIMEoID3tATg46zsBAAAAAAAAACA5f___z9mgF5vQQZA5D2nB-DBB-CBiECziBEAAABAJU7m7NGkTqgsqgAACNKtAK4AAAIEI0FuA8MAAAAKxECs1VM161opxxboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQDQBAmvAkir3aLyAAwNovIAAAm7oBALwFwIWcDppOh891r9f9fnfB5W_6e_xmv2_l9s01frddYrkLHR6vy2E3-R12z9Nlcphcds3h4XH5RUfQisFgdQqxG84Gu8lgtZsdAAAAwN3___8_Hoi1eqpmXSulHohMHA6XzeXaGEaGycYy2wxWvoVzNBuNFhvDzDHz3pkcp8JMLmplX4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzG_CFqPVZLJZDmfLxWQwHA1Ho_0NxGA0wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmJj4Fp7dYLZWbVyetWjksa0VDpdtrZosPBaTx2Wy2IZr0etjeq5szsXMuEXBgK-9CC7SicrkNP0tD5_Zb_G7dWaH2--6XMQSzckincgu-8rE4XDZXK6NYWSYbCyzzWDlWzhHs9FosTHMHDN_Y-JbeHaD2Vq1cXnWopHHtlY4XLa1arLwWEwel8liG65Fr4_pubI5FzPjvjGbDSbLyWQx2zdms8FkOZksZvsWl8TvVJpu2WhLZZwaPAenZ2FzmKWly2dk9CmPCWFpdz63JlaXt6Ywdg5mg8I3boyEumli5_dr_Y6DRRFLBKeLdCJ6GU8XsUTytEgnModn41tZTCPPcGSbzRyumcmy2exmLpfH4zBZFhOxRGm6SCd6sdPm8pyeZ5df7jc9PU6HXzJYLPeKyV7tMhv9lpfnLfK7FXa_W-95q11ul-etdjg9b5XdZ3l4HCa_5y1yuSWDxXKuM5reZov6jw4xWs5Vs7litZkrdstVAgAAAAAAAABYwpR5EwAAAIDTYHar5W61XACJP1Ddn_CmLyxlCstdvNYHO7FZ7sbixo8pyuQ0_S0Pn9lv8bt1Zofb77pcGUDCTZR5s2eCWKvVsgYAABDABgAACODWzVsgOiS3D7TEhVIv_MgF!&cmcv=&pix=31589837&cb=1660292217425&uv=3213&tms=1660292217425&abt=adh5c-1_vA!dfrc_vA!esv_vA!inc_all_video_vA!t45!ttdfpc_vA!tvrTotal_vB!ufm_vE&ru=https://www.protocolo7em7.com.br.hackeandoansiedade.space/&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1660292212811.3!ts:1660292217424&mntl=1
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:57 GMT
content-length
0
server
nginx
pubcid.min.js
id.sharedid.org/lib/ 		732 B
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.sharedid.org/lib/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.209.30.241 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-30-241.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:57 GMT
cache-control
public, max-age=86400
last-modified
Fri, 12 Aug 2022 04:51:44 GMT
accept-ranges
bytes
content-length
732
vary
accept-encoding
content-type
application/javascript
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 06 Aug 2022 03:47:01 GMT
content-encoding
gzip
age
534596
x-guploader-uploadid
ADPycduPwty4srVjCLv-APObPZSbMhsLirnZm4hq5qKXVJFyucPOw77bfUSdQpKezf4YyKzI32mMeIfAMaN6hqBeQJplog
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-generation
1622140251693895
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 06 Aug 2023 03:47:01 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf019a1e03162a3ab267c3dc07d7eb9b1ddb76ce703755c49a7ca9edbd1d87db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:57 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
1525
x-amz-server-side-encryption
AES256
x-amz-request-id
BCGYZXK2V4V9SX9S
x-amz-id-2
AAukq8JD2hsuCUf2Pc4tmHDfUb4xW6NyLexga65dneihZwQT7uz3zH4Hl1be1WOI2ZqP3sPjr+g=
last-modified
Wed, 27 Jul 2022 15:06:46 GMT
server
cloudflare
etag
W/"ce8697e279fcae53e3ebebe92f9e8909"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7397c597dff4714a-YUL
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
c9bfbc2b802937d34983a32a97f9703769f7dc7a9ffebbe99e186aeb5141add1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:57 GMT
content-encoding
gzip
last-modified
Tue, 02 Aug 2022 12:51:24 GMT
server
nginx
etag
W/"62e91dcc-9dbd"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 13 Aug 2022 08:16:57 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		29 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-92.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
094b946adc39ade08f6d927ea066c8fef3ba6ee5c12919873172315ef7428e92

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 12 Aug 2022 00:25:22 GMT
via
1.1 64aebd154b6045af00c94ad9d2ff49f2.cloudfront.net (CloudFront)
last-modified
Tue, 19 Jul 2022 18:12:40 GMT
server
AmazonS3
age
28296
etag
"2fa1275c04d6208db458c1ec8559f92d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
content-length
29590
x-amz-cf-id
-9KbKqb0pBXrLSBCRP0h9YJQfU8EhA6wb7WLt8bRPkXkOV7OHS_ZXA==
uid2-sdk-0.0.1b.js
prod.uidapi.com/static/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.12.169.211 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-12-169-211.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:57 GMT
cache-control
public, max-age=86400
last-modified
Tue, 17 May 2022 17:30:07 GMT
accept-ranges
bytes
content-length
4559
vary
accept-encoding
content-type
application/javascript
view
securepubads.g.doubleclick.net/pcs/ Frame 6391 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJfSXNMqr2_Fraj_kM1t2BVUUjuzhMt7w2nR-ZHTY6PX-RpM82lzVvUmxdgL63pvrX5YhIzyEn9Ecsi--6JUmlwOhmPEfN0tKZX9ZbzdgKp7amzijCcZQuUgzCK3s_av9TdF5mo1ttxTcI-onP2DjYjhxJzjmcV4lz1ckV1--KdzSlsrQKi2JkmZ6vN1o0Eu0RmbWjEc39GC6MqavGDCjH4X1QdB6GFUqSZ7vfMmdaiyt_Y6NUxtvLEvRqB4E0h4Eyg4k1mHZ3mK_gBj0YfhCvWtX-UwcXTXOzYco5PMmz4fda1Rs30o1ga4-3iaHVjuEp6F-JAynOPQ&sai=AMfl-YT5XSap8lfe8GMObtgNZTcqy0LjGashLRQep4AVMViIqJSwTxdCkkKdrrdsbL7mriRyVp2JBldbnJeM2_hUPIUc2nobYaekCb-o_yLtWgw9V5O0v0h8LZo8eMlWKQ&sig=Cg0ArKJSzAVt48qLYbelEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.protocolo7em7.com.br.hackeandoansiedade.space
URL: https://www.protocolo7em7.com.br.hackeandoansiedade.space/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 08:16:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
revistaglamour.globo.com_16671.js
ads.vidoomy.com/ Frame 6391 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.vidoomy.com/revistaglamour.globo.com_16671.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.19.54.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-19-54-139.us-east-2.compute.amazonaws.com
Software
Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
42b991685bd8c58ba662e8ad8fb84c173ffa90fc508f471def5dd1191a4be86d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:57 GMT
Server
Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Content-Length
4585
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6391 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 08:16:57 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7DD0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssO7ei9mmGR7dRYcQ2fVcj-edTEAko_6kwiEC3VW1gRDKTbrlJkA_Zv8aTGHtwgOXMzvw8-h3Ehe98anyfY3duHq31gt5vetfETEhf1CSZa60TD-G6rXChxV5HfeqOecT5jVjdPIA3PyKu9tFnn_1v-zE-ip0c8HBdC9xTFKgcg7twpllkt28Q0_fEMP2xWpV-ikM0Spsm2UeqzGrWfyf1zaNNliM4n9tX8-eGLphXxL9ifLAoYiIWZ5ofX4-cuhA1bP5Wk2i2Qs-H_qu0IHsUN6sD5G7ZD3IEk-cCNu1pacxrvRPhTMzbqOdqQDSMAqaA5D4yFzQ&sai=AMfl-YSl8FdaX35jiT2dgN5Dk56UkE5Y_0ZHVUh4YaAF_vntrHvTGtFFQmwfm-W5PtfiDGHjgUT5xwLEQOAK3dVYScV80mNjaGcs2ZYxMyYy8asOyGp1qQWvrAztFY8drw&sig=Cg0ArKJSzEAo9kA_FbuoEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.protocolo7em7.com.br.hackeandoansiedade.space
URL: https://www.protocolo7em7.com.br.hackeandoansiedade.space/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 08:16:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
5773-7780-01.js
t.seedtag.com/t/ Frame 7DD0 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/t/5773-7780-01.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.133.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
738f0c67d41e7321806f262f0f43a68012d04ccf027fcaa71f03fdd3170b71b7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
7397c597ed06a1de-YYZ
date
Fri, 12 Aug 2022 08:16:57 GMT
via
1.1 google
cf-cache-status
EXPIRED
server
cloudflare
etag
W/"aa87-5UDQcFmic2naSkJhf3+V6lGKRqI"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=1200
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 08:36:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7DD0 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 08:16:57 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&rid=esp&cc=1
85 B
103 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&rid=esp&cc=1
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
11c34dca9439fe4670a8226e2a8e4e364898d2348b1f755f4c1582ec90b60b23

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:57 GMT
via
1.1 google
etag
W/"55-uM3+FZ8O58hb7owz2W6OMUq/oNM"
x-powered-by
Express
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Fri, 12 Aug 2022 08:16:57 GMT
via
1.1 google
access-control-allow-origin
https://glamour.globo.com
x-powered-by
Express
vary
Origin
location
/esp?url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
increment
id5-sync.com/api/esp/ 		0
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:16:57 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
strict-transport-security
max-age=63072000; includeSubDomains; preload
map
bcp.crwdcntrl.net/6/ 		227 B
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.252.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-252-20.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
00885a61f614455a4efbce10ad5ba91ee03f046eee738efbd5e910da2c2cc830

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:57 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache
x-server
10.40.43.229
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
227
expires
0
5773-7780-01.js
t.seedtag.com/t/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/t/5773-7780-01.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/t/5773-7780-01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.133.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
738f0c67d41e7321806f262f0f43a68012d04ccf027fcaa71f03fdd3170b71b7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
7397c59a3f67a1de-YYZ
date
Fri, 12 Aug 2022 08:16:57 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
0
etag
W/"aa87-5UDQcFmic2naSkJhf3+V6lGKRqI"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=1200
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 08:36:57 GMT
truncated
/ Frame 6391 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ad56d87ecff4b9d65d88ff993503b6083e82445f82decbee264eb500faf929f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
rep.gif
comcluster.cxense.com/Repo/ Frame E438 		43 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comcluster.cxense.com/Repo/rep.gif?ver=2.6.2&typ=pgv&rnd=l6q749br7l8t4ew4&sid=4756157261768221469&loc=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&new=1&arf=0&ltm=1660292217111&ref=https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F&tzo=0&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=l6q749rfl0cbofuk&ckp=l6q749brymrcbry4&glb=&cp_userState=anon&cst=13l9d7dwviwmn1bj08gu6ia946
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.40.89.32 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:57 GMT
server
Jetty(9.4.28.v20200408)
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
43
content-type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame D3EF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0YTTJk1gbs56ZdGpi5TYSEXmKlA8c8PLjny_30AdLVO51b16oBppyS7OVR3j2r8SA5HbjTf2FZsjR1P6xPOVAI54VzlXjRg1xPM-Ge_FIX1UZ3Se_cKV2iIYQbkFCsyIkm-JVAUZzTtQtXTBbMyAubqozI4BNKBpL-swRY9I9FIojGoNaBqKHYRP92TmBF1cpUCrLJUq4Eqv_-leMti-2bVFG0QGAdBJE9nf02o6BqklBO9BDqjSO8R75UgFD5oAJC7FiL1jwn8YM8jCvBDJY4f4jZn5hywiH2KIy4a3aao8Ah9tv6NgmbpopD5myWeB84MJ5TAHAUQ&sai=AMfl-YS1cDbBeZtDygKPCtOOoIA-0cCpW1V-R9-Wxx_Y6zLxvBEQ9VOyh1hWfuQCosTfq5-dXvuxfmChzcKXz-bk7gwQVkFFfw9mU11KTwanNegy00g-ZsXUpvBfCltu_9w&sig=Cg0ArKJSzJnzVWa90xV4EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.protocolo7em7.com.br.hackeandoansiedade.space
URL: https://www.protocolo7em7.com.br.hackeandoansiedade.space/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 08:16:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
tag
a.teads.tv/page/80259/ Frame D3EF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/80259/tag
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.169.52 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-169-52.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3967cf031a451f1d50726a9c7d4bfee59e1b4ff70d98807f8fc47838400a5f6f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:57 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
1262
expires
Fri, 12 Aug 2022 09:16:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D3EF 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 08:16:57 GMT
event
prebid-a.rubiconproject.com/ 		61 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_glamour.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.195.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-195-121.compute-1.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 12 Aug 2022 08:16:57 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.195.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-195-121.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Fri, 12 Aug 2022 08:16:57 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
id
id.cxense.com/public/user/ 		117 B
706 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22l6q749brymrcbry4%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%2213l9d7dwviwmn1bj08gu6ia946%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%2213l9d7dwviwmn1bj08gu6ia946%22%7D%5D%2C%22siteId%22%3A%224756157261768221469%22%2C%22location%22%3A%22https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml%22%7D&callback=cXJsonpCBl6q74a5xipgy0pxb
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.40.89.32 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
367f8e70205821e65c52b00901f038ecc0c4bbf31e260dd3de584a0c123865a1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-type
text/javascript;charset=utf-8
content-length
117
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame 7DD0 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ae8416ed7b3605518ee54f5042658bba6ca059a9acefade4614210894e788c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 7DD0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvdVvrZwXhbXZ4Vq5CwyR_qY8vBz2BheiuRpSfH4YSkZbbXCRmIpqz9mahRe0Vj0I6XAN3wVe9hum7A3Qrh5LDlRFddhF3jebK7XTbaUjY7n_FTKmjiH4xUgYpEZZcZme7NEBUYGTY_mGBx6dNCfBubdAwtxccxHsub0OV6e77yNGz0WkfXToeXOMi1GbIIcNPqM1WozQbyRUdP2HT9TOC9USiMimK7wy6AUCHrT8MMvz0X2McSvfF7G8jJt8jDJhIkc93eFHTOc5cKz0km0mOj3R-hBLZuiwNppJOb-nHLJ59O56beU7cUia8gyNc1YAExeuW3L4G&sai=AMfl-YSAEt7xKMKG6VyqPFK_XfwRwszjXCjbAmbNbqLkVJoMEOG03is0vLfAWN5-EUHtJXkmJ0QKHVf-cguNg6EowzIPN9UIIK2hXInCUfWNQYjyeShhABDTSAOeIhudiA&sig=Cg0ArKJSzJwrEAsqGfeAEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 08:16:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 12 Aug 2022 08:16:57 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 4912 		623 B
835 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b864658d15b7c8d4e995e3498902e48651fe99a009f70421aef1555d04b0ba79

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
411
content-type
text/html
date
Fri, 12 Aug 2022 08:16:57 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
bulk
trc.taboola.com/editoraglobo-glamour/log/3/ 		0
81 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/editoraglobo-glamour/log/3/bulk?route=US%3AUS%3AV&lti=connect-video-trc-11_ctrl&bulkSize=4
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220811-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
22
pragma
no-cache
date
Fri, 12 Aug 2022 08:16:57 GMT
via
1.1 varnish
server
nginx
x-timer
S1660292218.789303,VS0,VE22
x-served-by
cache-yul12824-YUL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
view
securepubads.g.doubleclick.net/pcs/ Frame E785 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRkW0KgKj-ezi97_YS648jflFmHPak9i3sZOHU42uAnbEVX273HI-f6c_tKhcTpMtWKSfITXOsbKAZrzTsDRyZX8rbjl42FXGRWilXOguOwKTUsvzwvzegJ44rjp_zWJIOiweg3iZSPx5-XnEa9AM9YSDoisCmFl8fU1GFT8xWRiNvalyi5TKZtABmw8V4J0ubrDa075rWTOSpqkICnKu-b4rg3Dk1WvY6cvTVbv4kUfgRP4GJisBeZamixwOfFuR0X-hVxe2TcLX7ipYhVdlfhE64t9fG6aSnHbXGmViwSjCW-G8CL-s7JX8EdeMvfc7OVgEhOQ&sai=AMfl-YTkvh_NNlTI4UTua83N3YGVkv2Xq6sDqFZiVD6uZWpcIr_pAsfrMwb46wwRiYqBCVYUOXc31cDBQl9cY4--z2OO7NWz0v1pTnQ1RsDhZ7CDVZvkYQYcuPwc2vYHyQ&sig=Cg0ArKJSzK5AmOtMH6geEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.protocolo7em7.com.br.hackeandoansiedade.space
URL: https://www.protocolo7em7.com.br.hackeandoansiedade.space/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 08:16:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame E785 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:09:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
460
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 08:09:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame E785 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:07:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
539
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 08:07:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E785 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 08:16:57 GMT
l
www.google.com/ads/measurement/ Frame E785 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS8fQP86lIP3eBdpClAgZqiqOVAFIB_SZZ94uFr4n8yjA9XQua7iwjUvET_WHLLA3ECFQ-AiPoJtN0MXWY9sQJ1S8bn_Q
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
9458436582140414561
tpc.googlesyndication.com/simgad/ Frame E785 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9458436582140414561
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7d577eb3381e7b5b619951df0bba1fb29667597808f61f5b3abf52f2cab703b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 20:48:22 GMT
x-content-type-options
nosniff
age
214115
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15770
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 18:39:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 09 Aug 2023 20:48:22 GMT
formats.js
ad.lkqd.net/vpaid/ Frame D28C 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: www.protocolo7em7.com.br.hackeandoansiedade.space
URL: https://www.protocolo7em7.com.br.hackeandoansiedade.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:57 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1660292217.cds197.dc2.hn,1660292217.cds176.dc2.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
formats.js
ad.lkqd.net/vpaid/ Frame 8135 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: www.protocolo7em7.com.br.hackeandoansiedade.space
URL: https://www.protocolo7em7.com.br.hackeandoansiedade.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:57 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1660292217.cds197.dc2.hn,1660292217.cds176.dc2.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
auto-user-sync
ads.stickyadstv.com/ 		43 B
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:58 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1660292218287004-304
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=63852340.877525111619857892.8907135
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=63852340.877525111619857892.8907135
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=vidoomy&ssp_user_id=9f6c8083-3ab4-40a9-9e61-00d2d73f3398&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171119158&expires=5&ssp=vidoomy
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
52.58.70.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-70-33.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
content-encoding
none
server
fasthttp
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

Location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
Date
Fri, 12 Aug 2022 08:16:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58610/occ
  • https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-RydbI5hE2uFDB9iSgTjz3M_1h9BFwOrDNIvwXc0-~A
43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-RydbI5hE2uFDB9iSgTjz3M_1h9BFwOrDNIvwXc0-~A
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
52.58.70.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-70-33.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
content-encoding
none
server
fasthttp
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

location
https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-RydbI5hE2uFDB9iSgTjz3M_1h9BFwOrDNIvwXc0-~A
date
Fri, 12 Aug 2022 08:16:57 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
gl-botao-desk.png
s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/mobiliario_revistas/00_atual/glamour/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/mobiliario_revistas/00_atual/glamour/gl-botao-desk.png
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
40c6e73505b42c7e66cca644b0bdeda5b54eba8b125787fd1757d168622dee78

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:57 GMT
x-openstack-request-id
txba0aae8c517b46f39d628-0062f60bc6
last-modified
Fri, 27 May 2022 17:51:16 GMT
x-trans-id
txba0aae8c517b46f39d628-0062f60bc6
x-thanos
0AB24044
etag
82a68af3a1e64705f72eaa084512b867
vary
Accept-Encoding, Origin
content-type
image/png
x-timestamp
1653673875.99055
cache-control
public, max-age=180
accept-ranges
bytes
content-length
2497
x-request-id
1a9cbc9b-7644-4fb7-adb9-21e6f6a66911
view
securepubads.g.doubleclick.net/pcs/ Frame 6391 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstO2EFsEkf6YqEuEXm470mTHo7FWWHlw1zg-2RsQg_6ItLE0_2Y8F5dLMHRMi4z-ZX54d3mniPKRQsnAvSEwsLiMVsFJENHiXJ_2bEfs3FCKhbiFMnT4TKzMlc24SybAJswHHk7vRnutsw27pg5KpBHfseo17c_ovuBX01ENBtH8yiB311mqTUmTvz4C7Iv9xefuF9ki7jewE3vt7xAEopuqvHcR2YJEWvsMwms33yZjOr4l0Co0z_262PMV4c-2GWB04CJDYu74xeMjJfnYuPvyzSTbYZMvNSqwGjUfvtGyQ-pTbWQj90KpkEibM4ZL5F2TraNcySUCYqT&sai=AMfl-YSHgT8kRbtZYkJGqeJIaW3KBISKbPAdQRNq6YVqQtOkiKXd5I3du-BUFQn-6oGRFKtN5R_EMKMuigRodd6bnFvpbwk_ExHvrWWxKf5ncHX-KZ8QCvihfkkvRJMTrg&sig=Cg0ArKJSzMjd2Yd_g1TSEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 08:16:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 12 Aug 2022 08:16:57 GMT
teads-format.min.js
a.teads.tv/media/format/v3/ 		600 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/80259/tag
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.169.52 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-169-52.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0e2bd4131449fd8506ec0dba7ac918f16c423951c2d1ee526578abf4903bf45f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 12 Aug 2022 08:16:57 GMT
content-encoding
br
last-modified
Wed, 03 Aug 2022 12:48:41 GMT
x-amz-request-id
ZPDKSFSPSDFDEKE7
etag
"c29a509cf823228a53dac4eb828effcd"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
5
accept-ranges
bytes
content-length
134138
x-amz-id-2
kDFp8Av4AQHsDSymLaucrl7kBpRyvCC6Jv2qdpgdQOAs+Qm6x9FXnqx5EVmpPf6NwYwZJAl4Gvo=
expires
Fri, 12 Aug 2022 08:46:57 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D3EF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstNaOklQC3Tef_RdT4c92ABCavpxTvIRzSxo3GzIInRfzV_YKSLRUiuU9NdCiJmoqeKkmJYqfPklhajd00IJy-bgTI1EWcALESuV-gs_3JSVFUJruCdCN4UxCRlPEobzFGFiGl4vPMu5e2oIHjI0UJcgAOLwgmafe2S1VT7tHWK3WmzoheljTZM_74daCmxjN0FZLfnryYmnICVTuHvgOSpQirUBZi73QkqWM8lu7jg4vaN6PV2FOknYGJNm9KlmJzA7-87IQ7-MH3f5yVuuFkquMb1v2I2CQJl7yULqt0StbIJqwbQMaPzjwWiy_6y3mpm5hMJureXmUqy&sai=AMfl-YS-5_IWrdylfD6Q1mj2UAqw58J87m_OXO6qXk2h82HPhsirqO78-YU5Dd2Umocnxl0HuEkJPpn36WX3uX_S_saJjKiaz4Dj-9T8NpQmX3eFtZtKR3kvISCNjEwifvM&sig=Cg0ArKJSzNIcPNmUNY9tEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 08:16:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 12 Aug 2022 08:16:57 GMT
sd
us-u.openx.net/w/1.0/ Frame 4912
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YvYMeQAF1xc1xgA0
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YvYMeQAF1xc1xgA0&_test=YvYMeQAF1xc1xgA0
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YvYMeQAF1xc1xgA0&_test=YvYMeQAF1xc1xgA0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
via
1.1 varnish
server
Varnish
x-timer
S1660292218.010285,VS0,VE0
x-served-by
cache-yul12833-YUL
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YvYMeQAF1xc1xgA0&_test=YvYMeQAF1xc1xgA0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
2bcf728c-17bf-ed5c-c044-960fe468d54a
pr-bh.ybp.yahoo.com/sync/openx/ Frame 4912 		43 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/2bcf728c-17bf-ed5c-c044-960fe468d54a?gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:b371:809f:9514:eb53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame 4912
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=bf0814c8-8713-7f15-f193-80fa1b3f1803&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=bf0814c8-8713-7f15-f193-80fa1b3f1803&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=b88f2951-bac5-41e7-bff4-9adb35ec6b09&ttd_puid=bf0814c8-8713-7f15-f193-80fa1b3f1803&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=b88f2951-bac5-41e7-bff4-9adb35ec6b09&ttd_puid=bf0814c8-8713-7f15-f193-80fa1b3f1803&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=b88f2951-bac5-41e7-bff4-9adb35ec6b09&ttd_puid=bf0814c8-8713-7f15-f193-80fa1b3f1803&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
pixel
cm.g.doubleclick.net/ Frame 4912 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTM2N2M3MDItNGU2NC0yMWIxLWU0NzMtZGE0M2QxZGRkNjYz
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4912
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELmN36-sraMgrMXgcOXCG_c&google_cver=1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELmN36-sraMgrMXgcOXCG_c&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELmN36-sraMgrMXgcOXCG_c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame EF0D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=glamour.globo.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
2b00ce902e9ef9e7031d76c62a72c1cb0054185e6691e9a72757a31cead715a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6145
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 08:16:57 GMT
server-processing-duration-in-ticks
4274
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame E785 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTXPDE06nPMCjsTc3XMZaRVXPQApqmuP5bLoc5nmcAaTVG3QoM57-oKY_I0Z1t4qEjtjdy4WUFgSc7Zjm0tu_yq5CoxuWQeGLui-KrtPzbRUZi3ikL_MHh0S5jojqCF8OAD_61dMcUP1d2iZUCKdT3DiMbwdeaA5RpMpJBdygacK2oazOpvSttUJTCPRyLHRXGgv6RbhujHqyKy_ayhn-658MQ5gRaUFSRj39ITsM-VHZrl8l18ee9GZdAzQgsV1U8nM4ej7BTmRUd4-1o9fyrQhKB6sv0J27Q4EgZVWTch6YTdF1LUY6ru5W3peqvl3DMuk0Gfy9T&sai=AMfl-YT4Tf3lHervKeyGYB8_PlUgzI_-ArYq-Az01fgoHRrQc0N3RBZW0Bo6hOlri0pqf_BJB5-G9iMYsWshsrwhgeXG01XcMyKBDovGJQoQ_mAxUPxyrqU8DNhi3FiixA&sig=Cg0ArKJSzDejeKMNd1AYEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 08:16:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 12 Aug 2022 08:16:57 GMT
truncated
/ Frame E785 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db7a74ec292e5a5cb2004c80b830527d3ff71a8c7d7db6dafe86449053fc444e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
754 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
3399
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
VNuE79zGkuG1WkYkook/LzjO6m8khshs44k88xUnWQ3oapFOdrvCIvii4035AZYl3g9EnhgUwco=
x-served-by
cache-yul12824-YUL
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1660292218.928255,VS0,VE0
date
Fri, 12 Aug 2022 08:16:57 GMT
x-amz-request-id
JFXX7NJ7M2FJYZ6M
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
40
x-cache-hits
206
track
t.teads.tv/ 		23 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=772f1107-3ad3-476b-b814-16866657eba6&pageId=80259&pid=86881&debug_metadata=Z5Do3l0ZCg&fv=1066&ts=1660292217976&f=1&referer=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.223.57.118 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-57-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=772f1107-3ad3-476b-b814-16866657eba6&pageId=80259&pid=86881&slot=native&fv=1066&ts=1660292217984&f=1&referer=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.223.57.118 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-57-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
ad
a.teads.tv/page/80259/ 		538 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/80259/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&pageReferrerUrl=https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space&windowReferrerUrl=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&page=%7B%22id%22%3A80259%2C%22placements%22%3A%5B%7B%22id%22%3A86881%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A1600%2C%22height%22%3A900%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3Anull%7D%7D&auctid=772f1107-3ad3-476b-b814-16866657eba6&formatVersion=1066&env=js-web&netBw=10&ttfb=246
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.169.52 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-169-52.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
359b5c6f41c52a33bf71287201a741e96a390146421c99572e46797d34d1b4bf

Request headers

Accept
application/json; charset=UTF-8
Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
382
expires
Fri, 12 Aug 2022 08:16:58 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CFBD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuip1mT92RiAmdeDLxw3guzHB9Zpm-m8DPyzAYfVtrDuLAfLUFdR8sKQYtZx-KPw_QKavScJPlW6YBSkuanWfYb2k-p2yfjf-HRUvZpBTbh8F5regv2lV52Xn0YOoaBWHJ51p6DA6uB4HKfaMvniKYkL8WuSwwRnNnh88WF777-xPqRsurf6Fkd3orhONnzuqhx602EYQT8D9Q07BOuACErgxmpQzWxQzsu1sApXBM23Af0rTrumAZd7pcOpmGn_36yaq3vcfo0fmu7A4ohw2KglFsQKqU_OirKEqViEMgc-ajjs0fnjOdZI7UI0Nb1D7qnZa0RmjqiNQ&sai=AMfl-YRcQ0YDnyrXeiJ-uJBDI_nIVhKRRU2AGmrzV_T-mEGZ5NMZlPJ3-GFUvZc_EumQ7XNHgnaENw_E2_8wkF7DhhOPwPIPLNIA6tCYee_35PZiwfY_ALccAOxRgGuR8TM&sig=Cg0ArKJSzPJRrXbSq7-PEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.protocolo7em7.com.br.hackeandoansiedade.space
URL: https://www.protocolo7em7.com.br.hackeandoansiedade.space/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 08:16:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame CFBD 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
sffe /
Resource Hash
703365d6b927fac7d6cd9b549802f77c5ab8dceeac4c835967b8dc30b359c26e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28681
x-xss-protection
0
server
sffe
etag
"1301 / 174 of 1000 / last-modified: 1660255589"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 12 Aug 2022 08:16:58 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157163/4985/ Frame CFBD 		433 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f6b1dff67df73f0f41f55601b7b331893331bd4c3033c17d419aa027c6347213

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
content-encoding
gzip
last-modified
Fri, 10 Jun 2022 01:03:13 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=99603
accept-ranges
bytes
content-type
application/javascript
content-length
134682
expires
Sat, 13 Aug 2022 11:57:01 GMT
owHCMR.js
s3.amazonaws.com/script-tags/ Frame CFBD 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/script-tags/owHCMR.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.26.78 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7c6bd4c3afadedeb84cf0b47867e871b8e2383f395b4e4c1cfaee16dfce2615b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:16:59 GMT
Last-Modified
Tue, 09 Aug 2022 19:31:17 GMT
Server
AmazonS3
x-amz-request-id
DRT5A8RE3Q62AQD1
ETag
"15b3dd0aa9bb42805b5ff0a4da1cfb78"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
13608
x-amz-id-2
XAfC3LeX5wafIXr/qdc7Oc8Io6s0UzZlh12qWABmSgt7gmdMSKedP73o/4j6EQztUbCQrHVdsjs=
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CFBD 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 08:16:58 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame DEF7 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/80259/tag
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
sffe /
Resource Hash
0a09d98dc196d31503f01d33905a0be5d70f21000af983ac104e2715d417fc6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28679
x-xss-protection
0
server
sffe
etag
"1301 / 907 of 1000 / last-modified: 1660255544"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 12 Aug 2022 08:16:58 GMT
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=passback-noAd&env=js-web&auctid=772f1107-3ad3-476b-b814-16866657eba6&pageId=80259&pid=86881&slot=native&vid=662316d2-50b9-4c8f-8e17-02d073b6cacc&fv=1066&ts=1660292218039&f=1&referer=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.223.57.118 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-57-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
st_3.4c60d9d8c57f1ff6b19f.js
t.seedtag.com/c/ 		70 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/c/st_3.4c60d9d8c57f1ff6b19f.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/t/5773-7780-01.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.133.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66396b100745df96cbec5bb2ad4faf6965bc54ee6a8c044e7a19359967f20147

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
via
1.1 google
cf-cache-status
HIT
age
1274
x-guploader-uploadid
ADPycdus_DZU_YBCTJRehzLOuZ2PSeGEwF1Hm7P6HunzgYJ9G7sz_caJDTLa4yQYQF560ywg2ECG6A3fFnFt_UTa_yGW6w
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 12 Aug 2022 07:55:26 GMT
server
cloudflare
etag
W/"867100fe33924231b3552343ddc7f2d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=hmCPNQ==, md5=hnEA/jOSQjGzVSND3cfy1A==
x-goog-generation
1660290926569104
content-type
application/javascript
cache-control
public, max-age=5356800
x-goog-stored-content-length
20792
cf-ray
7397c59afcffa240-YYZ
expires
Thu, 13 Oct 2022 08:16:58 GMT
st_2.245ca9ae237c3d8742dd.js
t.seedtag.com/c/ 		386 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/c/st_2.245ca9ae237c3d8742dd.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/t/5773-7780-01.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.133.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
790c066217c30629d2d24da24c3a45aa5be8937e68c9b30cabec33fcb6af022c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
via
1.1 google
cf-cache-status
HIT
age
1274
x-guploader-uploadid
ADPycdsF_ppJeujMT2wU7dT1b2Qwr-WBGJI677erQ8kU2Rwg-qC1pUwhlDBlzB-uK5yB9sMizJ0ryt8TpJkL1aM1J3Ad
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 12 Aug 2022 07:55:26 GMT
server
cloudflare
etag
W/"8377d2b8400635f41c6be8597a40deb3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=LU9HWQ==, md5=g3fSuEAGNfQca+hZekDesw==
x-goog-generation
1660290926582513
content-type
application/javascript
cache-control
public, max-age=5356800
x-goog-stored-content-length
106656
cf-ray
7397c59afd00a240-YYZ
expires
Thu, 13 Oct 2022 08:16:58 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame AC7B 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Fri, 12 Aug 2022 08:16:58 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1660292218.cds197.dc2.hn,1660292218.cds207.dc2.c
ad
v.lkqd.net/ Frame D28C 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1142899&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fglamour.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C61323%2C1%2C&c5=&c6=61323&rnd=7770844&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
5ec7977ec6450e7908c35d0962e200834597e8721448444d370e488c84535f1f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1395
sid
mug.criteo.com/ Frame EF0D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=globo.com&sn=ChromeSyncframe&so=0&topUrl=glamour.globo.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=-A9uCnw2dUxiN2I5UzB6RUFOTG1WcGNtR0ErQUZBeW81SzRLMllpN3VxZEFBMjIva1BkY3dmNXhPK1FzYXBtRzBxbDFFa0FVQ3pqWjQ4NHUrTzZoSkxjWmdKcUlZUlVOWG9JUnVtWGtqQnJldmNndi90M21Ybkg4V3QzOH...
436 B
636 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=-A9uCnw2dUxiN2I5UzB6RUFOTG1WcGNtR0ErQUZBeW81SzRLMllpN3VxZEFBMjIva1BkY3dmNXhPK1FzYXBtRzBxbDFFa0FVQ3pqWjQ4NHUrTzZoSkxjWmdKcUlZUlVOWG9JUnVtWGtqQnJldmNndi90M21Ybkg4V3QzOHhIaW9yKzZKRmlBK21XMUhwdngwVExEbktaTkFCWDZhcStocmZXVUtBMis0Y1ZxMkMvbkhrU2s0YjkyL3FDdEZoYjVxTyt5OUZFalF2bS9URmhsN1JwTTZQNVZHM3BaWVpuMWEyeE03QzRoQ2JlYnFKY3JWSkZWYkpBUnprUWpaNWplUUNGdFg2YUFwQ1ZHV2tTUzBDN3Q3Y0dqV2c1Zz09fA&cppv=2
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
7c711a263341325d43eca4d7987e71223ed71aeb5173b4486c3280d0867248b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:57 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4884
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:57 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=-A9uCnw2dUxiN2I5UzB6RUFOTG1WcGNtR0ErQUZBeW81SzRLMllpN3VxZEFBMjIva1BkY3dmNXhPK1FzYXBtRzBxbDFFa0FVQ3pqWjQ4NHUrTzZoSkxjWmdKcUlZUlVOWG9JUnVtWGtqQnJldmNndi90M21Ybkg4V3QzOHhIaW9yKzZKRmlBK21XMUhwdngwVExEbktaTkFCWDZhcStocmZXVUtBMis0Y1ZxMkMvbkhrU2s0YjkyL3FDdEZoYjVxTyt5OUZFalF2bS9URmhsN1JwTTZQNVZHM3BaWVpuMWEyeE03QzRoQ2JlYnFKY3JWSkZWYkpBUnprUWpaNWplUUNGdFg2YUFwQ1ZHV2tTUzBDN3Q3Y0dqV2c1Zz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1710
content-length
541
expires
0
usync.html
ad.lkqd.net/cookie-sync/ Frame BD98 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Fri, 12 Aug 2022 08:16:58 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1660292218.cds197.dc2.hn,1660292218.cds207.dc2.c
ad
v.lkqd.net/ Frame 8135 		180 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1142900&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fglamour.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C61323%2C1%2C&c5=&c6=61323&rnd=3336959&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
150
pubads_impl_2022080801.js
securepubads.g.doubleclick.net/gpt/ Frame CFBD 		385 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
sffe /
Resource Hash
227fff75c4236d888dd7f5b7bdb52a1f7128ce90ca02e6e2b4c33a501ea4c89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 10:50:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
249979
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134395
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 08:39:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 09 Aug 2023 10:50:39 GMT
pubads_impl_2022080801.js
securepubads.g.doubleclick.net/gpt/ Frame DEF7 		385 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
sffe /
Resource Hash
227fff75c4236d888dd7f5b7bdb52a1f7128ce90ca02e6e2b4c33a501ea4c89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 21:04:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40350
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134395
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 08:39:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 11 Aug 2023 21:04:28 GMT
cs
cs.lkqd.net/ Frame AC7B
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=88eb908e-5dfe-4ec7-833a-5227d044befc
43 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=88eb908e-5dfe-4ec7-833a-5227d044befc
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.198 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

date
Fri, 12 Aug 2022 08:16:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=88eb908e-5dfe-4ec7-833a-5227d044befc
cf-ray
7397c59bfd444bb8-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
lkqd
event.clientgear.com/gogocookie/ Frame AC7B
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
  • https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=UGTTQcVQlqk
  • https://event.clientgear.com/gogocookie/lkqd?partner=lkqd&cookieid=UGTTQcVQlqk
0
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.clientgear.com/gogocookie/lkqd?partner=lkqd&cookieid=UGTTQcVQlqk
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
47.252.78.131 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

location
https://event.clientgear.com/gogocookie/lkqd?partner=lkqd&cookieid=UGTTQcVQlqk
date
Fri, 12 Aug 2022 08:16:58 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
cs
cs.lkqd.net/ Frame AC7B
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252...
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=bOll4Qjr4tk&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=5adfff11-2848-4efa-8e23-450b71d53f6e
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=5adfff11-2848-4efa-8e23-450b71d53f6e
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.198 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:58 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=5adfff11-2848-4efa-8e23-450b71d53f6e
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
cs
cs.lkqd.net/ Frame AC7B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3771674138080112227
43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3771674138080112227
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.198 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3771674138080112227
pragma
no-cache
date
Fri, 12 Aug 2022 08:16:57 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame AC7B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=edfhvYOPR3p3rcJGW7LBwJU4mbM
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=edfhvYOPR3p3rcJGW7LBwJU4mbM
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.198 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=edfhvYOPR3p3rcJGW7LBwJU4mbM
Date
Fri, 12 Aug 2022 08:16:58 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
cs
cs.lkqd.net/ Frame BD98
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=779dc6d7-1e55-47c6-b42b-4e6acd827fa5
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=779dc6d7-1e55-47c6-b42b-4e6acd827fa5
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.198 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

date
Fri, 12 Aug 2022 08:16:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=779dc6d7-1e55-47c6-b42b-4e6acd827fa5
cf-ray
7397c59bfd474bb8-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
lkqd
event.clientgear.com/gogocookie/ Frame BD98
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
  • https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=cK_eA7gHoeQ
  • https://event.clientgear.com/gogocookie/lkqd?partner=lkqd&cookieid=cK_eA7gHoeQ
0
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.clientgear.com/gogocookie/lkqd?partner=lkqd&cookieid=cK_eA7gHoeQ
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
47.252.78.131 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

location
https://event.clientgear.com/gogocookie/lkqd?partner=lkqd&cookieid=cK_eA7gHoeQ
date
Fri, 12 Aug 2022 08:16:58 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
cs
cs.lkqd.net/ Frame BD98
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252...
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=aer5FF8RdmQ&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=5042e837-c4e3-489a-a4a5-589d957654b0
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=5042e837-c4e3-489a-a4a5-589d957654b0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.198 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:58 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=5042e837-c4e3-489a-a4a5-589d957654b0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
cs
cs.lkqd.net/ Frame BD98
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4276077296345607779
43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4276077296345607779
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.198 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4276077296345607779
pragma
no-cache
date
Fri, 12 Aug 2022 08:16:57 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame BD98
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=s2-c1UJiToJucJinG1V3nJU4mbM
43 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=s2-c1UJiToJucJinG1V3nJU4mbM
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.198 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=s2-c1UJiToJucJinG1V3nJU4mbM
Date
Fri, 12 Aug 2022 08:16:58 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
t
t.lkqd.net/ Frame 975B 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:16:58 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 12 Aug 2022 08:16:58 GMT
server
nginx
pv
s.seedtag.com/c/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/pv?token=5773-7780-01&device=desktop&fullUrl=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&cache=1660292218224&v=-&ft=true
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.245ca9ae237c3d8742dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e15a3a9c0b00d87a3cc1c7d3fef4ff96506cf96c8a2219600e22ce53d46dbd72

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
content-encoding
gzip
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
etag
W/"bb4-K2ehdlp4x9TgZeuE5NojdlHDW68"
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 12 Aug 2022 08:16:58 GMT
server
nginx
t
t.lkqd.net/ Frame 964F 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:16:58 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid.js
ad.lkqd.net/vpaid/ Frame DFF2 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1660292218.cds197.dc2.hn,1660292218.cds069.dc2.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
integrator.js
adservice.google.com/adsid/ Frame DEF7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=glamour.globo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 08:16:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame DEF7 		35 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3007064759748925&correlator=3487155142472236&eid=31068854&output=ldjh&gdfp_req=1&vrg=2022080801&ptt=17&impl=fif&iu_parts=85042905%2Cglamour%2Cpassback&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x240%7C320x180%7C640x360%7C640x480&ifi=1&adks=1539729608&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3Da17c416f40ba3ab0%3AT%3D1660292217%3AS%3DALNI_MZef1q0nhAz143tY1Ia_bnZVcneMQ&cdm=glamour.globo.com&gpic=UID%3D000006f10df361b6%3AT%3D1660292217%3ART%3D1660292217%3AS%3DALNI_MZkUYPurO4IAqAs4f6Qck3UyLpE8Q&arp=1&abxe=1&dt=1660292218271&lmt=1660292218&dlt=1660292218046&idt=202&adxs=800&adys=2162&biw=1600&bih=1200&isw=1&ish=1&scr_x=0&scr_y=0&btvi=1&ucis=xm151z1t49ww&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&top=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&frm=23&vis=1&psz=1x1&msz=1x0&fws=256&ohw=0&ea=0&ga_vid=437779693.1660292217&ga_sid=1660292218&ga_hid=1079654309&ga_fc=true&a3p=EhUKCnVpZGFwaS5jb20YvvaCiakwSAASGwoMaWQ1LXN5bmMuY29tGMf4gompMEgAUgIIahJaCg1jcndkY250cmwubmV0EkAwN2VmNDUxYTUzMGY1Y2E2ZjllYTNjMDgzNjczMTZkNTM5Mzg0MzYyNTdmYTVhOWJiN2IxNGRjZWJmZDk1YWQ4GIz3gompMEgAEjsKCnB1YmNpZC5vcmcSJGNkZjc0ZTliLWQ0ZmYtNGZiNC1hNjNmLTQxMzRiMzFjNDUzYxj994KJqTBIABI-CgVvcGVueBIsZXlKcElqb2lZa3RSY210VE5sVlJUMHR5VWxWblUyWjRaM0l2WnowOUluMD0YnPeCiakwSAA.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
3ba16955457ec9512e5ff60153175768ea61059c289a3df6de2d67c88af3b67a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15599
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame DEF7 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022080801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5fe53ef8b0d105252fd1147bb2e04052de44404a88f85296009ac4cdb1c6c43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 08:16:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
container.html
684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7616 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 08:16:58 GMT
expires
Sat, 12 Aug 2023 08:16:58 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.html
ad.lkqd.net/cookie-sync/ Frame C3B8 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Fri, 12 Aug 2022 08:16:58 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1660292218.cds197.dc2.hn,1660292218.cds207.dc2.c
ad
v.lkqd.net/ Frame DFF2 		61 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1142899&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fglamour.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C61323%2C1%2C&c5=&c6=61323&rnd=7770844&m=&rtv=1&thost=glamour.globo.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
fa4e68a3997c8e77b7465d4cc32e572d5c65ab2077330388d7475434c1ab4748

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
5524
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1142899&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fglamour.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C61323%2C1%2C&c5=&c6=61323&rnd=7770844&m=&rtv=1&thost=glamour.globo.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Fri, 12 Aug 2022 08:16:58 GMT
server
nginx
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
quant.js
secure.quantserve.com/ Frame 0BF2 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.245ca9ae237c3d8742dd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN27281 (QUANTCAST, US),
Reverse DNS
Software
/
Resource Hash
de96459afc7ce2a214a50ab53803028a92dcbdde40621408e4638d484e7c344f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
content-encoding
gzip
etag
"jbwe3Q3ekqaoxOFJsLLUPw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 19 Aug 2022 08:16:58 GMT
t3m.js
tags.t.tailtarget.com/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.t.tailtarget.com/t3m.js?i=TT-12765-5/CT-1068
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.245ca9ae237c3d8742dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
nginx/1.8.1 /
Resource Hash
40e4951dffea740356de1c800b47ff35a1fac0756b592a4ff5ea9a316b0119b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 06:26:47 GMT
content-encoding
gzip
age
6611
x-guploader-uploadid
ADPycdtNyrrbjmqmf1A5w_T0_uq7Bq3cH9ajHsv1tOLkfDr7bj-0PQOJCUdHf3ygRh-LYGKOLQgZwzau4jdV8lzj_tOrA6MYwIml
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7679
last-modified
Thu, 17 Mar 2022 15:35:15 GMT
server
nginx/1.8.1
etag
"ad2f9abb7bbec08e62cf17d0cc7d9125"
vary
Accept-Encoding
x-goog-hash
md5=rS+au3u+wI5izxfQzH2RJQ==
x-goog-generation
1647531315191220
via
1.1 google
cache-control
max-age=7200,public
x-goog-stored-content-length
7679
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 12 Aug 2022 08:26:47 GMT
cs.html
cs.seedtag.com/ Frame AA25 		50 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.245ca9ae237c3d8742dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.133.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a85b4f00a6ee86411335c25efe78776bdf430abffad78030f7d57a2badef9884

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
405
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=86400
cf-cache-status
HIT
cf-ray
7397c59d1a10a1de-YYZ
content-encoding
br
content-type
text/html
date
Fri, 12 Aug 2022 08:16:58 GMT
etag
W/"897f7a65224affa0d21e97e0f08f8e7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Sat, 13 Aug 2022 08:16:58 GMT
last-modified
Tue, 09 Aug 2022 09:09:49 GMT
server
cloudflare
vary
Accept-Encoding
x-goog-generation
1660036189350917
x-goog-hash
crc32c=TGIKUQ== md5=iX96ZSJK/6DSHpfg8I+Oew==
x-goog-metageneration
2
x-goog-storage-class
REGIONAL
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
15158
x-guploader-uploadid
ADPycdtbjIozFAVA7wuJg2N86cRLdDN-gt7erqzhr6Qv87oRKjVujmR3BegkMeELfVhVetknUTQ7rlyW3cambhwIZwFfYw
p
sb.scorecardresearch.com/ 		43 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=8&c2=26817122&c3=$accountId&c7=$currentUrl&c9=$referrerUrl&cv=2.0&cj=1
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-16.phl50.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
content-length
43
x-amz-cf-id
2-y0rhzaJ3aPSZNtm02OkiNUhbrLcmXcpDAlLXzrQditJ1k6mXpSlQ==
x-cache
Miss from cloudfront
content-type
image/gif
apstag.js
c.amazon-adsystem.com/aax2/ Frame CFBD 		159 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/owHCMR.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-195.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
15db152f386fbb66b5610a32b7b5d8662aeab674ce38a2c446cd73d2a250a92f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 12 Aug 2022 08:13:48 GMT
content-encoding
gzip
last-modified
Thu, 11 Aug 2022 19:28:18 GMT
server
AmazonS3
age
191
etag
W/"364e5d6f95bbab2e2e1b3226cf815641"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d4b41c13595dcfd327649d8cdea72ce8.cloudfront.net (CloudFront), 1.1 558a7274c3bf9c351a26dc5ddb8c820a.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
IAD89-C3, PHL50-C1
x-amz-cf-id
sMX8DxZVdBYXY1y2hF_pJwH9sOTnSLfKjmU2et66r4333G69BBFSyQ==
truncated
/ Frame CFBD 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
143690a635c4dfa2f642e553830b45698d9de9b585e88f399ce8e916ab3b50ed

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
optout_check
beacon.krxd.net/ 		78 B
236 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.globo.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.227.59.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-59-83.compute-1.amazonaws.com
Software
/
Resource Hash
d89f643272d672cce15b62d408ccfae2cbea9a9eb40a5bdb78077dfa1c890d08

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=31 t=1660292218
x-served-by
beacon-n002-ash-prod.krxd.net
content-type
text/javascript
get
cdn.krxd.net/userdata/ 		361 B
529 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/userdata/get?pub=5007d44e-09d1-49b7-8c99-6b1cc38c3cbc&technographics=1&callback=Krux.ns.globo.kxjsonp_userdata
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f8e91447ec736691233003e3eaa72413b1599d485a654f4f2aee3d056bc07a3c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date
Fri, 12 Aug 2022 08:16:58 GMT
content-encoding
gzip
age
0
x-served-by
userdata-a005-ash-prod.krxd.net, cache-yul12824-YUL
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript
via
1.1 varnish
cache-control
private, max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1660292219.523956,VS0,VE19
content-length
280
x-cache-hits
0, 0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fglamour.globo.com%2F&domain=glamour.globo.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 12 Aug 2022 08:16:58 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1264
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame CFBD
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fglamour.globo.com%2F&domain=glamour.globo.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=YZmJyXxETUNWWlNZT3FOS0NDVEh4cnVvbFhjdk84aDNQSXJiWDZSNHorZ0FjQXF0dlE0dUIrTWlpNU5CQnYrcTdaYVRIN2gyekZJZFdjaUl3VDFIdm1Fdjh1SW8vSmVXMVhlM2hNbU5wS2ozcGVESjNVb1NYUkRGdm5ibU...
428 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=YZmJyXxETUNWWlNZT3FOS0NDVEh4cnVvbFhjdk84aDNQSXJiWDZSNHorZ0FjQXF0dlE0dUIrTWlpNU5CQnYrcTdaYVRIN2gyekZJZFdjaUl3VDFIdm1Fdjh1SW8vSmVXMVhlM2hNbU5wS2ozcGVESjNVb1NYUkRGdm5ibUZpNjFpZVBpRktBTDdIcnpHRXhuZnlScStkeW1kdUZjV1daLzV3RHVEeU1NREVTUTUyblh0eXM1cXVmZGhVUW55U1BKLzF1Nzh5L3daSEFIMFVvb0tJckg0ekdkdXVycmxQTU5WZlBsOGtFOUdxZGtkcitLd2ZPbHhGZlNZRWNueVlZS1J5WWJldFJobzllR3RJYXV1NjlabG1hd1A0UT09fA&cppv=2
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
f9a770c6975c04698f18ff91381e83ac9b4a885e1068465216ccd36af33c2e7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3531
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:57 GMT
location
https://mug.criteo.com/sid?cpp=YZmJyXxETUNWWlNZT3FOS0NDVEh4cnVvbFhjdk84aDNQSXJiWDZSNHorZ0FjQXF0dlE0dUIrTWlpNU5CQnYrcTdaYVRIN2gyekZJZFdjaUl3VDFIdm1Fdjh1SW8vSmVXMVhlM2hNbU5wS2ozcGVESjNVb1NYUkRGdm5ibUZpNjFpZVBpRktBTDdIcnpHRXhuZnlScStkeW1kdUZjV1daLzV3RHVEeU1NREVTUTUyblh0eXM1cXVmZGhVUW55U1BKLzF1Nzh5L3daSEFIMFVvb0tJckg0ekdkdXVycmxQTU5WZlBsOGtFOUdxZGtkcitLd2ZPbHhGZlNZRWNueVlZS1J5WWJldFJobzllR3RJYXV1NjlabG1hd1A0UT09fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1475
content-length
541
expires
0
arj
hcodemedia-d.openx.net/w/1.0/ Frame CFBD 		173 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hcodemedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a45f0c73-77b1-43a2-82ac-de176b2c5cce&nocache=1660292218543&lotameid=07ef451a530f5ca6f9ea3c08367316d53938436257fa5a9bb7b14dcebfd95ad8&pubcid=176c1745-4f32-4b97-aa69-f3cff6a6997a&schain=1.0%2C1!hcodemedia.com%2C288%2C1%2C%2C%2C&aus=300x250&divids=%252F138871148%252Frevistaglamour.globo.com.dw.300x250&aucs=%252F138871148%252C85042905%252Frevistaglamour.globo.com.dw.300x250&auid=544116577
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
0e1245031e7c42d911fbade5b05d5113fd414b885bca99eb7cb42c04dfd6f9d1

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://glamour.globo.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame CFBD 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
bee583898e62998d194acd316f991c317628af2f6539861b0da82b2d0bb7a197
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:58 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
c1235fba-19e5-4ff9-b687-1e0a7bbf8b5c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame CFBD 		24 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
0ecb9d8096deb636329e7f185ee5b7625f2f060d12d8275944e3c20d1c947264

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 12 Aug 2022 08:16:58 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://glamour.globo.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
translator
hbopenbid.pubmatic.com/ Frame CFBD 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:16:58 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ Frame CFBD 		338 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2410EL
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ffd0f87c6f59d74f62d9f169bf5318ab9157ebbb5ce24baff2cea7c97404473d

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
pub
pixel.adsafeprotected.com/services/ Frame CFBD 		279 B
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931348&slot=%7Bid:/138871148/revistaglamour.globo.com.dw.300x250,ss:%5B300.250%5D,p:/138871148/revistaglamour.globo.com.dw.300x250%7D&wr=300.250&sr=1600.1200&url=https%253A%252F%252Fglamour.globo.com%252Flifestyle%252Fnoticia%252F2019%252F12%252Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.183.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-183-251.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d88fc3383063831866a05069cd689f4cf9469a87cfd3ce88f53f656d25679007

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
x-server-name
app01.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame CFBD 		482 B
940 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13894&site_id=160068&zone_id=1519174&size_id=15&rp_schain=1.0,1!hcodemedia.com,288,1,,,&eid_crwdcntrl.net=07ef451a530f5ca6f9ea3c08367316d53938436257fa5a9bb7b14dcebfd95ad8%5E1&eid_pubcid.org=176c1745-4f32-4b97-aa69-f3cff6a6997a%5E1&rf=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&tg_i.adunit=revistaglamour.globo.com.dw.300x250&tg_i.dfp_ad_unit_code=138871148%2C85042905%2Frevistaglamour.globo.com.dw.300x250&tg_i.pbadslot=138871148%2C85042905%2Frevistaglamour.globo.com.dw.300x250&tk_flint=pbjs_lite_v4.43.0&x_source.tid=a45f0c73-77b1-43a2-82ac-de176b2c5cce&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9777679508842565
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8fded9bcc3fad8fe5094b81cba2f16b9d07cce0c72d54e738752d01964d31659

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:58 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
482
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ Frame CFBD 		37 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=829120&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221510dc03c37d7d7%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22lotamePanoramaId%22%2C%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22hcodemedia.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%22288%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2216764b802b75a4b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22829120%22%2C%22dfp_ad_unit_code%22%3A%22%2F138871148%2C85042905%2Frevistaglamour.globo.com.dw.300x250%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34f69bd9deff978fa14f2c9c0253148677309e0a630f8e938967886b734dbbea

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=boQ4bzF%2B4K66cmpAQLQ4lASpISDsuTfNslMDCK5IklsEIKPohe%2F52tLFcU%2Flj5rErljIZ0xBaoCh4YT5oNMgIIy%2BUMM78pJ1B%2BHfiHLiTwHelMJm7AezoUKnOn7Lv3HXOYD0qF2c"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7397c59e8cf053ef-YYZ
expires
0
bid
s.seedtag.com/c/tag/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/tag/bid
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.245ca9ae237c3d8742dd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
591c368f6ef1dbdfe2338750d8fa7c089b68ec93d8f6d728fa921ed602895f8d

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
content-encoding
gzip
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
etag
W/"c00-lm0sYRjmGalI799RgtJsvTPWg7E"
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
bid
s.seedtag.com/c/tag/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/tag/bid
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.245ca9ae237c3d8742dd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
d81ec8320c09f89946ae433666e68ae8fcad0f4201e7811111ffca2b1a29e875

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
content-encoding
gzip
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
etag
W/"c06-+ANI30emTq3S1BeQPHc5gTcIqJs"
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
cs
cs.lkqd.net/ Frame C3B8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4276077296345607779
43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4276077296345607779
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.198 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4276077296345607779
pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame C3B8
Redirect Chain
  • https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID
  • https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_612ffa93-2cdc-4884-875c-60673a5fb803
43 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_612ffa93-2cdc-4884-875c-60673a5fb803
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.198 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_612ffa93-2cdc-4884-875c-60673a5fb803
date
Fri, 12 Aug 2022 08:16:58 GMT
via
1.1 google
server
WildFly/10
x-powered-by
Undertow/1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cm
p.rfihub.com/ Frame C3B8 		42 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?pub=35678&in=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
199.38.167.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:16:58 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cs
cs.lkqd.net/ Frame C3B8
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=85&redirect=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db30%26u%3D%24%24rawlkqduserid%24%24%26redirect%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%2...
  • https://a.tribalfusion.com/i.match?p=b30&u=cK_eA7gHoeQ&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$
  • https://s.tribalfusion.com/z/i.match?p=b30&u=cK_eA7gHoeQ&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$
  • https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662274873668342
0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662274873668342
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.198 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
1125
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
7397c5a00eca7145-YUL
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662274873668342
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
cs.lkqd.net/ Frame C3B8
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/lkq
  • https://match.prod.bidr.io/cookie-sync/lkq?_bee_ppp=1
  • https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AADwMk7F7BkAABENckpF8w
43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AADwMk7F7BkAABENckpF8w
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.198 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AADwMk7F7BkAABENckpF8w
Date
Fri, 12 Aug 2022 08:16:58 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
t
t.lkqd.net/ Frame E327 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:16:58 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 12 Aug 2022 08:16:58 GMT
server
nginx
esp.js
oa.openxcdn.net/ Frame DEF7 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 06 Aug 2022 03:47:01 GMT
content-encoding
gzip
age
534597
x-guploader-uploadid
ADPycduPwty4srVjCLv-APObPZSbMhsLirnZm4hq5qKXVJFyucPOw77bfUSdQpKezf4YyKzI32mMeIfAMaN6hqBeQJplog
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-generation
1622140251693895
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 06 Aug 2023 03:47:01 GMT
publishertag.ids.js
static.criteo.net/js/ld/ Frame DEF7 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
c9bfbc2b802937d34983a32a97f9703769f7dc7a9ffebbe99e186aeb5141add1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
content-encoding
gzip
last-modified
Tue, 02 Aug 2022 12:51:24 GMT
server
nginx
etag
W/"62e91dcc-9dbd"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 13 Aug 2022 08:16:58 GMT
container.html
684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E6A6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 08:16:58 GMT
expires
Sat, 12 Aug 2023 08:16:58 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rules-p-PFW5FesqXn206.js
rules.quantcount.com/ Frame 0BF2 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-PFW5FesqXn206.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:aa00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f5215e4227ed76a2060cb35ce90e6da2d5ae98c4502d09a79408f2e4d2dd2f3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:03:30 GMT
content-encoding
gzip
age
818
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Mon, 11 Jul 2022 10:44:34 GMT
server
AmazonS3
etag
W/"743328763e3cba2249436647403efc2e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 8db0da5790a86a83533944290a7dab9a.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
ma1lXu3M1JuvnGUluCi7GSsz3NX9U3t329_yg4multdjoFTCoZrtRQ==
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DEF7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 08:16:58 GMT
5007d44e-09d1-49b7-8c99-6b1cc38c3cbc
consumer.krxd.net/consent/get/ 		220 B
308 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_1
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
29a9a4202b2b15490bab16fe4aa01f14635258790531ebbebf82e4feceab7119

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a021-ash-prod.krxd.net, cache-yul12834-YUL
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1660292219.698339,VS0,VE18
content-length
185
x-cache-hits
0, 0
usync.html
eus.rubiconproject.com/ Frame 3D51
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=seedtag&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Aug 2022 08:16:58 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 12 Aug 2022 08:16:58 GMT
location
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
server
AkamaiGHost
CookieSync.html
csync.smartadserver.com/rtb/csync/ Frame 5DA2 		435 B
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8239 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
435
Content-Type
text/html
Date
Fri, 12 Aug 2022 08:16:58 GMT
ETag
"4b81e967df07d41c24270ccf669f7336:1645524912.090457"
Last-Modified
Tue, 22 Feb 2022 09:59:55 GMT
Server
AkamaiNetStorage
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DA29 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=63027
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 12 Aug 2022 08:16:58 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 13 Aug 2022 01:47:25 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 095B
Redirect Chain
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1660292218712&pubconsent=&euconsent=&hasConsent=1
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1660292218712&pubconsent=&euconsent=&hasConsent=1&rd=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1660292218712&pubconsent=&euconsent=&hasConsent=1&rd=1
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
c8d34c8e4efe64cf63fb4ea7497f3386f008deae354cb947635d0544eb551661

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 12 Aug 2022 08:16:59 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.2
vary
Accept-Encoding

Redirect headers

content-type
text/html; charset=UTF-8
date
Fri, 12 Aug 2022 08:16:59 GMT
location
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1660292218712&pubconsent=&euconsent=&hasConsent=1&rd=1
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.2
/
hde.tynt.com/deb/ Frame 133C
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
81735970edbd0997f9d89b77986eb05f0752c72ec40c83c45eabcf5e771672d3

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1532
content-type
text/html
date
Fri, 12 Aug 2022 08:16:58 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Fri, 12 Aug 2022 08:16:58 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
isync
visitor.omnitagjs.com/visitor/ Frame 350F 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
ded0021d3eab742285efc1fbed7eb1685833e8cd2994977d50845871cfd5f6bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1267
content-type
text/html; charset=UTF-8
date
Fri, 12 Aug 2022 08:16:58 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-usa02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
/
onetag-sys.com/usync/ Frame B6B0 		2 KB
815 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75601b04186d260
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.187 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip187.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
s
s.seedtag.com/cs/st/ Frame AA25 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/st/s
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
appnexus
s.seedtag.com/cs/cookiesync/ Frame AA25
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fappnexus%3Fchanneluid%3D%24UID
  • https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=4838819436260598658
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=4838819436260598658
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H3
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:58 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
486d9342-0ffa-4291-a9a2-f93beab77f3d
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=4838819436260598658
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
smart
s.seedtag.com/cs/cookiesync/ Frame AA25
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=3050&url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsmart%3Fchanneluid%3D%5Bsas_uid%5D
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=3050&url=https://s.seedtag.com/cs/cookiesync/smart?channeluid=[sas_uid]&cklb=1
  • https://s.seedtag.com/cs/cookiesync/smart?channeluid=8768218848017526935
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/smart?channeluid=8768218848017526935
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H3
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/smart?channeluid=8768218848017526935
pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
outbrain
s.seedtag.com/cs/cookiesync/ Frame AA25
Redirect Chain
  • https://b1sync.zemanta.com/usersync/seedtag?puid=&gdpr=0&gdpr_consent=&us_privacy=$USPCONSENT&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__
  • https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=&gdpr=0&us_privacy=$USPCONSENT
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=&gdpr=0&us_privacy=$USPCONSENT
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H3
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Location
https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=&gdpr=0&us_privacy=$USPCONSENT
Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
117
Content-Type
text/html; charset=utf-8
ttd
s.seedtag.com/cs/cookiesync/ Frame AA25
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=5jrh0rv&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://s.seedtag.com/cs/cookiesync/ttd?channeluid=b88f2951-bac5-41e7-bff4-9adb35ec6b09
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/ttd?channeluid=b88f2951-bac5-41e7-bff4-9adb35ec6b09
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H3
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.seedtag.com/cs/cookiesync/ttd?channeluid=b88f2951-bac5-41e7-bff4-9adb35ec6b09
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
Bidswitch
s.seedtag.com/cs/cookiesync/ Frame AA25
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=seedtag&user_id=&gdpr=0&gdpr_consent=&us_privacy=$USPCONSENT
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=seedtag
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=seedtag
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=bc77cc45-fdc5-4c9d-aaa4-0c86ddd72db0&ssp=seedtag
  • https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H3
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Location
//s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
Date
Fri, 12 Aug 2022 08:16:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
spotx
s.seedtag.com/cs/cookiesync/ Frame AA25
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8651&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fspotx%3Fchanneluid%3D%24SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=8651&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fspotx%3Fchanneluid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=22d01a44-1a17-11ed-acf0-...
  • https://s.seedtag.com/cs/cookiesync/spotx?channeluid=22d04db5-1a17-11ed-9272-185744bf0403
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/spotx?channeluid=22d04db5-1a17-11ed-9272-185744bf0403
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H3
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Date
Fri, 12 Aug 2022 08:16:58 GMT
Server
nginx
Location
https://s.seedtag.com/cs/cookiesync/spotx?channeluid=22d04db5-1a17-11ed-9272-185744bf0403
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
264
Connection
keep-alive
Content-Length
0
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame AA25
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Frichaudience%3Fchanneluid%3D%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcs.seedtag.com%2F
  • https://spl.zeotap.com/?zdid=689&env=mWeb&eventType=pageview
  • https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=693065af-7793-4fce-4717-ba495f2f35d6&env=mWeb&eventType=pageview&id_mid_4=693065af-7793-4fce-4717-ba495f2f35d6&reqId=d5a7f02c-2cc7-4c7...
95 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=693065af-7793-4fce-4717-ba495f2f35d6&env=mWeb&eventType=pageview&id_mid_4=693065af-7793-4fce-4717-ba495f2f35d6&reqId=d5a7f02c-2cc7-4c73-5aee-3cb4d611479d&zdid=689
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H2
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

date
Fri, 12 Aug 2022 08:16:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
location
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=693065af-7793-4fce-4717-ba495f2f35d6&env=mWeb&eventType=pageview&id_mid_4=693065af-7793-4fce-4717-ba495f2f35d6&reqId=d5a7f02c-2cc7-4c73-5aee-3cb4d611479d&zdid=689
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://cs.seedtag.com
access-control-allow-credentials
true
cf-ray
7397c5a45d3e7157-YUL
access-control-allow-headers
*
partner
sync.search.spotxchange.com/ Frame AA25
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=249286
  • https://sync.search.spotxchange.com/partner?source=249286&__user_check__=1&sync_id=22d04dfd-1a17-11ed-9272-185744bf0403
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D&uid=CAESEBUuTVgII-7c7NRcBaVaff0&google_cver=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=spotx&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.search.spotxchange.com/partner?adv_id=7028&uid=b88f2951-bac5-41e7-bff4-9adb35ec6b09&img=1
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1&gdpr=0&gdpr_consent=
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YvYMeQAF1xc1xgA0&img=1&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/sx?gdpr=0&gdpr_consent=
  • https://sync.search.spotxchange.com/partner?adv_id=8304&uid=AADwMk7F7BkAABENckpF8w&gdpr=0
  • https://sync.springserve.com/usersync?redirect_url=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D8876%26uid%3DSS_UUID
  • https://sync.search.spotxchange.com/partner?adv_id=8876&uid=3d3621c0-cb59-4e32-b129-d62129eb503c
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=44&gdpr=0&gdpr_consent=
  • https://tags.bluekai.com/site/17724?id=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341&redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D7308%26uid%3D3b411936-d003-4cd9-9e67-a...
  • https://sync.search.spotxchange.com/partner?adv_id=7308&uid=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=30&redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6653%26uid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://sync.search.spotxchange.com/partner?adv_id=6653&uid=3f4262f6-0c7b-4700-a042-2230177506f6&gdpr=0&gdpr_consent=
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6653&uid=3f4262f6-0c7b-4700-a042-2230177506f6&gdpr=0&gdpr_consent=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
HTTP/1.1
Server
192.35.249.127 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:17:01 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
148
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Fri, 12 Aug 2022 08:17:00 GMT
Server
MT3 4475 c1dc35a master ord-pixel-x4 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.search.spotxchange.com/partner?adv_id=6653&uid=3f4262f6-0c7b-4700-a042-2230177506f6&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 12 Aug 2022 08:16:59 GMT
improvedigital
s.seedtag.com/cs/cookiesync/ Frame AA25
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D
  • https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=ea9885a8-0f84-4e27-872a-648e2874a0f2
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=ea9885a8-0f84-4e27-872a-648e2874a0f2
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H3
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=ea9885a8-0f84-4e27-872a-648e2874a0f2
date
Fri, 12 Aug 2022 08:16:58 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
indexexchange
s.seedtag.com/cs/cookiesync/ Frame AA25
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191730&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D&s=191730&C=1
  • https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=YvYMeptZyA.1HFbuQyqMsAAA%26479
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=YvYMeptZyA.1HFbuQyqMsAAA%26479
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H3
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qDfJK4kWpLt6Cbse5TH%2Fca8rBoEcFVklABGicNNmdPR4vFciui4qDwTshxcUhb6D5Ef4ZW%2Fob%2Fb8IKppQxiy2M80wm%2FLsrUmWRNpI5mnzU4aXyS906daVGxyFp25ofw1NJgGpbJXwus6yA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=YvYMeptZyA.1HFbuQyqMsAAA%26479
cache-control
no-cache
cf-ray
7397c5a04925a216-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
verizon
s.seedtag.com/cs/cookiesync/ Frame AA25
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58427/occ
  • https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-RydbI5hE2uFDB9iSgTjz3M_1h9BFwOrDNIvwXc0-~A
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-RydbI5hE2uFDB9iSgTjz3M_1h9BFwOrDNIvwXc0-~A
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H3
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-RydbI5hE2uFDB9iSgTjz3M_1h9BFwOrDNIvwXc0-~A
date
Fri, 12 Aug 2022 08:16:58 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie
cm.adform.net/ Frame AA25 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fadform%3Fchanneluid%3D%24UID
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
server
nginx
content-length
43
content-type
image/gif
sovrn
s.seedtag.com/cs/cookiesync/ Frame AA25
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsovrn%3Fchanneluid%3D%24UID
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsovrn%3Fchanneluid%3D%24UID&sovrn_retry=true
  • https://s.seedtag.com/cs/cookiesync/sovrn?channeluid=FIewiLZHvvFnkDbISHKtAJTx
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/sovrn?channeluid=FIewiLZHvvFnkDbISHKtAJTx
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H3
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Date
Fri, 12 Aug 2022 08:16:59 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://s.seedtag.com/cs/cookiesync/sovrn?channeluid=FIewiLZHvvFnkDbISHKtAJTx
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
config
c.amazon-adsystem.com/cdn/prod/ Frame CFBD 		385 B
736 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fglamour.globo.com&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-195.phl50.r.cloudfront.net
Software
Server /
Resource Hash
bbc029f1d997ab0fa9fc1499f94fb93f83b350470966b2227c6b761b282e527c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:57 GMT
via
1.1 558a7274c3bf9c351a26dc5ddb8c820a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
385
x-amz-cf-id
mqsDBVTDKOdj9XcTmYZvy9SvPdZ7K1Wn_0C0J2Kok-ATD5cQ11DySA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame CFBD 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-195.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:00 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
last-modified
Wed, 03 Aug 2022 22:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
JXufo2ctue2uysHllG2MRpKE8F0E4.a0
via
1.1 aed3f8ed29085c056c75452d71b07f7e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
content-type
application/javascript
x-amz-cf-id
vR77NRA2snVvMaMui5hh2YgcH3NCC_UzWHOhsxSmwdDGIKcVQohdDQ==
view
securepubads.g.doubleclick.net/pcs/ Frame CFBD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsum3m7gA8QvDb8OgMlxhWWc-_OqJG2WaCSaRBy6WP-UdG1c8penCJAZIye23ooP36oWnUBxSB1EHJUvgtQCq1FSPm3JgVInIbMhl9HO2C6Qf5cug37EAJ9IabDrWi_FBwoXCuCruP6BDEPxpRwmF4GoXswdjEkge_qFZoAdpOTeFxYGMVq4zncTMDVCnhZZUYdEZLOndPC_bRf_7L34DN9c4CLxB0GpST6FLglaeYUzUXQ5aPh2WnzPZfskY6IWYOObs-Biwx6wAZhFF182h5YRr-MYvnqYFGOmcX1q-jTrlj7k_8HHVPorgCEekmycA4HBVzEAtlTS7KDk&sai=AMfl-YRFIXWL8bx3E79f14ecnhLSeblKIvNuDaeY-xX-Jnn4r-sCkR0Txkg6Tn1g_0MH5WgH0xtIVTTiyx7WNmIFIFbt7492htKtH_oU0rJe9PChaUseUlhJRUn3hTcpTlc&sig=Cg0ArKJSzCCe8T1miI-QEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 08:16:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 12 Aug 2022 08:16:58 GMT
cs
cs.lkqd.net/ Frame DFF2
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/lkq
  • https://match.prod.bidr.io/cookie-sync/lkq?_bee_ppp=1
  • https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AADwMk7F7BkAABENckpF8w
43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AADwMk7F7BkAABENckpF8w
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
146.20.132.198 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AADwMk7F7BkAABENckpF8w
Date
Fri, 12 Aug 2022 08:16:58 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
cm
p.rfihub.com/ Frame DFF2 		42 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?pub=35678&in=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
199.38.167.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:16:58 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cs
cs.lkqd.net/ Frame DFF2
Redirect Chain
  • https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID
  • https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_f59ee970-2706-40c0-8d02-a96a6b530af8
43 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_f59ee970-2706-40c0-8d02-a96a6b530af8
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
146.20.132.198 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_f59ee970-2706-40c0-8d02-a96a6b530af8
date
Fri, 12 Aug 2022 08:16:58 GMT
via
1.1 google
server
WildFly/10
x-powered-by
Undertow/1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
CookieSyncLKQD
rtb.adentifi.com/ Frame DFF2 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncLKQD
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.178.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-178-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
cs
cs.lkqd.net/ Frame DFF2
Redirect Chain
  • https://sync.1rx.io/usersync2/lkqd
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1239820626
  • https://sync.1rx.io/usersync/tradedesk/b88f2951-bac5-41e7-bff4-9adb35ec6b09
  • https://sync.targeting.unrulymedia.com/csync/RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D7%26partnerUserId%3DRX-505d6b14-b8dd-4151-861b-7b8be62c98...
  • https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005
43 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
146.20.132.198 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Date
Fri, 12 Aug 2022 08:16:58 GMT
Server
Tengine
ETag
RX505d6b14b8dd4151861b7b8be62c9851005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005
Connection
keep-alive
Content-Type
text/html
cs
cs.lkqd.net/ Frame DFF2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=lkqd
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=lkqd&bsw_custom_parameter=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=lkqd&bsw_custom_parameter=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=10e60be2-121c-4a78-ad2a-b2bc2b15a74a&ssp=lkqd&expires=30&user_group=5&bsw_param=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
  • https://cs.lkqd.net/cs?partnerId=12&partnerUserId=9f6c8083-3ab4-40a9-9e61-00d2d73f3398&redirect=%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D43%26partnerUserId%3D9f6c8083-3ab4-40a9-9e61-00d2d73f3398%26redi...
  • https://cs.lkqd.net/cs?partnerId=43&partnerUserId=9f6c8083-3ab4-40a9-9e61-00d2d73f3398&redirect=//cs.lkqd.net/cs?partnerId%3D46%26partnerUserId%3D9f6c8083-3ab4-40a9-9e61-00d2d73f3398
  • https://cs.lkqd.net/cs?partnerId=46&partnerUserId=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=46&partnerUserId=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
146.20.132.198 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

date
Fri, 12 Aug 2022 08:16:59 GMT
server
nginx
location
//cs.lkqd.net/cs?partnerId=46&partnerUserId=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame DFF2
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D13%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=13&partnerUserId=779dc6d7-1e55-47c6-b42b-4e6acd827fa5
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=13&partnerUserId=779dc6d7-1e55-47c6-b42b-4e6acd827fa5
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
146.20.132.198 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

date
Fri, 12 Aug 2022 08:16:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://cs.lkqd.net/cs?partnerId=13&partnerUserId=779dc6d7-1e55-47c6-b42b-4e6acd827fa5
cf-ray
7397c5a12ff74bb8-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cs
cs.lkqd.net/ Frame DFF2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=e0d6q5j&ttd_tpi=1
  • https://cs.lkqd.net/cs?partnerId=22&partnerUserId=b88f2951-bac5-41e7-bff4-9adb35ec6b09
43 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=22&partnerUserId=b88f2951-bac5-41e7-bff4-9adb35ec6b09
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
146.20.132.198 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.lkqd.net/cs?partnerId=22&partnerUserId=b88f2951-bac5-41e7-bff4-9adb35ec6b09
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
203
cs
cs.lkqd.net/ Frame DFF2
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3162
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3162&s_h=1
  • https://cs.lkqd.net/cs?partnerId=23&partnerUserId=f842d39a-2807-4d90-82ff-2b72e6e18d37
43 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=23&partnerUserId=f842d39a-2807-4d90-82ff-2b72e6e18d37
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
146.20.132.198 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=23&partnerUserId=f842d39a-2807-4d90-82ff-2b72e6e18d37
pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
us.php
gu.dyntrk.com/adx/lkqd/ Frame DFF2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent=
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
15.235.43.119 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5012066.ip-15-235-43.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
cs
cs.lkqd.net/ Frame DFF2
Redirect Chain
  • https://media.sabio.us/imp_pixel?invsrc=11&secure=1
  • https://cs.lkqd.net/cs?partnerId=39&partnerUserId=7178279213840977713
43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=39&partnerUserId=7178279213840977713
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
146.20.132.198 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=39&partnerUserId=7178279213840977713
date
Fri, 12 Aug 2022 08:16:58 GMT
server
Apache/2.4.23 (Unix)
content-length
257
content-type
text/html; charset=iso-8859-1
/
loadm.exelator.com/load/ Frame DFF2
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd&s_h=1
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=f842d39a-2807-4d90-82ff-2b72e6e18d37&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1266
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/f842d39a-2807-4d90-82ff-2b72e6e18d37/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=f842d39a-2807-4d90-82ff-2b72e6e18d37?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1262
  • https://tags.bluekai.com/site/5379?id=f842d39a-2807-4d90-82ff-2b72e6e18d37&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1263
  • https://loadm.exelator.com/load/?p=204&g=281&buid=f842d39a-2807-4d90-82ff-2b72e6e18d37&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=281&buid=f842d39a-2807-4d90-82ff-2b72e6e18d37&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
34.229.3.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-229-3-43.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

location
https://loadm.exelator.com/load/?p=204&g=281&buid=f842d39a-2807-4d90-82ff-2b72e6e18d37&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265
pragma
no-cache
date
Fri, 12 Aug 2022 08:17:00 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
cs
cs.lkqd.net/ Frame DFF2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D
  • https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YvYMeQAF1xc1xgA0
43 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YvYMeQAF1xc1xgA0
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
146.20.132.198 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
via
1.1 varnish
server
Varnish
x-timer
S1660292219.770968,VS0,VE0
x-served-by
cache-yul12833-YUL
x-cache
HIT
location
https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YvYMeQAF1xc1xgA0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
cs
cs.lkqd.net/ Frame DFF2
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D53%26partnerUserId%3D%25%25VGUID%25%25
  • https://cs.lkqd.net/cs?partnerId=53&partnerUserId=hMxmzlf716FU&ev=1&pid=561322
43 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=53&partnerUserId=hMxmzlf716FU&ev=1&pid=561322
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
146.20.132.198 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
location
https://cs.lkqd.net/cs?partnerId=53&partnerUserId=hMxmzlf716FU&ev=1&pid=561322
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-stage-0
expires
-1
464986.gif
idsync.rlcdn.com/ Frame DFF2 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/464986.gif?partner_uid=cK_eA7gHoeQ
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 08:16:58 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cs
cs.lkqd.net/ Frame DFF2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=Y0tfZUE3Z0hvZVE
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEH_wnleCn6RqS9LRrUx5SWQ&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEH_wnleCn6RqS9LRrUx5SWQ&google_cver=1
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
146.20.132.198 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEH_wnleCn6RqS9LRrUx5SWQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs.lkqd.net/ Frame DFF2
Redirect Chain
  • https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0
  • https://cs.lkqd.net/cs?partnerId=76&gdpr=0&partnerUserId=gv-Pr4Su3viZrtivhvjE_dL90aGZrNv6gvRBfrwH
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=76&gdpr=0&partnerUserId=gv-Pr4Su3viZrtivhvjE_dL90aGZrNv6gvRBfrwH
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
146.20.132.198 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://cs.lkqd.net/cs?partnerId=76&gdpr=0&partnerUserId=gv-Pr4Su3viZrtivhvjE_dL90aGZrNv6gvRBfrwH
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
cs
cs.lkqd.net/ Frame DFF2
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b30&u=cK_eA7gHoeQ&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24
  • https://s.tribalfusion.com/z/i.match?p=b30&u=cK_eA7gHoeQ&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24
  • https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662274873668336
43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662274873668336
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
146.20.132.198 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
413
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
7397c5a02ee37145-YUL
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662274873668336
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame DFF2
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=118
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2...
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341%26partner_url%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D97%2526partnerUserId%253D3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
18.235.231.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-231-13.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.6.6
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341%26partner_url%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D97%2526partnerUserId%253D3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
cs
cs.lkqd.net/ Frame DFF2
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=v
  • https://s.ad.smaato.net/c/?adExInit=v&cookieCheck=1
  • https://cs.lkqd.net/cs?partnerId=109&partnerUserId=6c322cab
43 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=6c322cab
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
146.20.132.198 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

date
Fri, 12 Aug 2022 08:16:59 GMT
via
1.1 e1d636b234c38932eb25194cb146dbcc.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PHL50-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=6c322cab
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
HCEGX4VAhXSZQnEB6wYnIl0xxFo5KulbnJPLWrYzOaPG5QdGLOqpng==
/
trc.taboola.com/sg/rubicon-network-display/1/rtb-h/ Frame 08AD
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L6Q748YP-1X-5LKK
0
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L6Q748YP-1X-5LKK
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-vcl-time-ms
21
date
Fri, 12 Aug 2022 08:16:59 GMT
via
1.1 varnish
server
nginx
x-timer
S1660292219.160139,VS0,VE21
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
x-served-by
cache-yul12824-YUL

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L6Q748YP-1X-5LKK
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
ace9692b4e77bdf741ff63add80edaca
Expires
0
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 08AD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEFzy_YDO2wB6CUspA27TPiU&google_cver=1
0
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEFzy_YDO2wB6CUspA27TPiU&google_cver=1
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-vcl-time-ms
21
date
Fri, 12 Aug 2022 08:16:58 GMT
via
1.1 varnish
server
nginx
x-timer
S1660292219.901259,VS0,VE21
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12824-YUL

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEFzy_YDO2wB6CUspA27TPiU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 08AD 		42 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8:$UID
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 20:32:32 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 08AD
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8
date
Fri, 12 Aug 2022 08:16:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17311
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 08AD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=b88f2951-bac5-41e7-bff4-9adb35ec6b09
0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=b88f2951-bac5-41e7-bff4-9adb35ec6b09
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-vcl-time-ms
18
date
Fri, 12 Aug 2022 08:16:58 GMT
via
1.1 varnish
server
nginx
x-timer
S1660292219.863047,VS0,VE18
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12824-YUL

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=b88f2951-bac5-41e7-bff4-9adb35ec6b09
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame 08AD
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:59 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:59 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 08AD 		49 B
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-CA
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-stage-0
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 08AD 		43 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8&gdpr=0&gdpr_consent=
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.204 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame 08AD 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.209.207.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-207-157.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
content-length
43
x-nosync
emp
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 08AD
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=b5ec2475-b3b4-4e7c-ae4d-4ce10fdd3825
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=b5ec2475-b3b4-4e7c-ae4d-4ce10fdd3825
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17285

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=b5ec2475-b3b4-4e7c-ae4d-4ce10fdd3825
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1061875
content-length
0
expires
Fri, 12 Aug 2022 00:00:00 GMT
264.gif
id5-sync.com/k/ Frame 08AD
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8&gdpr=0&gdpr_consent=&us_privacy=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/6/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/464/2/6/2.gif?puid=4838819436260598658&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMO-PxwOt7khudEAbM4oQdOGGog4hJ2pO1fy_9tag&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F5%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/464/3/5/3.gif?puid=3f4262f6-0c7b-4700-a042-2230177506f6&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=b88f2951-bac5-41e7-bff4-9adb35ec6b09&ttl=%%TTL%%
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/k/264.gif?puid=b88f2951-bac5-41e7-bff4-9adb35ec6b09&ttl=%%TTL%%
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:00 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/html;charset=utf-8

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://id5-sync.com/k/264.gif?puid=b88f2951-bac5-41e7-bff4-9adb35ec6b09&ttl=%%TTL%%
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 08AD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=taboola&bds_param=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=37bc2ea4-d6de-4028-8041-54e91ec2ac6d&expires=10&ssp=taboola&bsw_param=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20864

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
Date
Fri, 12 Aug 2022 08:16:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 08AD
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=63a5f202-c472-42d0-9626-c25841625417
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=63a5f202-c472-42d0-9626-c25841625417&tbid=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8&query=taboola_hm%3D63a5f202-c472-...
0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=63a5f202-c472-42d0-9626-c25841625417&tbid=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8&query=taboola_hm%3D63a5f202-c472-42d0-9626-c25841625417&isDirect=0
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
via
1.1 varnish
server
nginx
x-timer
S1660292220.664365,VS0,VE21
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12824-YUL

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=63a5f202-c472-42d0-9626-c25841625417&tbid=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8&query=taboola_hm%3D63a5f202-c472-42d0-9626-c25841625417&isDirect=0
date
Fri, 12 Aug 2022 08:16:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
22014
sd
u.openx.net/w/1.0/ Frame 08AD 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=543998486&val=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8&gdpr=0&gdpr_consent=
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
xuid
eb2.3lift.com/ Frame 08AD
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7772&xuid=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8&dongle=tbla
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7772&xuid=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
date
Fri, 12 Aug 2022 08:16:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
visitor.omnitagjs.com/visitor/ Frame 08AD 		49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=54ac1f569912e3c4967bf7b5df910a44&name=TABOOLA&visitor=[BUYER_USERID]&external=true
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-type
image/gif
content-length
49
expires
0
/
s.uuidksinc.net/match/1135/ Frame 08AD 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.uuidksinc.net/match/1135/?remote_uid=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
server
nginx/1.19.0
rtb-h
sync.taboola.com/sg/stackadaptrtb-network/1/ Frame 08AD
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=140
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=s2-c1UJiToJucJinG1V3nJU4mbM
0
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=s2-c1UJiToJucJinG1V3nJU4mbM
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
22715

Redirect headers

Location
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=s2-c1UJiToJucJinG1V3nJU4mbM
Date
Fri, 12 Aug 2022 08:16:59 GMT
Connection
keep-alive
Content-Length
119
Content-Type
text/html; charset=utf-8
match
ads.betweendigital.com/ Frame 08AD
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=453&user_id=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
Date
Fri, 12 Aug 2022 08:16:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
t.adx.opera.com/ Frame 08AD 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60151&uid=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 08AD
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=3832f7eb-6d12-4e42-833d-817cba42bcb7
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=3832f7eb-6d12-4e42-833d-817cba42bcb7
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
22014

Redirect headers

date
Fri, 12 Aug 2022 08:16:59 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=3832f7eb-6d12-4e42-833d-817cba42bcb7
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
av
vidoomy-d.openx.net/v/1.0/ Frame 6391 		48 B
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fglamour.globo.com%2F&cb=1123902983&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C8053567781243901311878703146,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://glamour.globo.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 6391 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C14101613518053567781243901311,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
0f68ea326951d09da6339a6f9913ac90d850786c37144f70635039d3a2aed173

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:58 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1660292218800051-289
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 6391 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C80535677812439013111632008016%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
bbbc1f644f0272cd52f691244c04a02d53780f4fc2b459e8f8ca7df34209a665

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:58 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1660292218844012-312
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 6391 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C80535677812439013112014308597%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
43c11e1ee5cc09983c97efa3f93ac1a4797712e226c309b9bd14b4dd141ee16c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:58 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1660292218825045-277
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame CFBD 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.protocolo7em7.com.br.hackeandoansiedade.space
URL: https://www.protocolo7em7.com.br.hackeandoansiedade.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af44d280920264564147250d0841eebf33288a04c932c182c06ec21600a228c2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
1669
x-amz-server-side-encryption
AES256
x-amz-request-id
Z1BPD2Y7MMVJTES2
x-amz-id-2
nZ8j2dQ2wx6cr0Xen450o4gDXVw8XO1EX78315xb6osTnsoryoQU6TqWj+T3JOEKt2czqsZqkSFVEYTNLQlIhg==
last-modified
Wed, 27 Jul 2022 15:06:46 GMT
server
cloudflare
etag
W/"a49d5e2684c7e5d488d526ca41c2f3e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7397c59fbcbb714a-YUL
pixel.gif
beacon.krxd.net/ 		0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=sexqhznbn&_kpid=5007d44e-09d1-49b7-8c99-6b1cc38c3cbc&_kcp_s=Infoglobo&_kcp_d=glamour.globo.com&_knifr=21&_kpref_=https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F&_kua_kx_tz=0&geo_country=ca&geo_region=qc&geo_dma=124462&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kxuser=xovovzj6l&_kua_glbdt_utype=anonymous&_kua_dmp_globo_id=801914769712392704&_kua_kx_tech_browser=Chrome%2010&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=ca&_kua_kx_geo_region=qc&_kua_kx_geo_dma=124462&_kpa_meta_keywordsDELIM=%2C&_kpa_kx_context_terms=Nu7TTsTR%3A1%2CNu7TVOIg%3A1%2CNu7TTFG6%3A1%2CNu7TXfT8%3A1%2CNu7TWVvS%3A1%2CNu7TWGye%3A1&_kpa_url_path_1=lifestyle&_kpa_url_path_2=noticia&_kpa_url_path_3=2019&_kpa_url_path_4=12&_kpa_url_path_5=melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&_kpa_content_type=materia&_kpa_page_name=materia&_kpa_meta_site_name=Glamour&_kpa_title=Melhores%20do%20ano%3A%20os%20memes%20mais%20engra%C3%A7ados%20de%202019%20%7C%20Lifestyle%20%7C%20Glamour&_kpa_full_path=glamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&_kpa_subdomain=glamour&_kpa_domain=globo&_kpa_utag_editoria=glamour%2CLifestyle&_kpa_utag_page_type=multi-content&_kpa_browser_name=Chrome&t_navigation_type=0&t_dns=241&t_tcp=322&t_http_request=-1&t_http_response=478&t_content_ready=2414&t_window_load=0&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=xovovzj6l&userdata_user=PA2gS_tb%2Cxovovzj6l&sview=1&kplt0=19929&kplt1=19930&kplt2=19936&kplt3=27202&kplt4=30153&kplt5=32767&kplt6=35254&kplt7=38352&kplt8=38515&kplt9=43900&kplt11=46183&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F5007d44e-09d1-49b7-8c99-6b1cc38c3cbc%2C84%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C180%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C289%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F5007d44e-09d1-49b7-8c99-6b1cc38c3cbc%2CNaN
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.227.59.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-59-83.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
cache-control
private, no-cache, no-store
x-request-time
D=68 t=1660292218
x-served-by
beacon-n015-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
syncframe
gum.criteo.com/ Frame ECA6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=glamour.globo.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
2b00ce902e9ef9e7031d76c62a72c1cb0054185e6691e9a72757a31cead715a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6145
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 08:16:58 GMT
server-processing-duration-in-ticks
3853
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
adview
securepubads.g.doubleclick.net/pagead/ Frame E6A6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CTz-Fegz2Yo6EFJKKzwWMn5j4A-ySrZFg99rS06wMwI23ARABIABgyb6hi8Ck2A-CARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN6ABlfWb3wPIAQngAgCoAwGqBM4CT9AEHv7pBWeGgyKJvJ27BBQL-_B_I_NpV7N3S1BKN0ciq0inGVNIGr7PG6Br4dp9ek9rpYXjz9Dub1LCzbZfXBzfOdWeV6Q9lbo5lCi2cFogpMLhAh7_M7x5949HwXGrEIe9j6AmuhwX3V2ukL_n53tSx5RCqw9DbpFRgaVhtKoG6RkWYkHn8n7DYgCg45Ij8zmHErNdoumTjTCXs1SC_cwN6S1U6NBUZsw61Imufjrt1At_l4y8oU6_bTb-7WBbRJDL3H-iQYREEGqOAckTFjq6Rw0CdGk06UYNpJsx_84l1-jfeLIVFWx61_QotX-fMyhnBNeyWMlesAqTYHzxpYwdojrRSjbQkcsbzirLwr57sJ33RzeLsz4S7okUedSjIClRpoDwQlbHTiFb4zAnEK1IvlqrucZZhzTrsuDVHpHv3SlLB-N8vyKKFERKx-AEAYAGiLjnm7PJ6vXsAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTg4Mjg1ODcxNDk0NzM0MzcY4fMg&sigh=NFbsA4ciQCM&uach_m=[UACH]&cid=CAQSPACsnQUx_-wzMBaMhZdIRWlgtotD_bzJoDm1kcB3UwfNIHUmudOrqviYtwMuhLa2ALfGacXyz9VvEwqilxgB
Requested by
Host: www.protocolo7em7.com.br.hackeandoansiedade.space
URL: https://www.protocolo7em7.com.br.hackeandoansiedade.space/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
log
hblg.media.net/ Frame E6A6 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=US&ctr=0.0037841839&viewability=72&device_id=4&cbdp=0.16&slotVisibility=2&dn=glamour.globo.com&acid=6ff0b9ea947f423ab3ae06140420df9a&ugd=4&size=320x480&pvid=294&csip=rtb-appnexus-5f777c6bc4-sdppq.SC&ogbdp=0.2&sc_pvid=4&prvReqId=66856966403549_242604054_11621109122941&itype=ADX&requrl=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&scrid=1700080812716500320048000001000&mang=1&bidrestime=1660292218454&cid=8CUU9JF8H&rme=nurl
Requested by
Host: www.protocolo7em7.com.br.hackeandoansiedade.space
URL: https://www.protocolo7em7.com.br.hackeandoansiedade.space/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.223.56.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-26.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 12 Aug 2022 08:16:58 GMT
log
qsearch-a.akamaihd.net/ Frame E6A6 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.2000&ss_d2=0&stid=&other_prv=4%7C294&jar_err=&current_day=5.0&adtyp=0&req_id=YvYMegAF20AKs7dNZAFCRw&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=75.6392&exp=&fdbk_id=&second_bidder=4&search_res=48&floor_bucket=0.00&gpid_format=&seat=BID_API&size=320x480&url_l1=lifestyle&f_seg=&url_l2=noticia&prdp=0.1600&ogcbdp=0.2000&dfpbd=0.1600&server=1&ogerpm_wd_bkt=0-1&model_version=202208112018_generic_adx_1-cid_0&viewability=0.7200&dmm_r=0.0000&cut=20&dmm_l=0.0000&as_cache=0&tcyerpm=&sc=NY&send_erpm=true&dmm_m9=0.0000&sd=2&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.20&ugd_ver=&requrl=glamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml%2F&bidrestime=1660292218454&cc=US&strg=harmony&ss=&current_hour=7&time_stamp=2022-08-12+08%3A16%3A58&model_key=generic_adx_1-cid_0&rvshhon=&mul_ratio=0.0000&bdp=0.2000&ct=Kingston&akey=&mnckfl=0&bdp_bucket=0.20&algo=&dc=east_sc&splid=&dn=glamour.globo.com&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.79+Safari%2F537.36&buyer_id=&dmm_m10=917037&bdp_wider_bucket=1&acid=6ff0b9ea947f423ab3ae06140420df9a&infl=1&o_ver=NT+10.0&br_ver=104.0.5112.79&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.13.0&totalTimeBucket=2&visibility=2&totalTime=2951800&dmm_m1=2022-08-12+08%3A16%3A58.456178642&e_rpm=0.0000&dmm_m22=0.2000&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CUU9JF8H&bcrid=1700080812716500320048000001000&rawbid=0.2000&seat_id=BID_API&sub_bidder=196&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-appnexus-5f777c6bc4-sdppq.SC&dfp_bucket=0.1&adblk=1539729608&itype=adx&pvid_seat=294_BID_API&cliIP=2503514368&advurl=search.yahoo.com%2F&level_base=0&crid=116211091&sat=1&br_id=265&cut_bkt=20&gpid=&iwb=1&second_bid=0.150000&sc_pvid=294&capd=0&other_bids=0.15%7C0.2
Requested by
Host: www.protocolo7em7.com.br.hackeandoansiedade.space
URL: https://www.protocolo7em7.com.br.hackeandoansiedade.space/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.200.0.188 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-0-188.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:59 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Fri, 12 Aug 2022 08:16:59 GMT
nmedianet.js
contextual.media.net/ Frame E6A6 		159 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU5RJ1PV
Requested by
Host: 684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
URL: https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c9d770b0783fa690c7b7fcf39d13c6942d124e16dca19e0a4c3acc570ef9bc9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-mnt-h
8-33
content-encoding
gzip
server
Apache
etag
"5c8037af6c8c8461b4c47832447ae5e6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Fri, 12 Aug 2022 08:16:59 GMT
strict-transport-security
max-age=31536000
x-mnt-w
8-20
expires
Fri, 12 Aug 2022 08:21:59 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame E6A6 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: 684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
URL: https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.223.56.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Fri, 12 Aug 2022 08:16:58 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=75109
access-control-allow-credentials
true
content-length
62892
expires
Sat, 13 Aug 2022 05:08:47 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame E6A6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: 684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
URL: https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:07:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
540
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 08:07:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E6A6 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
URL: https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 08:16:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame E6A6 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
URL: https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:08:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
482
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 08:08:56 GMT
l
www.google.com/ads/measurement/ Frame E6A6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSHgmP0PbW1YpZXZofCo5rvE8c7vTuCl4uYPSlskGyVX0C0F9oZjHDH0DgjCQCUVv2e8nrf--5z3zgdzofLDFnSAa1K5g
Requested by
Host: 684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
URL: https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame E6A6 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
URL: https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 06 Aug 2022 07:24:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
521559
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 06 Aug 2023 07:24:19 GMT
bid
c.amazon-adsystem.com/e/dtb/ Frame CFBD 		171 B
644 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&pr=https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F&pid=5HXkyDigolyc8&cb=0&ws=300x250&v=22.8.42053&t=2000&slots=%5B%7B%22sd%22%3A%22%2F138871148%2Frevistaglamour.globo.com.dw.300x250%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F138871148%2C85042905%2Frevistaglamour.globo.com.dw.300x250%22%7D%5D&schain=1.0%2C1!hcodemedia.com%2C288%2C1%2C%2C%2C&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22lotame%22%3A%2207ef451a530f5ca6f9ea3c08367316d53938436257fa5a9bb7b14dcebfd95ad8%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-195.phl50.r.cloudfront.net
Software
Server /
Resource Hash
7a1ac55ec922b57ea9245f79aaf8986d8cda9bf9c253ff188390d2dbe515572c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
via
1.1 558a7274c3bf9c351a26dc5ddb8c820a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL50-C1
x-amz-rid
8GM4KXCV7SH4X9BSW8PZ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
171
x-amz-cf-id
HFrRGkyn5h9kQqD4IrSiVF6fQvfyyxwN_hR9dK9GxTqNjm01ru9YEA==
fbevents.js
connect.facebook.net/en_US/ 		100 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.protocolo7em7.com.br.hackeandoansiedade.space
URL: https://www.protocolo7em7.com.br.hackeandoansiedade.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4ff1b9b91db584b19d20b4d02af9ff7673add161ce3f9ceae9391b3a84fddab1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26515
x-xss-protection
0
pragma
public
x-fb-debug
22gM4GIMONsoBtEhiuFw/bdJPim3EbIixcKwLxQW5nBkVpEKDviTwZeSbY25IhMWFSdWrTGf6FBBBZAgi+7gMw==
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 12 Aug 2022 08:16:59 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel;r=1235481355;event=refresh;rf=0;a=p-PFW5FesqXn206;url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml;uht=2;fpan=1;f...
pixel.quantserve.com/ Frame 0BF2 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1235481355;event=refresh;rf=0;a=p-PFW5FesqXn206;url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml;uht=2;fpan=1;fpa=P0-2048920885-1660292218886;pbc=176c1745-4f32-4b97-aa69-f3cff6a6997a;ns=1;ce=1;qjs=1;qv=ae608f52-20220808163238;cm=;gdpr=0;ref=;d=globo.com;dst=0;et=1660292218885;tzo=0;ogl=
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN27281 (QUANTCAST, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame DA29 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=91856668&p=157743&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7ffe810448cdfee593013dd04b6f975f19ec18e0e748aea8003c99f592d48600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cmp.js
ced-ns.sascdn.com/diff/js/modules/ Frame 5DA2 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/modules/cmp.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:822b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b730ee413841da70b67f550de8ffce8148c3fd15dacc5274bd0b80bf18a44da7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:16:59 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Feb 2022 11:31:40 GMT
Server
AkamaiNetStorage
ETag
"49623d3e5c04865dd012dafa25c82381:1645098702.977678"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2929
CookieSync.min.js
csync.smartadserver.com/rtb/csync/ Frame 5DA2 		64 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/CookieSync.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8239 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
11daf6f1f81c0e60c33e75464791f001280c50524a42dfcb70cedca62bd32f74

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:16:58 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 May 2022 10:03:17 GMT
Server
AkamaiNetStorage
ETag
"217e486a6056a4c3f795a92c8453b8e4:1651494310.017305"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15343
TemplatePool.min.js
csync.smartadserver.com/rtb/csync/ Frame 5DA2 		140 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/TemplatePool.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8239 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7898425d5cdbc2eeab116722a0b0aa19e66ba822e915db0fe213d488405d07aa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:16:58 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Jun 2022 15:32:46 GMT
Server
AkamaiNetStorage
ETag
"1b6e178951444fb1c6a686c7bf615d71:1655136014.678919"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4684
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A337 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
998
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 08:00:20 GMT
expires
Sat, 12 Aug 2023 08:00:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 40DD 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
993b351bd299e8f6b53dfc734dbb695fb97967e8b1fabb183817fccf3e436bf9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZPK4XwPLNPrtaI62FcGCfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-ZPK4XwPLNPrtaI62FcGCfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 08:16:58 GMT
expires
Fri, 12 Aug 2022 08:16:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 350F
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2f...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=4838819436260598658&gdpr=0&gdpr_consent=
49 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=4838819436260598658&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:58 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
8524b9ee-639a-419c-82b7-1197f860603e
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=4838819436260598658&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 350F
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26vis...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=4838819436260598658&gdpr=0&gdpr_consent=
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=4838819436260598658&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:58 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
5692c21b-3d45-40d2-98df-cc767bccfa6a
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=4838819436260598658&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 350F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=adyoulike
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=adyoulike
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=4985186688463408566&ssp=adyoulike
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=9f6c8083-3ab4-40a9-9e61-00d2d73f3398&name=BIDSWITCH
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=9f6c8083-3ab4-40a9-9e61-00d2d73f3398&name=BIDSWITCH
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-type
image/gif
content-length
49
expires
0

Redirect headers

Location
//visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=9f6c8083-3ab4-40a9-9e61-00d2d73f3398&name=BIDSWITCH
Date
Fri, 12 Aug 2022 08:16:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
visitor.omnitagjs.com/visitor/ Frame 350F
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=adyoulike
  • https://creativecdn.com/cm-notify?pi=adyoulike&tc=1
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=zyA5VdCCDerQ1QP3TvEu&name=RTB_HOUSE&pi=adyoulike&tc=1
49 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=zyA5VdCCDerQ1QP3TvEu&name=RTB_HOUSE&pi=adyoulike&tc=1
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=zyA5VdCCDerQ1QP3TvEu&name=RTB_HOUSE&pi=adyoulike&tc=1
pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT, Fri, 12 Aug 2022 08:16:59 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
711333.gif
id.rlcdn.com/ Frame 350F 		42 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711333.gif?&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 08:16:59 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sync
visitor.omnitagjs.com/visitor/ Frame 350F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=b88f2951-bac5-41e7-bff4-9adb35ec6b09&name=THE_TRADE_DESK
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=b88f2951-bac5-41e7-bff4-9adb35ec6b09&name=THE_TRADE_DESK
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=b88f2951-bac5-41e7-bff4-9adb35ec6b09&name=THE_TRADE_DESK
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
319
sync
visitor.omnitagjs.com/visitor/ Frame 350F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/aul
  • https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AADwMk7F7BkAABENckpF8w&name=BEESWAX
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AADwMk7F7BkAABENckpF8w&name=BEESWAX
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AADwMk7F7BkAABENckpF8w&name=BEESWAX
Date
Fri, 12 Aug 2022 08:16:58 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 350F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visitor%3...
  • https://stags.bluekai.com/site/23178?id=EuBSRz1bwaIrjLFeZgEv&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33N...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGNZQW2ZJ5LJCU2QKOKRAV6...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=EuBSRz1bwaIrjLFeZgEv
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=EuBSRz1bwaIrjLFeZgEv
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:59 GMT
P3p
CP="We do not support P3P header."
Location
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=EuBSRz1bwaIrjLFeZgEv
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
188
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 350F
Redirect Chain
  • https://sync.e-volution.ai/4460e88f3323cf4d9f4263656a846075.gif?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dfcd0c0bfff5af32579cdcdb6ff804bf8%26visitor%3D%5BUID%5D%26name%3Dev...
  • https://visitor.omnitagjs.com/visitor/sync?uid=fcd0c0bfff5af32579cdcdb6ff804bf8&visitor=9930cb3e-b9bc-4f8d-ba6b-6a95d8294df3&name=evolution
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=fcd0c0bfff5af32579cdcdb6ff804bf8&visitor=9930cb3e-b9bc-4f8d-ba6b-6a95d8294df3&name=evolution
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:59 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://visitor.omnitagjs.com/visitor/sync?uid=fcd0c0bfff5af32579cdcdb6ff804bf8&visitor=9930cb3e-b9bc-4f8d-ba6b-6a95d8294df3&name=evolution
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
sync
visitor.omnitagjs.com/visitor/ Frame 350F
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=779dc6d7-1e55-47c6-b42b-4e6acd827fa5%20&gdpr_consent=null&gdpr=0
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=779dc6d7-1e55-47c6-b42b-4e6acd827fa5%20&gdpr_consent=null&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-type
image/gif
content-length
49
expires
0

Redirect headers

date
Fri, 12 Aug 2022 08:16:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=779dc6d7-1e55-47c6-b42b-4e6acd827fa5 &gdpr_consent=null&gdpr=0
cf-ray
7397c5a14cf1ecf6-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 350F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visit...
  • https://stags.bluekai.com/site/23178?id=CAj9tp6lCQS85i0jAlFa&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33N...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGNZQW2ZJ5LJCU2QKOKRAV6...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=CAj9tp6lCQS85i0jAlFa
49 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=CAj9tp6lCQS85i0jAlFa
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:59 GMT
P3p
CP="We do not support P3P header."
Location
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=CAj9tp6lCQS85i0jAlFa
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
192
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 350F
Redirect Chain
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_user...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=0801220407eff893dbec616e
49 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=0801220407eff893dbec616e
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
6
content-type
image/gif
content-length
49
expires
0

Redirect headers

Location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=0801220407eff893dbec616e
Date
Fri, 12 Aug 2022 08:16:59 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Powered-By
Express
Content-Length
0
Vary
Origin
sync
visitor.omnitagjs.com/visitor/ Frame 350F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-b36f9cd5-4262-4e82-6e70-98a71b55779c$ip$149.56.153.179&name=STACKADAPT
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-b36f9cd5-4262-4e82-6e70-98a71b55779c$ip$149.56.153.179&name=STACKADAPT
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-type
image/gif
content-length
49
expires
0

Redirect headers

Location
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-b36f9cd5-4262-4e82-6e70-98a71b55779c$ip$149.56.153.179&name=STACKADAPT
Date
Fri, 12 Aug 2022 08:16:59 GMT
Connection
keep-alive
Content-Length
191
Content-Type
text/html; charset=utf-8
sync
visitor.omnitagjs.com/visitor/ Frame 350F
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8778&redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D5a6dfefcb43521ff293762793ad668db%26visitor%3D%24SPOTX_USER_ID%26name%3DSPOTX
  • https://visitor.omnitagjs.com/visitor/sync?uid=5a6dfefcb43521ff293762793ad668db&visitor=22d04db5-1a17-11ed-9272-185744bf0403&name=SPOTX
49 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=5a6dfefcb43521ff293762793ad668db&visitor=22d04db5-1a17-11ed-9272-185744bf0403&name=SPOTX
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
5
content-type
image/gif
content-length
49
expires
0

Redirect headers

Date
Fri, 12 Aug 2022 08:16:59 GMT
Server
nginx
Location
https://visitor.omnitagjs.com/visitor/sync?uid=5a6dfefcb43521ff293762793ad668db&visitor=22d04db5-1a17-11ed-9272-185744bf0403&name=SPOTX
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
123
Connection
keep-alive
Content-Length
0
sync
visitor.omnitagjs.com/visitor/ Frame 350F
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3538&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=7ab967d40b91570ff51c4cdaa51fe5d6&name=FREEWHEEL&visitor=d1da37587edc87dd7d8c185575c8f6
49 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=7ab967d40b91570ff51c4cdaa51fe5d6&name=FREEWHEEL&visitor=d1da37587edc87dd7d8c185575c8f6
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:59 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://visitor.omnitagjs.com/visitor/sync?uid=7ab967d40b91570ff51c4cdaa51fe5d6&name=FREEWHEEL&visitor=d1da37587edc87dd7d8c185575c8f6
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1660292219024062-267
sync
visitor.omnitagjs.com/visitor/ Frame 350F
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=c5cd35f8-357b-4232-8d3a-f00d790b0b65&name=BIDTELLECT
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=c5cd35f8-357b-4232-8d3a-f00d790b0b65&name=BIDTELLECT
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-type
image/gif
content-length
49
expires
0

Redirect headers

X-ServerName
Track004-iad
Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:08 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Location
https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=c5cd35f8-357b-4232-8d3a-f00d790b0b65&name=BIDTELLECT
Cache-Control
private,no-cache
Content-Type
text/html; charset=utf-8
Content-Length
265
Expires
-1
usync.js
eus.rubiconproject.com/ Frame 3D51 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
843061eb460de0b038e56183343e2f2308875530fb61d3cdbdd47c1604c0557d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:16:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54907
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9453
Expires
Fri, 12 Aug 2022 23:32:05 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E785 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_fE4H1yeOW1M7DgYZPi8kCYUR1eSrsKB21h4ADyj7Boj1iq6Ba5PHDvd9sXRFP3Fd_3sCQshIn2hTyP80eo9zmxrP9UzEhh7mOmLywv44rKeHr-9V&sig=Cg0ArKJSzIlzrLnXuW58EAE&id=lidar2&mcvt=1023&p=170,315,260,1285&mtos=1023,1023,1023,1023,1023&tos=1023,0,0,0,0&v=20220810&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3229887313&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660292217792&rpt=119&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=YZmJyXxETUNWWlNZT3FOS0NDVEh4cnVvbFhjdk84aDNQSXJiWDZSNHorZ0FjQXF0dlE0dUIrTWlpNU5CQnYrcTdaYVRIN2gyekZJZFdjaUl3VDFIdm1Fdjh1SW8vSmVXMVhlM2hNbU5wS2ozcGVESjNVb1NYUkRGdm5ibUZpNjFpZVBpRktBTDdIcnpHRXhuZnlScStkeW1kdUZjV1daLzV3RHVEeU1NREVTUTUyblh0eXM1cXVmZGhVUW55U1BKLzF1Nzh5L3daSEFIMFVvb0tJckg0ekdkdXVycmxQTU5WZlBsOGtFOUdxZGtkcitLd2ZPbHhGZlNZRWNueVlZS1J5WWJldFJobzllR3RJYXV1NjlabG1hd1A0UT09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 12 Aug 2022 08:16:58 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1619
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sync.html
s.spotim.market/ Frame FBC0 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.151.8.242 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
7bb80cfb55f7e9508d7d16592b33bda61f81f80502894aebc7fe77dc29c8aaf3

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://visitor.omnitagjs.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
991
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Aug 2022 08:16:59 GMT
Server
Adtelligent
X-Robots-Tag
noindex
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6998 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=63027
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 12 Aug 2022 08:16:58 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 13 Aug 2022 01:47:25 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame E733
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Aug 2022 08:16:59 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 12 Aug 2022 08:16:58 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
server
AkamaiGHost
usync.html
eus.rubiconproject.com/ Frame 1532
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Aug 2022 08:16:59 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 12 Aug 2022 08:16:58 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
server
AkamaiGHost
ssync.html
player.aniview.com/ssync/5e0e296628a061270b21ccab/ Frame 370A 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/ssync/5e0e296628a061270b21ccab/ssync.html?pid=5e0e296628a061270b21ccab&r=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3De8ecb87ff2ef3a3b16ba16c51e7986ac%26visitor%3D%5BAV_UID%5D%26name%3DOPENWEB_VIDEO&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:13:783::2c79 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
46e4dfa96644020484b012dc7d59fb17991401df9dc28cabe53f5c3b624b310a

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
no-transform, max-age=300
content-encoding
gzip
content-language
en
content-length
1388
content-type
text/html
date
Fri, 12 Aug 2022 08:16:59 GMT
etag
"33e83150082be3e380069462586bdaaf"
expires
Fri, 12 Aug 2022 08:21:59 GMT
last-modified
Tue, 31 May 2022 13:06:44 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1654002404084554
x-goog-hash
crc32c=KWHuZw== md5=M+gxUAgr4+OABpRiWGvarw==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
1388
x-guploader-uploadid
ADPycdu2O9OHwXJSu-Ba4Clh2Tt4z-sa5m8w5DuHxodMdZGCvzTI5NKYZbw_oYhdvcExBQiPLdBiPv7GbltR2Vlas-aFmLaazBzX
sync
ssbsync.smartadserver.com/api/ Frame 711E 		725 B
975 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.197 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
26cefadb056e058995a271c90dd16952de72e19c6d0c15c18e49dbef7835c284

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
725
content-type
text/html
date
Fri, 12 Aug 2022 08:16:58 GMT
v1
lb.eu-1-id5-sync.com/lb/ Frame CFBD 		33 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
701321f31b18b277e6337df335144b13a8fa614515f1e7051c462ddddbe9fca1

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:16:58 GMT
transfer-encoding
chunked
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 12 Aug 2022 08:16:58 GMT
server
nginx
t
t.lkqd.net/ Frame E327 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:16:59 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid_6d8da985.js
vpaid.springserve.com/production/ Frame 688F 		506 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_6d8da985.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:b800:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e8003ad291ba3bd8691f5b0754b18daa4f89147dd3f27f204c651cd8d5fbf8f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 16:44:38 GMT
content-encoding
br
last-modified
Thu, 28 Jul 2022 16:39:44 GMT
server
AmazonS3
age
1265542
etag
W/"9026fbc1fc8aafffe9b6d2458d235a3a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9a4c760031a0dcc526cc9dcd0d0940ea.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
NqU2hvA7ifMZ_nDckQfHHZ9u3hUKzYqhEDL0XevxSL2EoX1-OKmidA==
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/gif
Rubicon
s.seedtag.com/cs/cookiesync/ Frame 3D51
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=seedtag&khaos=L6Q748YP-1X-5LKK
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=L6Q748YP-1X-5LKK
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=L6Q748YP-1X-5LKK
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
H3
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:00 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=L6Q748YP-1X-5LKK
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
1da0c96602e9a1076eae4f5554c05cf3
Expires
0
sid
mug.criteo.com/ Frame ECA6
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=globo.com&sn=ChromeSyncframe&so=3&topUrl=glamour.globo.com&bundle=tOY38l8lMkZRODhicWlTMjhscXBiTWM3MTduWFN4QkJCMlAlMkZCJTJGek1STFlieGFDY...
  • https://mug.criteo.com/sid?cpp=yeuqY3xPNGZUbDdTamlKWWhUOGd1L2J6WVNpQ1A3bnBuNFFwRjZkeWlTYzJCUEJlOER5WW1IMnF4RCtWc1d4UU5leTVSRG45M3A0U0lrcjBYMWljeXNURkEwcW41cTdPNXg5ZmUrbUppV3VKWktKOXN2QTFmTWlYMlEwMD...
433 B
632 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=yeuqY3xPNGZUbDdTamlKWWhUOGd1L2J6WVNpQ1A3bnBuNFFwRjZkeWlTYzJCUEJlOER5WW1IMnF4RCtWc1d4UU5leTVSRG45M3A0U0lrcjBYMWljeXNURkEwcW41cTdPNXg5ZmUrbUppV3VKWktKOXN2QTFmTWlYMlEwMDVaZW9pRk1TR0wxekpGdFQ3bEd0enlxZ1QyOVFYRXVPOFhkWUpTcXBmWHQ0eXhiblAvSUNYKzlReTFsZExHY1VWQzNvMHpabWZDWmlUKzJvTEFBUjY3NEdnd3VoeTluZ053MkgwQXcxcisvTjZ6TkJNMWdBa0VRYkQwMmVYQ2tjdXVlSkU1VUY1dm5FZllUQk1XblJGY2c0a3JHek9SZz09fA&cppv=2
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
a4ec26fd216fb0b0aa77265927e4ea9d85268230361037b17ea696ff7b4eba5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3709
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=yeuqY3xPNGZUbDdTamlKWWhUOGd1L2J6WVNpQ1A3bnBuNFFwRjZkeWlTYzJCUEJlOER5WW1IMnF4RCtWc1d4UU5leTVSRG45M3A0U0lrcjBYMWljeXNURkEwcW41cTdPNXg5ZmUrbUppV3VKWktKOXN2QTFmTWlYMlEwMDVaZW9pRk1TR0wxekpGdFQ3bEd0enlxZ1QyOVFYRXVPOFhkWUpTcXBmWHQ0eXhiblAvSUNYKzlReTFsZExHY1VWQzNvMHpabWZDWmlUKzJvTEFBUjY3NEdnd3VoeTluZ053MkgwQXcxcisvTjZ6TkJNMWdBa0VRYkQwMmVYQ2tjdXVlSkU1VUY1dm5FZllUQk1XblJGY2c0a3JHek9SZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1312
content-length
541
expires
0
integrator.js
adservice.google.com/adsid/ Frame CFBD 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=glamour.globo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 08:16:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame CFBD 		21 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3921357706765368&correlator=2694492534530212&eid=31068869%2C44761478%2C31067825&output=ldjh&gdfp_req=1&vrg=2022080801&ptt=17&impl=fifs&iu_parts=138871148%3A85042905%2Crevistaglamour.globo.com.dw.300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=2347996017&sfv=1-0-38&fsapi=false&prev_scp=pwtdeal_ias%3DPMP_-_42_-_108cee6fac82163%26adt%3Dlow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26fr%3Dfalse%26id%3D21660f89-1a17-11ed-9da0-0a0b388d0187%26pwtsid%3D108cee6fac82163%26pwtbst%3D1%26pwtecp%3D0.01%26pwtdid%3D42%26pwtpid%3Dias%26pwtpubid%3D157163%26pwtprofid%3D4985%26pwtverid%3D4%26pwtsz%3D100x200%26pwtplt%3Ddisplay%26amznbid%3D2%26amznp%3D2%26hcmviewable%3Dtrue&eri=1&sc=1&cookie=ID%3Da17c416f40ba3ab0%3AT%3D1660292217%3AS%3DALNI_MZef1q0nhAz143tY1Ia_bnZVcneMQ&cdm=glamour.globo.com&gpic=UID%3D000006f10df361b6%3AT%3D1660292217%3ART%3D1660292217%3AS%3DALNI_MZkUYPurO4IAqAs4f6Qck3UyLpE8Q&arp=1&abxe=1&dt=1660292219082&lmt=1660292219&dlt=1660292218010&idt=178&adxs=892&adys=773&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=qu6j7idbu0ek&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&top=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&frm=23&vis=1&psz=300x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=437779693.1660292217&ga_sid=1660292219&ga_hid=1917414045&ga_fc=true&a3p=EhUKCnVpZGFwaS5jb20YvvaCiakwSAASGwoMaWQ1LXN5bmMuY29tGMf4gompMEgAUgIIahL-AQoOZXNwLmNyaXRlby5jb20S4gF0T1kzOGw4bE1rWlJPRGhpY1dsVE1qaHNjWEJpVFdNM01UZHVXRk40UWtKQ01sQWxNa1pDSlRKR2VrMVNURmxpZUdGRFltRklTVWszUkdGWVIzRmlSbXBSU25sa1pGTjJRVzF0YzIxbWIzVm9ia2c1VTJZek5YaHplSFpRTVdWeFlVTTBOSHBIUm5KVlUyWkxaR1prTjNaaFQwWlZhSHBYZFZOTmNFNXdaV3cyTVd0Qk9XMWhiRGd4TnlVeVJrTlNialpYYW1FelFuWTFTM1JXUW1SbU9EZFRVU1V6UkNVelJBGOb_gompMEgAEloKDWNyd2RjbnRybC5uZXQSQDA3ZWY0NTFhNTMwZjVjYTZmOWVhM2MwODM2NzMxNmQ1MzkzODQzNjI1N2ZhNWE5YmI3YjE0ZGNlYmZkOTVhZDgYjPeCiakwSAASOwoKcHViY2lkLm9yZxIkY2RmNzRlOWItZDRmZi00ZmI0LWE2M2YtNDEzNGIzMWM0NTNjGP33gompMEgAEj4KBW9wZW54EixleUpwSWpvaVlrdFJjbXRUTmxWUlQwdHlVbFZuVTJaNFozSXZaejA5SW4wPRic94KJqTBIAA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
e8f79ab5c3fdf0b731a1a9fd9e6d8faf2f64846ad301e8ccc55760a09f345384
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12146
x-xss-protection
0
google-lineitem-id
6071312053
pragma
no-cache
server
cafe
google-creative-id
612726143989
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame CFBD 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022080801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0383bcf4238f988f399911ac308b21233b43f07ea58942da7ac32b89ced8c7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 08:16:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11123
x-xss-protection
0
container.html
ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 01F5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 08:16:59 GMT
expires
Sat, 12 Aug 2023 08:16:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame E733 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
843061eb460de0b038e56183343e2f2308875530fb61d3cdbdd47c1604c0557d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:16:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54906
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9453
Expires
Fri, 12 Aug 2022 23:32:05 GMT
iu3
s.amazon-adsystem.com/ Frame C2D3
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&dcc=t
323 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
1d7f6ffcdfd27562629eec3440c52f50b2eb54b76e899a871c41a266c17664fa
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
323
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 12 Aug 2022 08:16:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
NGPQ188JMQYP518NVD9M

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Fri, 12 Aug 2022 08:16:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&dcc=t
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
3JST8WY80PB3NVH4Z097
smtr
contextual.media.net/ Frame AB94 		65 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=360634848&size=320x480&cc=CA&chnm=HARMONY&pid=8POPGE52H&tpid=TG41K38&https=1&vif=2&requrl=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&nse=5&vi=1660292219385956852&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&bae=B44egagqBq&bcpf=B48fOnRrolnfOur84egagqBq&bdrId=294&bid=325626&ntv=0&matchstring=hr%3D0%7Cbcat%3D500121%2C501025%2C500780%2C500273%2C500532%2C99603%2C501011%2C501082%2C500008%2C101884%2C500786%2C500900&kttle=SafeFrame%20Container&katpre=1&katbid=-102&pgid=p0442255615t202208120816&goent=1&htmlsrc=1&allsc=QC
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU5RJ1PV
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e7025cfbdc9103e36e209a3796e1896855682b13ae4cb4e7114e1474ae1c9dde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
26195
content-type
text/html
date
Fri, 12 Aug 2022 08:16:59 GMT
expires
Fri, 12 Aug 2022 08:16:59 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-sc-h
22-cnhl
x-sc-w
22-131g
bping.php
lg3.media.net/ Frame E6A6 		35 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=630&&vgd_cdv=775&gdpr=0&prid=8PRN625DH&cid=8CU5RJ1PV&crid=360634848&vi=1660292219385956852&ugd=4&lf=6&cc=CA&sc=QC&lper=100&wsip=2886781337&r=1660292219142&requrl=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&vgd_bid=325626&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=16276&vgd_rakh=1660292218114905538&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_pgid=p0442255615t202208120816&vgd_pgids=1&vgd_uspa=0&hvsid=00001660292219138025035145477106&gdpr=0&vgd_end=1
Requested by
Host: 684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
URL: https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.223.56.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Fri, 12 Aug 2022 08:16:59 GMT
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 12 Aug 2022 08:16:59 GMT
usync.js
eus.rubiconproject.com/ Frame 1532 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
843061eb460de0b038e56183343e2f2308875530fb61d3cdbdd47c1604c0557d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:16:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54906
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9453
Expires
Fri, 12 Aug 2022 23:32:05 GMT
t
t.lkqd.net/ Frame E327 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:16:59 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 12 Aug 2022 08:16:59 GMT
server
nginx
checksync.php
contextual.media.net/ Frame 3D1A 		26 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C4%2C20000%2C313%2C10000%2C9%2C319%2C294&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: 684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
URL: https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1810cb889334e2f37e878a2a80852ad1871c455f024726a7daa1fd9ed64c7821
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=75033
content-encoding
gzip
content-length
9327
content-type
text/html; charset=UTF-8
date
Fri, 12 Aug 2022 08:16:59 GMT
expires
Sat, 13 Aug 2022 05:07:32 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame E6A6 		35 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4986&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=3&spSource=0&ifst=0&vid=YvYMegAF20AKs7dNZAFCRw&s_city=morganton&ugd=4&bcat%3C%3E=1000010%23%2310566%23%231000008%23%231000037%23%231000036%23%231000004%23%231000003%23%2313423%23%231000031%23%2311825%23%231000030%23%2310103%23%231000024%23%2311321%23%231000018%23%2312766%23%2312767&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D3%7Cfl_rl%3D1%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=0.0037841839&mx_TAF=3&sc_bdp=0.150&device_id=4&ae=false&mx_UCC=5&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.200&size=320x480&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=98de3c81&scrid=1700080812716500320048000001000&itypeid=17&mx_SPRIG=0&viewability=72&renderer=1&be=0&rtime=29.0&adj0=0.0&tmax=300&s_ip=74.125.19.6&adj2=0.0&adj1=0.0&feedback_id=YvYMegAF20AKs7dNZAFCRw&adtypes=0&mx_aabpc=0&reqid=YvYMegAF20AKs7dNZAFCRw&sc=NY&sd=2&mowxReqId=6ff0b9ea947f423ab3ae06140420df9a_1&ifdp=0&requrl=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&bidrestime=1660292218454&pv_adtype=0&cc=US&strg=HARMONY&pcrid=8CU5RJ1PV-360634848-33-1&coppa_enf=true&sc_prspt=headerBid&bdp=0.200&ct=Kingston&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CHARMONY%7Cbrr%3D1&mx_epbc=8CU5RJ1PV&dnt_enf=false&mx_ssBucket=0&vls=0&asn=16276&mang=1&sc_cbdp=0.150&fleet=appnexus&mx_isLossNtf=false&advUrl=https%3A%2F%2Fsearch.yahoo.com&dn=glamour.globo.com&dt=O&acid=6ff0b9ea947f423ab3ae06140420df9a&actltime=50&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C7%7C13%7C14%7C15%7C16%7C48%7C17%7C18%7C114%7C19%7C20%7C22%7C25%7C26%7C27%7C30%7C95&dfpBd=0.16&sckfl=1&dmm_erpm=true&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CU5RJ1PV&epcexp=false&pubid=pub-ADX-116310109131&mx_bsProfile=0&cid=8CUU9JF8H&bcrid=1700080812716500320048000001000&omul=1.0&res_mtype=0&apPrfs%3C%3E=60%23%2313%23%234%23%2310&suid=CAESEPj87iWVTf1aC3rlWGfYw88&chnl=HARMONY&pst=0&reqsize=320x480&adpos=3&itype=ADX&mx_g_one_uid_sent=None&spCst=0&tgtval=pub-ADX-116310109131&__expireat=1660292818708&lmt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=360634848&ckfl=0&lper=1&mx_tgs=320x480%7C336x280%7C580x400&cbdp=0.16&sc_advUrl=https%3A%2F%2Ftopics.businessfocus.online&pvdTmax=244&ltime=49.0&epc=360634848&ctr_vendor=EXCHANGE&prvReqId=66856966403549_242604054_11621109122941&zip=12401&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-8828587149473437&ybnca_erpm=0.2&brsrclk=0&sbdrid=196&rtttime=64&apTags%3C%3E=75&mx_PC=1&wsip=mowx-lite-69d9d8d79-fmhgv&currsrc_date=2022-08-11+00%3A00%3A00&sc_adj0=0.0&sc_adj1=0.0&sc_adj2=0.0&psrc=fail&geoll=false&omid=0&debug_ts=2022-08-12+08%3A16%3A58&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=2&usp_enf=1&bidflr=0.010&sc_ogbdp=0.15&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=294&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=2&dbf=1&gdpr=0&gqid=AHfbET7SB4QY8o7me2CKILzj3B3W7NtGbhuJol_14rpyJODbZmaIQdYny0Z3rSCuHvLUE4nh&dmm_ogerpm=false&csip=rtb-appnexus-5f777c6bc4-sdppq.SC&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=east_sc&mx_aqcpl_crid=4&ogbdp=0.2&tpbTkn=false&adblk=1539729608&fpuReq=1&vcmplrt=-1.0&crid=116211091&geo_source=2&sat=1&mnet_ckfl=0&sc_pvid=4&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D10~ogerpm%3D0.2~vis_sd%3D283~url_rps_b%3D16.08~dc2%3D1~scd%3Dqc~v_asn%3D16276~vl2r_sd%3D2022081120~iurl_b%3D651.47~url_tkc%3D0~url_r2a_b%3D0~std%3D~MP%3D.*style.*~last%3D~cvog%3D0~vis_url_b%3D0.47~ip%3D2Jqus0~fbb%3D0~vis_url_l%3D10~riipua%3D3%2C3~et%3D25~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022081201~vis_b%3D652.95~url_b%3D1.17~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~url_l%3D10~gcat%3D-1~bb%3D196~vv%3D0~cvl2r_sd%3D284~l2r_b%3D1000~erpm%3D0.2~vl2r_url_kc%3D0E0~vl2r_up_l%3D0~bm%3D1~sid%3D360634848~sd%3D2~uid%3Dh8gq5BZbkylMVAwdQ~url_rps_kc%3D0~cvl2r_b%3D3.26~btd%3D1174437380901616030057013714186949855270466519764185212494768190461751770746880~cvl2%3D3.26~3pcf%3D999.99~uim%3D0~dmm_strg%3Dharmony~vl2r_up_b%3D0~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D133.7~url_srps_b%3D16.08~CI%3D2718~nts%3D3~MP2%3D.*style.*~tb%3D-1~ct%3Dmontreal~basis2%3D196~basis1%3D196~isRef%3D0~PF%3D0~isif%3D0~lc%3D1~url_rpc_b%3D0~bid%3D0.2~dc%3D8~url_rps_rv%3D0~vl2r_b%3D2.23~supply_tag_id%3D%7Eviewability%3D0.72%7Eamp%3D1%7Ecbdp%3D0.200%7Edmm%3Dharmony%7Esuid%3DCAESEPj87iWVTf1aC3rlWGfYw88%7Esd%3D2%7Edtc%3Deast_sc%7Exid%3DADX-pub-8828587149473437%7Edalg%3D%7Ehtml%3D1%7Eadblk%3D1539729608%7Esobp%3D0.15%7Ectr%3D0.0037841839%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.200%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D20%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D320x480%7C336x280%7C580x400~bsb%3D0~bsp%3D0~tmx%3D244&utime=731&sf=0&cpr=0.48530850260371006
Requested by
Host: 684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
URL: https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.223.56.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
max-age=3600
date
Fri, 12 Aug 2022 08:16:59 GMT
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Fri, 12 Aug 2022 14:16:59 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8EDA 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
URL: https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
984
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 08:00:35 GMT
etag
48472445140208031
expires
Sat, 13 Aug 2022 08:00:35 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 3D51
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
HTTP/1.1
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:59 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
GJ4ANHC9G2QW7DAPHWDW
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:59 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
EXJ7YF0GN7KB9328G4P0
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 3D51
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L6Q748YP-1X-5LKK
0
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L6Q748YP-1X-5LKK
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 3A46D979636445389723FCE557D58F96 Ref B: YTO01EDGE0509 Ref C: 2022-08-12T08:16:59Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXmBuf13uDpVGyflX1tmg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L6Q748YP-1X-5LKK
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 3D51
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b88f2951-bac5-41e7-bff4-9adb35ec6b09&gdpr=0&gdpr_consent=&expires=30
42 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b88f2951-bac5-41e7-bff4-9adb35ec6b09&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
ace9692b4e77bdf741ff63add80edaca
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b88f2951-bac5-41e7-bff4-9adb35ec6b09&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
esync
token.rubiconproject.com/ Frame 3D51
Redirect Chain
  • https://id.rlcdn.com/709414.gif
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 12 Aug 2022 08:16:59 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 3D51
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/JzIdCHZSXTdKJL00lKLIBcn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=681337929651169845
42 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=681337929651169845
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
ace9692b4e77bdf741ff63add80edaca
Content-Type
image/gif

Redirect headers

date
Fri, 12 Aug 2022 08:16:59 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=681337929651169845
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
v1
ads.yahoo.com/cms/ Frame 3D51
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6Q748YP-1X-5LKK&sigv=1&esig=2~f67e30361488b371d47aaa172aedc0e2b217c6d0
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6Q748YP-1X-5LKK&sigv=1&esig=2~f67e30361488b371d47aaa172aedc0e2b217c6d0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
H2
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6Q748YP-1X-5LKK&sigv=1&esig=2~f67e30361488b371d47aaa172aedc0e2b217c6d0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 3D51
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODU4ODI5ZWI1ZDg3NGQwYmY2NTFhNWQ0OWVhMTZiZWEzODQ4YTZjYQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODU4ODI5ZWI1ZDg3NGQwYmY2NTFhNWQ0OWVhMTZiZWEzODQ4YTZjYQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODU4ODI5ZWI1ZDg3NGQwYmY2NTFhNWQ0OWVhMTZiZWEzODQ4YTZjYQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 3D51
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=PbkjCde4RK28kiq48Qqh9A&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=PbkjCde4RK28kiq48Qqh9A
43 B
797 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=PbkjCde4RK28kiq48Qqh9A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:59 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
NQE5YNV4EM0EAWYS40JT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=PbkjCde4RK28kiq48Qqh9A
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ace9692b4e77bdf741ff63add80edaca
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sodar
pagead2.googlesyndication.com/pagead/ Frame 40DD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022080801&jk=3007064759748925&rc=
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
sync
visitor.omnitagjs.com/visitor/ Frame E733
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&khaos=L6Q748YP-1X-5LKK
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=L6Q748YP-1X-5LKK&name=RUBICON
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=L6Q748YP-1X-5LKK&name=RUBICON
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=L6Q748YP-1X-5LKK&name=RUBICON
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
deb9f124eecce7a554c70ca983265c95
Expires
0
truncated
/ Frame E6A6 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d908435ca225cca8f7d1b52d338cfd84e78d14db4797627df8dd3534196ed61b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
sync
visitor.omnitagjs.com/visitor/ Frame 370A
Redirect Chain
  • https://sync.aniview.com/ssync?pid=5e0e296628a061270b21ccab&r=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3De8ecb87ff2ef3a3b16ba16c51e7986ac%26visitor%3D%5BAV_UID%5D%26name%3DOPENWEB...
  • https://visitor.omnitagjs.com/visitor/sync?uid=e8ecb87ff2ef3a3b16ba16c51e7986ac&visitor=e0a062c9-8bf8-48ab-bf86-90e0df03fa89&name=OPENWEB_VIDEO
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=e8ecb87ff2ef3a3b16ba16c51e7986ac&visitor=e0a062c9-8bf8-48ab-bf86-90e0df03fa89&name=OPENWEB_VIDEO
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/ssync/5e0e296628a061270b21ccab/ssync.html?pid=5e0e296628a061270b21ccab&r=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3De8ecb87ff2ef3a3b16ba16c51e7986ac%26visitor%3D%5BAV_UID%5D%26name%3DOPENWEB_VIDEO&gdpr=0&gdpr_consent=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://player.aniview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=e8ecb87ff2ef3a3b16ba16c51e7986ac&visitor=e0a062c9-8bf8-48ab-bf86-90e0df03fa89&name=OPENWEB_VIDEO
date
Fri, 12 Aug 2022 08:16:59 GMT
content-length
174
content-type
text/html; charset=utf-8
nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
pagead2.googlesyndication.com/bg/ Frame A337 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 07:45:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
261061
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14139
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 07:45:58 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 711E 		49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=9276a8c8d010b77af50144c60047b781&visitor=6897201368687718618&name=SMARTADSERVER&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-type
image/gif
content-length
49
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 711E
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=779dc6d7-1e55-47c6-b42b-4e6acd827fa5&gdpr_consent=null&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=779dc6d7-1e55-47c6-b42b-4e6acd827fa5&gdpr_consent=null&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.204 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Fri, 12 Aug 2022 08:16:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=779dc6d7-1e55-47c6-b42b-4e6acd827fa5&gdpr_consent=null&gdpr=0
cf-ray
7397c5a29d5fecf6-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
redir
rtb-csync.smartadserver.com/ Frame 711E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADwMk7F7BkAABENckpF8w&gdpr=0
43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADwMk7F7BkAABENckpF8w&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.204 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADwMk7F7BkAABENckpF8w&gdpr=0
Date
Fri, 12 Aug 2022 08:16:59 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
711890.gif
id.rlcdn.com/ Frame 711E 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 08:16:59 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
/
rtb-csync.smartadserver.com/redir/ Frame 711E
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=f842d39a-2807-4d90-82ff-2b72e6e18d37&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=f842d39a-2807-4d90-82ff-2b72e6e18d37&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.204 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=f842d39a-2807-4d90-82ff-2b72e6e18d37&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
usync.html
eus.rubiconproject.com/ Frame F4F3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Aug 2022 08:16:59 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 12 Aug 2022 08:16:59 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
33across
s.seedtag.com/cs/cookiesync/ Frame 133C
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1660292219180.&ri=0010b00002MptHCAAZ&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERI...
  • https://s.seedtag.com/cs/cookiesync/33across?channeluid=2294083809199
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/33across?channeluid=2294083809199
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H3
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
referrer-policy
unsafe-url
server
33XP004
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://s.seedtag.com/cs/cookiesync/33across?channeluid=2294083809199
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 133C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=the33across
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=1783777314954996696&expires=30&ssp=the33across
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=9f6c8083-3ab4-40a9-9e61-00d2d73f3398&ts=1660292219&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=9f6c8083-3ab4-40a9-9e61-00d2d73f3398&ts=1660292219&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=9f6c8083-3ab4-40a9-9e61-00d2d73f3398&ts=1660292219&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 133C
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1660292219180.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=3f4262f6-0c7b-4700-a042-2230177506f6
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=3f4262f6-0c7b-4700-a042-2230177506f6
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Fri, 12 Aug 2022 08:16:59 GMT
Server
MT3 4475 c1dc35a master ord-pixel-x52 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=3f4262f6-0c7b-4700-a042-2230177506f6
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 12 Aug 2022 08:16:58 GMT
match
events-ssc.33across.com/ Frame 133C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-_yEpoWdE2uGlnYZ9c0U0j_kkvXerg2QO~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-_yEpoWdE2uGlnYZ9c0U0j_kkvXerg2QO%7EA&ts=1660292219&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-_yEpoWdE2uGlnYZ9c0U0j_kkvXerg2QO%7EA&ts=1660292219&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
referrer-policy
unsafe-url
server
33XP004
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-_yEpoWdE2uGlnYZ9c0U0j_kkvXerg2QO%7EA&ts=1660292219&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 133C
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=288bbe717b140ca3&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAEfVOUzjrYwgNp8Yg2AAAAAAA&expiration=1660378619&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAEfVOUzjrYwgNp8Yg2AAAAAAA&ts=1660292219&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAEfVOUzjrYwgNp8Yg2AAAAAAA&ts=1660292219&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:00 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
referrer-policy
unsafe-url
server
33XP004
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAEfVOUzjrYwgNp8Yg2AAAAAAA&ts=1660292219&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame 133C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1662884219%26external_user_id%3Db88f2951-bac5-41e7-bff4-9adb35ec6b09
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1662884219&external_user_id=b88f2951-bac5-41e7-bff4-9adb35ec6b09
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1662884219&external_user_id=b88f2951-bac5-41e7-bff4-9adb35ec6b09
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
40000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1662884219&external_user_id=b88f2951-bac5-41e7-bff4-9adb35ec6b09
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cksync
cs.media.net/ Frame 3D1A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzAzMjkzODE5MTQ1NDcxNTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEOy8uLIsPSwzt05dBvjJSjw&google_cver=1
45 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEOy8uLIsPSwzt05dBvjJSjw&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C4%2C20000%2C313%2C10000%2C9%2C319%2C294&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
173.223.56.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 12 Aug 2022 08:16:59 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEOy8uLIsPSwzt05dBvjJSjw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
996.json
id5-sync.com/g/v2/ Frame CFBD 		454 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/996.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
50ed7801335123eda3191eb9b9813c3e1e972155447bf2e9d2442b35633400e8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
transfer-encoding
chunked
match
c1.adform.net/serving/cookie/ Frame 2EBA 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=70B1E182-C5A6-4B0E-914D-DCB16A48E702
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.42 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 12 Aug 2022 08:16:59 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame AAFB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YvYMeQAF1xc1xgA0&gdpr=0&gdpr_consent=
1 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YvYMeQAF1xc1xgA0&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 12 Aug 2022 08:16:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Fri, 12 Aug 2022 08:16:59 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YvYMeQAF1xc1xgA0&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yul12833-YUL
x-timer
S1660292220.589631,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame E69D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b4cf62f6-0c7b-4900-ab8c-6e8655895a65&gdpr=0&gdpr_consent=
42 B
405 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b4cf62f6-0c7b-4900-ab8c-6e8655895a65&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 12 Aug 2022 00:34:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 12 Aug 2022 08:16:59 GMT
Expires
Fri, 12 Aug 2022 08:16:58 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4475 c1dc35a master ord-pixel-x57 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b4cf62f6-0c7b-4900-ab8c-6e8655895a65&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 1006
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEd01rN0Y3QmtBQUJFTmNrcEY4dw&bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AADwMk7F7BkAABENckpF8w&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsyn...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADwMk7F7BkAABENckpF8w
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADwMk7F7BkAABENckpF8w
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 12 Aug 2022 08:16:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Fri, 12 Aug 2022 08:16:59 GMT
Server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADwMk7F7BkAABENckpF8w
strict-transport-security
max-age=2592000; includeSubDomains
141
match.deepintent.com/usersync/ Frame 6A8F 		0
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Fri, 12 Aug 2022 08:16:58 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
a
Pug
simage2.pubmatic.com/AdServer/ Frame 910A
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 11 Aug 2022 21:17:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 08:16:57 GMT
expires
Fri, 12 Aug 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
916607
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame 7E66
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=23234c52-1a17-11ed-9465-f3edc820c7ab
42 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=23234c52-1a17-11ed-9465-f3edc820c7ab
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 12 Aug 2022 08:16:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 12 Aug 2022 08:16:59 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=23234c52-1a17-11ed-9465-f3edc820c7ab
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
lga-delivery-5
server
Cowboy
Pug
simage2.pubmatic.com/AdServer/ Frame F6D1
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=s2-c1UJiToJucJinG1V3nJU4mbM
42 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=s2-c1UJiToJucJinG1V3nJU4mbM
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 12 Aug 2022 08:16:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Fri, 12 Aug 2022 08:16:59 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=s2-c1UJiToJucJinG1V3nJU4mbM
Pug
simage2.pubmatic.com/AdServer/ Frame 8B3D
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005&rndcb=7925476305
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadconductor%26expires%3D30%...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadconductor%26expires%3D30%...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=9e7f3da7-9383-53e0-8f00-1e45edf6123e&ssp=adconductor&expires=30&user_group=1&gdpr=&gdpr_consent=
  • https://sync.1rx.io/usersync/bidswitch/9f6c8083-3ab4-40a9-9e61-00d2d73f3398?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005
42 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 11 Aug 2022 20:30:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Fri, 12 Aug 2022 08:16:59 GMT
ETag
RX505d6b14b8dd4151861b7b8be62c9851005
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Server
Tengine
Transfer-Encoding
chunked
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame C7E8
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=cd84a901-d0df-4be7-b718-962708b5da28&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=70B1E182-C5A6-4B0E-914D-DCB16A48E702
42 B
353 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=70B1E182-C5A6-4B0E-914D-DCB16A48E702
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.176.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-176-63.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
42
content-type
image/gif
date
Fri, 12 Aug 2022 08:16:59 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 12 Aug 2022 08:16:59 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=70B1E182-C5A6-4B0E-914D-DCB16A48E702
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 77F8
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=685754946922
42 B
269 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=685754946922
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 11 Aug 2022 20:28:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=685754946922
Pug
simage2.pubmatic.com/AdServer/ Frame 32BC
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EuNKy5Se1OmpQM5&gdpr=0&gdpr_consent=
42 B
196 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EuNKy5Se1OmpQM5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 12 Aug 2022 08:17:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Fri, 12 Aug 2022 08:16:59 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EuNKy5Se1OmpQM5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-0f1a173e627f786e2@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
i.match
a.tribalfusion.com/ Frame 03FE 		43 B
706 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7397c5a32f6decfa-YUL
content-length
43
content-type
image/gif; charset=utf-8
date
Fri, 12 Aug 2022 08:16:59 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
Pug
simage2.pubmatic.com/AdServer/ Frame B4F5
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7135786191051565085&uid=Q713578619105156...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7135786191051565085
42 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7135786191051565085
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 12 Aug 2022 08:16:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=61230
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Fri, 12 Aug 2022 08:16:59 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7135786191051565085
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
pubmatic
s.seedtag.com/cs/cookiesync/ Frame 46D7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/cs/cookiesync/pubmatic?channeluid=70B1E182-C5A6-4B0E-914D-DCB16A48E702
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 12 Aug 2022 08:16:59 GMT
server
nginx
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DA29
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cLHhgsWmSw6RTdyxakjnAg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=63026
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Sat, 13 Aug 2022 01:47:25 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame DA29
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=70B1E182-C5A6-4B0E-914D-DCB16A48E702
  • https://pippio.com/api/sync?pid=5324&it=1&iv=0da3d60a39531c26c7d0ccb0b2bd7b5b9a9feee8c0aac86c18c6336e20263184791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAwZGEzZDYwYTM5NTMxYzI2YzdkMGNjYjBiMmJkN2I1YjlhOWZlZWU4YzBhYWM4NmMxOGM2MzM2ZTIwMjYzMTg0NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAwZGEzZDYwYTM5NTMxYzI2YzdkMGNjYjBiMmJkN2I1YjlhOWZlZWU4YzBhYWM4NmMxOGM2MzM2ZTIwMjYzMTg0NzkxNDI2YjU0MTdkY2UyMRAAGgwI-5jYlwYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=37ebf2bc-982a-4bc1-96f1-311c392b6bb1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=37ebf2bc-982a-4bc1-96f1-311c392b6bb1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 08:17:00 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=37ebf2bc-982a-4bc1-96f1-311c392b6bb1
date
Fri, 12 Aug 2022 08:17:00 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame DA29
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=68b862f6-0c7b-4a00-b2c4-cacfdb239ab0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=68b862f6-0c7b-4a00-b2c4-cacfdb239ab0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:58 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 12 Aug 2022 08:16:59 GMT
Server
MT3 4475 c1dc35a master ord-pixel-x30 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=68b862f6-0c7b-4a00-b2c4-cacfdb239ab0
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 12 Aug 2022 08:16:58 GMT
Pug
image2.pubmatic.com/AdServer/ Frame DA29
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzBCMUUxODItQzVBNi00QjBFLTkxNEQtRENCMTZBNDhFNzAy&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame DA29
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHD19s7l5WMz-KQ2stn42hA&google_cver=1
42 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHD19s7l5WMz-KQ2stn42hA&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHD19s7l5WMz-KQ2stn42hA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame DA29
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:8315754224554931B82C11B06ADF48C8
42 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:8315754224554931B82C11B06ADF48C8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Fri, 12 Aug 2022 08:16:59 GMT
x-content-type-options
nosniff
server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:8315754224554931B82C11B06ADF48C8
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Thu, 11 Aug 2022 08:16:59 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame DA29
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4276077296345607779&gdpr=0&gdpr_consent=&us_privacy=
1 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4276077296345607779&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 19:46:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4276077296345607779&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame DA29
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b88f2951-bac5-41e7-bff4-9adb35ec6b09
42 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b88f2951-bac5-41e7-bff4-9adb35ec6b09
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b88f2951-bac5-41e7-bff4-9adb35ec6b09
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
70B1E182-C5A6-4B0E-914D-DCB16A48E702
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame DA29 		43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/70B1E182-C5A6-4B0E-914D-DCB16A48E702?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:b371:809f:9514:eb53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame DA29
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=70B1E182-C5A6-4B0E-914D-DCB16A48E702&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-V0kHGOZE2uUqnoNOj8GydYDJj2djFnY-~A&gdpr=0&gdpr_consent=
0
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-V0kHGOZE2uUqnoNOj8GydYDJj2djFnY-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:00 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-V0kHGOZE2uUqnoNOj8GydYDJj2djFnY-~A&gdpr=0&gdpr_consent=
date
Fri, 12 Aug 2022 08:16:59 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame DA29 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.178.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-178-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame DA29
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=1f908b89-879f-4467-acd7-d70027d2a07e&gdpr=0&gdpr_consent=
1 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=1f908b89-879f-4467-acd7-d70027d2a07e&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 19:28:48 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=1f908b89-879f-4467-acd7-d70027d2a07e&gdpr=0&gdpr_consent=
Date
Fri, 12 Aug 2022 08:16:59 GMT
X-CI-RTID
76911d01-dc19-4675-aa63-7d67c7f3c229
Connection
keep-alive
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame DA29
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=70B1E182-C5A6-4B0E-914D-DCB16A48E702&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3de659a29f5f0c9b&is_secure=true&networkId=17100&version=1&nuid=70B1E182-C5A6-4B0E-914D-DCB16A48E702&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAEenv8SllOlANBxLGhAAAAAAA&expiration=1660378619&nuid=70B1E182-C5A6-4B0E-914D-DCB16A48E702&...
42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAEenv8SllOlANBxLGhAAAAAAA&expiration=1660378619&nuid=70B1E182-C5A6-4B0E-914D-DCB16A48E702&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAEenv8SllOlANBxLGhAAAAAAA&expiration=1660378619&nuid=70B1E182-C5A6-4B0E-914D-DCB16A48E702&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame DA29
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4838819436260598658&gdpr=0&gdpr_consent=
42 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4838819436260598658&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:59 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
2796d796-d4e4-457b-91be-7e840a585836
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4838819436260598658&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame DA29
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l96el5GPz8CMj8mXk9nVxcfcwJmMjcrCl9Wb7ZIr
42 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l96el5GPz8CMj8mXk9nVxcfcwJmMjcrCl9Wb7ZIr
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l96el5GPz8CMj8mXk9nVxcfcwJmMjcrCl9Wb7ZIr
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame DA29
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341&gdpr=0&gdpr_consent=
42 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:58 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame DA29
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=9f6c8083-3ab4-40a9-9e61-00d2d73f3398&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ss...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=pubmatic&user_id=n-cnxRr_xB-fZyP8lkZj0
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9f6c8083-3ab4-40a9-9e61-00d2d73f3398&gdpr=&gdpr_consent=&gdpr_pd=
1 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9f6c8083-3ab4-40a9-9e61-00d2d73f3398&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9f6c8083-3ab4-40a9-9e61-00d2d73f3398&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 12 Aug 2022 08:17:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sn.ashx
pmp.mxptint.net/ Frame DA29
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B341_F47CC22C_FF438A0D&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
HTTP/1.1
Server
204.2.255.233 Fort Lauderdale, United States, ASN2914 (NTT-LTD-2914, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-343279020; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:16:59 GMT
Cache-Control
no-cache
Expires
-1
Content-Length
43
Strict-Transport-Security
max-age=-343279020; includeSubDomains
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Thu, 11 Aug 2022 21:17:13 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame DA29
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4985186688463408566
42 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4985186688463408566
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4985186688463408566
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pubmatic
sync.resetdigital.co/csync/ Frame DA29 		0
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CFBD 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 08:16:59 GMT
index.v1.html
config.seedtag.com/standard-iframe/ Frame D4EC 		215 B
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://config.seedtag.com/standard-iframe/index.v1.html
Requested by
Host: www.protocolo7em7.com.br.hackeandoansiedade.space
URL: https://www.protocolo7em7.com.br.hackeandoansiedade.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.133.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1298edbdd61716cdfd4e5b6ae4d6bbc598282a86c23c5eee134965e052f5d878

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
*
age
1592
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=86400, public
cf-cache-status
DYNAMIC
cf-ray
7397c5a39f7ba1de-YYZ
content-encoding
br
content-type
text/html
date
Fri, 12 Aug 2022 08:16:59 GMT
etag
W/"0759a5dea81fe23c38bb84d4453f6ac5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Sat, 13 Aug 2022 07:50:27 GMT
last-modified
Tue, 25 Jun 2019 10:34:38 GMT
server
cloudflare
vary
Accept-Encoding
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 8EDA
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBbGtUls40sgK35ib-L7i_w&google_cver=1&google_push=AehlK4BeSa2-brZu28oj7klo7fKdzYy6Zuqke-tv-YKWulpOKZa-PiPMA5yfDBUOhFa4IvtEtnHDo8Eocz6xz85XDMJzPXdV8z-qO...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDI3NjA3NzI5NjM0NTYwNzc3OQ==&gdpr=0&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEBbGtUls40sgK35ib-L7i_w&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEBbGtUls40sgK35ib-L7i_w&google_cver=1
Requested by
Host: 684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
URL: https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Server
2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEBbGtUls40sgK35ib-L7i_w&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 8EDA 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEMNJtiFDtTABYCpqmp-Mfjo&google_cver=1&google_push=AehlK4D7VyIkAE-VvtZlkMfyFjt0-ZeqWmfc4p__xjVOeZUnNLYBNmfkoWpvaqNAJ2vFyw10yL9oNQg-84N_ECoYv6vJ35ODC7BCXr_QAMN_-eDzXdK-9Db1O3MwUJXFnIxIrnwGI31LCdE
Requested by
Host: 684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
URL: https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
CookieSyncAdX
rtb.adentifi.com/ Frame 8EDA 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncAdX?google_gid=CAESEOUyHf00w4dcJCWJuRyLRdo&google_cver=1&google_push=AehlK4B8OdvzXeK0bCrYyKHeunVMMqOAFECcxJnwSRDpPi3QE60tJzBc8992K7fDkwGyCtYO9FGOnBOfulQdi1FT7F2n_PH30p5WqBMlJRCVmuM2QaTukDNuuQYGOUKp-sUc_fRSx4SDoHM
Requested by
Host: 684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
URL: https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.178.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-178-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
pixel
cm.g.doubleclick.net/ Frame 8EDA
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEI...
  • https://sync.targeting.unrulymedia.com/csync/RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4DWW_BCEPwGvQnHf2n-8...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4DWW_BCEPwGvQnHf2n-8vZuYrGI1VFl1i5Tht1V6HS3HfoMMmsVnEI8eWrYXHlzxL3ihZK8uW-M-99T7ysictLrfK-CjV0VNwlsTxQeaLNXmKqUaunmutrj_SpQdfPVzVvf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4DWW_BCEPwGvQnHf2n-8vZuYrGI1VFl1i5Tht1V6HS3HfoMMmsVnEI8eWrYXHlzxL3ihZK8uW-M-99T7ysictLrfK-CjV0VNwlsTxQeaLNXmKqUaunmutrj_SpQdfPVzVvfEe-hDfGB&google_hm=BVBdaxS43UFRhht7i-YsmFE
Requested by
Host: 684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
URL: https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 12 Aug 2022 08:16:59 GMT
Server
Tengine
ETag
RX505d6b14b8dd4151861b7b8be62c9851005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4DWW_BCEPwGvQnHf2n-8vZuYrGI1VFl1i5Tht1V6HS3HfoMMmsVnEI8eWrYXHlzxL3ihZK8uW-M-99T7ysictLrfK-CjV0VNwlsTxQeaLNXmKqUaunmutrj_SpQdfPVzVvfEe-hDfGB&google_hm=BVBdaxS43UFRhht7i-YsmFE
Connection
keep-alive
Content-Type
text/html
pixel
cm.g.doubleclick.net/ Frame 8EDA
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEGL5DJeBG3sIe5vuKJlC03Q&google_cver=1&google_push=AehlK4DVUWUuL-d-56-tFtWd4NXNTIPxjL3IS9ZTsaFTYYhVCoFTqssME9QsLDNxUVwMgXTVc9yOLy9H...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEGL5DJeBG3sIe5vuKJlC03Q%26google_cver%3D1%26google_push%3DAehlK4DVUWUuL-d-56-tFt...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A8197508655130880941&exchange=193&google_gid=CAESEGL5DJeBG3sIe5vuKJlC03Q&google_cver=1&google_push=AehlK4DVUWUuL-d-56-tFtWd4NXNTIPxjL3IS9ZTsaFTYYhVCoFT...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTgxOTc1MDg2NTUxMzA4ODA5NDE&google_push=AehlK4DVUWUuL-d-56-tFtWd4NXNTIPxjL3IS9ZTsaFTYYhVCoFTqssME9QsLDNxUVwMgXTVc9yOLy9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTgxOTc1MDg2NTUxMzA4ODA5NDE&google_push=AehlK4DVUWUuL-d-56-tFtWd4NXNTIPxjL3IS9ZTsaFTYYhVCoFTqssME9QsLDNxUVwMgXTVc9yOLy9H2zMOukCBlSmKNG9eQVBXKe17s-4y3QTnEFZLp5ZoT0ppSudcVI8OaI-QLIEijFEA
Requested by
Host: 684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
URL: https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTgxOTc1MDg2NTUxMzA4ODA5NDE&google_push=AehlK4DVUWUuL-d-56-tFtWd4NXNTIPxjL3IS9ZTsaFTYYhVCoFTqssME9QsLDNxUVwMgXTVc9yOLy9H2zMOukCBlSmKNG9eQVBXKe17s-4y3QTnEFZLp5ZoT0ppSudcVI8OaI-QLIEijFEA
Date
Fri, 12 Aug 2022 08:16:59 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 8EDA
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEGWd-S1kGWWiuZjBY_4sR8c&google_cver=1&google_push=AehlK4ATLOX4-weAGNNVd-TdkZdMDR06fmZnR-hIkJQw-oHJ3TSIKja51WEvDEL3ELDqz6qjUbNRKWwUlfLY6s9SV_A_IjT...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AehlK4ATLOX4-weAGNNVd-TdkZdMDR06fmZnR-hIkJQw-oHJ3TSIKja51WEvDEL3ELDqz6qjUbNRKWwUlfLY6s9SV_A_IjTxX2sGZgjYHSNwHgZsVBknjG4pbY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AehlK4ATLOX4-weAGNNVd-TdkZdMDR06fmZnR-hIkJQw-oHJ3TSIKja51WEvDEL3ELDqz6qjUbNRKWwUlfLY6s9SV_A_IjTxX2sGZgjYHSNwHgZsVBknjG4pbYjkG81SvCCwAwwDvT9X_4la&google_hm=MTc4Mzc3NzMxNDk1NDk5NjY5Ng==
Requested by
Host: 684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
URL: https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AehlK4ATLOX4-weAGNNVd-TdkZdMDR06fmZnR-hIkJQw-oHJ3TSIKja51WEvDEL3ELDqz6qjUbNRKWwUlfLY6s9SV_A_IjTxX2sGZgjYHSNwHgZsVBknjG4pbYjkG81SvCCwAwwDvT9X_4la&google_hm=MTc4Mzc3NzMxNDk1NDk5NjY5Ng==
Date
Fri, 12 Aug 2022 08:16:59 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 8EDA
Redirect Chain
  • https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEBrrLmDQPLPsDdUfrpKreiU&google_cver=1&google_push=AehlK4CRBRITrGECB1Fw8xM-XvY3Mqlj7xljWF0MY4z59gbjQfnHfzG6bhrHvUVdUkbJ1gJuoZc6IzYQyNzezVOZDGjK7...
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Demx_eb%26google_hm%3DNTM2MTE2NjAyOTIyMTk1OTQyMzJhYg%3D%3D&b6...
  • https://cs.emxdgt.com/umcheck?apnxid=4838819436260598658&redirect=https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTM2MTE2NjAyOTIyMTk1OTQyMzJhYg==&b64_redirect=aHR0cHM6Ly9jbS5nLmRvdW...
  • https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTM2MTE2NjAyOTIyMTk1OTQyMzJhYg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTM2MTE2NjAyOTIyMTk1OTQyMzJhYg==
Requested by
Host: 684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
URL: https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTM2MTE2NjAyOTIyMTk1OTQyMzJhYg==
date
Fri, 12 Aug 2022 08:16:59 GMT
content-length
0
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 8EDA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L0ZVQv3wVICv-1GAS8__E2vdg9zxzLr60CSd-FGCJEu6Vvy6ymElpInuQqYU0lfl_LX2nEo6ho
Requested by
Host: 684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
URL: https://684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
usync.js
eus.rubiconproject.com/ Frame F4F3 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
843061eb460de0b038e56183343e2f2308875530fb61d3cdbdd47c1604c0557d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:16:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54906
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9453
Expires
Fri, 12 Aug 2022 23:32:05 GMT
cm
us-u.openx.net/w/1.0/ Frame 5EC6 		827 B
527 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1660292218712&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
1b513d5f0c04b60a8498d42222a518eb138443aa820655d4ca3b00848df89788

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
508
content-type
text/html
date
Fri, 12 Aug 2022 08:16:59 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/ Frame 095B
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fuid%3D$UID
  • https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?uid=FIewiLZHvvFnkDbISHKtAJTx
95 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?uid=FIewiLZHvvFnkDbISHKtAJTx
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1660292218712&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:00 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

Date
Fri, 12 Aug 2022 08:16:59 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?uid=FIewiLZHvvFnkDbISHKtAJTx
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
sync
ups.analytics.yahoo.com/ups/58170/ Frame 095B
Redirect Chain
  • https://pixel.advertising.com/ups/58170/sync?gdpr=1&gdpr_consent=&_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58170/sync?gdpr=1&gdpr_consent=&_origin=1&redir=true
0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58170/sync?gdpr=1&gdpr_consent=&_origin=1&redir=true
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1660292218712&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Server
3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-90-66.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:00 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58170/sync?gdpr=1&gdpr_consent=&_origin=1&redir=true
date
Fri, 12 Aug 2022 08:16:59 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
sync.richaudience.com/1334b6ec0ff0dc970481738a2374448c/ Frame 095B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58368/occ?gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/1334b6ec0ff0dc970481738a2374448c/?uid=y-GGO5hFJE2uHPcDF0tm9CIuHvW1eL_xKfQl1VqTc-~A&gdpr=0&gdpr_consent=
95 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1334b6ec0ff0dc970481738a2374448c/?uid=y-GGO5hFJE2uHPcDF0tm9CIuHvW1eL_xKfQl1VqTc-~A&gdpr=0&gdpr_consent=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1660292218712&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:00 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/1334b6ec0ff0dc970481738a2374448c/?uid=y-GGO5hFJE2uHPcDF0tm9CIuHvW1eL_xKfQl1VqTc-~A&gdpr=0&gdpr_consent=
date
Fri, 12 Aug 2022 08:16:59 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/ Frame 095B
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fuid%3D[sas_uid]&gdpr_consent=&nwid=2441/
  • https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=3845884433550291021
95 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=3845884433550291021
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1660292218712&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:00 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=3845884433550291021
date
Fri, 12 Aug 2022 08:16:59 GMT
content-length
0
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 095B
Redirect Chain
  • https://spl.zeotap.com/?zdid=689&env=mWeb&eventType=pageview
  • https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=7351786a-e0d8-4f6b-5153-d1ba26190284&env=mWeb&eventType=pageview&id_mid_4=7351786a-e0d8-4f6b-5153-d1ba26190284&reqId=c88c84ab-7ebf-4cb...
95 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=7351786a-e0d8-4f6b-5153-d1ba26190284&env=mWeb&eventType=pageview&id_mid_4=7351786a-e0d8-4f6b-5153-d1ba26190284&reqId=c88c84ab-7ebf-4cb7-41ee-73cf205a2030&zdid=689
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1660292218712&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:00 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

date
Fri, 12 Aug 2022 08:16:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
location
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=7351786a-e0d8-4f6b-5153-d1ba26190284&env=mWeb&eventType=pageview&id_mid_4=7351786a-e0d8-4f6b-5153-d1ba26190284&reqId=c88c84ab-7ebf-4cb7-41ee-73cf205a2030&zdid=689
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://sync.richaudience.com
access-control-allow-credentials
true
cf-ray
7397c5a4edb97157-YUL
access-control-allow-headers
*
gdpr_consent=
sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/ Frame 095B
Redirect Chain
  • https://id5-sync.com/s/286/9.gif?puid=e67ee749-143a-4422-8345-1zz1660292219&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.richaudience.com%2Fa6c163b098d05a413cd1682e26fae172%2F%3Fuid%3D%7BID5UID%7D
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/286/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/286/2/8/2.gif?puid=4838819436260598658&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMO-PxwOt7khudEAbM4oQdOGGog4hJ2pO1fy_9tag&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/286/3/7/3.gif?puid=3f4262f6-0c7b-4700-a042-2230177506f6&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F429%2F6%2F4.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/286/429/6/4.gif?puid=70B1E182-C5A6-4B0E-914D-DCB16A48E702&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F434%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/286/434/5/5.gif?puid=68c2bd3f-a362-4eac-be9c-d1e0fe3062fe&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/286/108/4/6.gif?puid=f89f2ecc-d918-4ba9-b6f0-2c45fbe382da&gdpr=0&gdpr_consent=
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F136%2F3%2F7.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/286/136/3/7.gif?puid=YvYMeQAF1xc1xgA0&gdpr=0&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_I...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opi...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEKXAM8HY5f6APKhmh_B-mRs&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4838819436260598658&opid=apx&ops=&utidl=tech:goo:CAESEKXAM8HY5f6APKhmh_B-mRs&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9OCZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A28682834164&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj0yODYmZm9ybWF0PWdpZiY&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/286/19/1/9.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
0
0
index.v1.html
config.seedtag.com/standard-iframe/ Frame DF5C 		215 B
474 B 		Document
General
Check archive.org
Download Go to
Full URL
https://config.seedtag.com/standard-iframe/index.v1.html
Requested by
Host: www.protocolo7em7.com.br.hackeandoansiedade.space
URL: https://www.protocolo7em7.com.br.hackeandoansiedade.space/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.133.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1298edbdd61716cdfd4e5b6ae4d6bbc598282a86c23c5eee134965e052f5d878

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
*
age
1592
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=86400, public
cf-cache-status
DYNAMIC
cf-ray
7397c5a54c9da240-YYZ
content-encoding
br
content-type
text/html
date
Fri, 12 Aug 2022 08:16:59 GMT
etag
W/"0759a5dea81fe23c38bb84d4453f6ac5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Sat, 13 Aug 2022 07:50:27 GMT
last-modified
Tue, 25 Jun 2019 10:34:38 GMT
server
cloudflare
vary
Accept-Encoding
match
events-ssc.33across.com/ Frame F4F3
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=L6Q748YP-1X-5LKK
  • https://ssc-cms.33across.com/ps/?xi=1&xu=L6Q748YP-1X-5LKK
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L6Q748YP-1X-5LKK&ts=1660292220&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L6Q748YP-1X-5LKK&ts=1660292220&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:00 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L6Q748YP-1X-5LKK&ts=1660292220&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 887E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
999
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 08:00:20 GMT
expires
Sat, 12 Aug 2023 08:00:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D37C 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8b269797084497628d89155d362722044c4a0e1e9477fda2247ceee9f7b9e26b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2VjB05_sxjCxsFtbEbZQ8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-2VjB05_sxjCxsFtbEbZQ8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 08:16:59 GMT
expires
Fri, 12 Aug 2022 08:16:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pr
s.amazon-adsystem.com/v3/ Frame 1030 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
7b9c12a670d4d321568e422ad01ce64729a3b0c18e3b09b5dfe60eb50ce5b8c0
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2356
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 12 Aug 2022 08:16:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
PYFB50YXW072E48J3980
cookiesyncendpoint
sync.aniview.com/ Frame 3CD2
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3De0a062c9-8bf8-48ab-bf86-90e0df03fa89%26biddername%3D55%26key%3D%24UID
  • https://sync.aniview.com/cookiesyncendpoint?auid=e0a062c9-8bf8-48ab-bf86-90e0df03fa89&biddername=55&key=4838819436260598658
0
215 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=e0a062c9-8bf8-48ab-bf86-90e0df03fa89&biddername=55&key=4838819436260598658
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/ssync/5e0e296628a061270b21ccab/ssync.html?pid=5e0e296628a061270b21ccab&r=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3De8ecb87ff2ef3a3b16ba16c51e7986ac%26visitor%3D%5BAV_UID%5D%26name%3DOPENWEB_VIDEO&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.17.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-17-67.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.aniview.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
date
Fri, 12 Aug 2022 08:16:59 GMT

Redirect headers

AN-X-Request-Uuid
c99bc349-d12e-4f4a-bb50-4d47f58e8196
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Fri, 12 Aug 2022 08:16:59 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?auid=e0a062c9-8bf8-48ab-bf86-90e0df03fa89&biddername=55&key=4838819436260598658
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
usync.html
eus.rubiconproject.com/ Frame ED24
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/ssync/5e0e296628a061270b21ccab/ssync.html?pid=5e0e296628a061270b21ccab&r=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3De8ecb87ff2ef3a3b16ba16c51e7986ac%26visitor%3D%5BAV_UID%5D%26name%3DOPENWEB_VIDEO&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://player.aniview.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Aug 2022 08:16:59 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 12 Aug 2022 08:16:59 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
server
AkamaiGHost
cookiesyncendpoint
sync.aniview.com/ Frame D328
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3De0a062c9-8bf8-48ab-bf86-90e0df03fa89%26biddername%3D2%26key%3D%24SPOTX_USE...
  • https://sync.aniview.com/cookiesyncendpoint?auid=e0a062c9-8bf8-48ab-bf86-90e0df03fa89&biddername=2&key=22d04db5-1a17-11ed-9272-185744bf0403
0
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=e0a062c9-8bf8-48ab-bf86-90e0df03fa89&biddername=2&key=22d04db5-1a17-11ed-9272-185744bf0403
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/ssync/5e0e296628a061270b21ccab/ssync.html?pid=5e0e296628a061270b21ccab&r=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3De8ecb87ff2ef3a3b16ba16c51e7986ac%26visitor%3D%5BAV_UID%5D%26name%3DOPENWEB_VIDEO&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.17.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-17-67.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.aniview.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
date
Fri, 12 Aug 2022 08:16:59 GMT

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Fri, 12 Aug 2022 08:16:59 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?auid=e0a062c9-8bf8-48ab-bf86-90e0df03fa89&biddername=2&key=22d04db5-1a17-11ed-9272-185744bf0403
Server
nginx
X-fe
256
cookiesyncendpoint
sync.aniview.com/ Frame 9931
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3De0a062c9-8bf8-48ab-bf86-90e0df03fa89%26biddername%3D72%26pid%3D5e0e296628a0...
  • https://tags.bluekai.com/site/17724?id=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3De0a062c9-8bf8-48ab-bf86-90e0df03fa89%26b...
  • https://sync.aniview.com/cookiesyncendpoint?auid=e0a062c9-8bf8-48ab-bf86-90e0df03fa89&biddername=72&pid=5e0e296628a061270b21ccab&key=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341
0
258 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=e0a062c9-8bf8-48ab-bf86-90e0df03fa89&biddername=72&pid=5e0e296628a061270b21ccab&key=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/ssync/5e0e296628a061270b21ccab/ssync.html?pid=5e0e296628a061270b21ccab&r=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3De8ecb87ff2ef3a3b16ba16c51e7986ac%26visitor%3D%5BAV_UID%5D%26name%3DOPENWEB_VIDEO&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.17.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-17-67.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.aniview.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
date
Fri, 12 Aug 2022 08:17:00 GMT

Redirect headers

content-length
0
date
Fri, 12 Aug 2022 08:17:00 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=e0a062c9-8bf8-48ab-bf86-90e0df03fa89&biddername=72&pid=5e0e296628a061270b21ccab&key=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
container.html
ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4B0A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 08:16:59 GMT
expires
Sat, 12 Aug 2023 08:16:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ab
nym1-ib.adnxs.com/ Frame D4EC 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&e=wqT_3QLWDvDtVgcAAAMA1gAFAQj6mNiXBhCAsoDMu7O4vnEY1tmUoq6KibFkKjYJRHzTS-GUzj8RXiBifroEyT8ZAAAAYLgeDUAhxvp054r80j8pTBqjdVQ11z8xAAAA4FG43j8whfrzCjipH0CYOUgCUPTYiLABWMWqlQFgAGjPglZ46s8FgAEBigEDVVNEkgEDQlJMmAGsAqAB2ASoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKApYBdWYoJ2EnLCA1NTY3NDUwLCAxNjYwMjkyMjE4KTt1ZignaScsIDczODUxOTUsIDE2NjAyOTIyMTgpOwEdLGcnLCAxODM4NDE5MUY7ADBzJywgMjc2NDYzNjI2Rh8AMHInLCAzNjkyNDEyMDQ2HwDwi5ICoQQhVzJtVW5BajU5YlVaRVBUWWlMQUJHQUFneGFxVkFUQUVPQUJBQUVpWU9WQ0Ytdk1LV0FCZ3BnWm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUkNvQVFxd0FRQzVBUVVjU1lGWE5kY193UUVGSEVtQlZ6WFhQOGtCQUFBQUFBQUE4RF9aQVFBCQ50UEFfNEFIcjRNSUQ5UUZQdERJX21BSUFvQUlCdFFJBSQAdg0I8Gl3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlCZ0FNQm1BTUJvZ01PQ0xQaWhTTVFDeGdDTFFBQUFBQzZBd2xPV1UweU9qVTNNVExnQTRJdmdBVDg4dDRJaUFUTXJPTUlrQVFCbUFRQndRBTUJAQhNa0UJCQEBGERZQkFEeEIBCw0B4GlBWFFMSmdGaW9EcWd3R3BCWUtRTEdBQ2R4UkFzUVVBQUFEZ3Q4amRQOEVGQUFBQTZJbFc1al9KQhFjDFBBXzAFKA0BBE5rBSgBAfBDOERfZ0JhZWJBdkFGdjRyaUNQZ0YydWZUQW9JR0ExVlRSSWdHQkpBR0FaZ0dBS0VHbXBtWm1abVo3VC1vQmdTeUJpUUoBSA0BAFINCAEBAFoBBQ0BAGgNCCEoPDRCZ28umgKZASFKQmFGanc6JQI0TVdxbFFFZ0FDZ0FNWnEFbRhtZTBfT2dsPV0USkFnaTlKAU8BAQg4RDkdeQBCHXkAQh15BEJwASwJAQRCeAkIAQEQQjRBSWs1cPDQOEQ4LrICJDZjMDZjNjc5LWQxZDMtNDY1OC1hNTRhLTZkZDE5ZTY2ZmM0M9gCn0bgAu6QXeoCamh0dHBzOi8vZ2xhbW91ci5nbG9iby5jb20vbGlmZXN0eWxlL25vdGljaWEvMjAxOS8xMi9tZWxob3Jlcy1kby1hbm8tb3MtbWVtZXMtbWFpcy1lbmdyYWNhZG9zLWRlLTIwMTkuZ2h0bWzyAhEKBkFEVl9JRBIHNTU2NzQ1MPICEgoGQ1BHX0lEEggxODM4NDE5MfICEgoFQ1ABFAwJMjc2aco88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAWEgBzczODUxOTXyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwVCghTUExJVAFNGdn0BQGAAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOSiALgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xNDkuNTYuMTUzLjE3OagEALIEDAgAEAAYACAAMAA4ArgEAMAEzcC5IsgEANIEDjczMjAjTllNMjo1NzEy2gQCCAHgBADwBPTYiLAB-gQSCQAAAKDvv0ZAEQAAAGBtZVLAiAUBmAUAoAX___________8BqgUtODQ5MjQwOTctMjI1OC00NTFlLTg2ODQtMWI0MDVjNGQ5YzQzX0FwcE5leHVzwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFkZRA-gUEAbYokAYAmAYAuAYAwQYBLzAAAPA_0AapJdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSAQYAAX-MLQEQADIB-rPBdIHDQkROgE4CNoHBgknaOAHAOoHAggA8AfE_weKCAIQAJUIAACAP5gIAQ..&s=a5c58e0fd0f2ff0b1584461b63d59a7eea1f225e&pp=0.195457
Requested by
Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.113 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9012814f69fe0a6631bf48f441a0bbbae0b90fa762d8caa8ce3b3aca496e1837
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:17:00 GMT
Content-Encoding
gzip
X-Creative-ID
369241204
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
92618b65-2aac-421d-8374-15825d14e6c1
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
event
s.seedtag.com/s/ Frame D4EC 		43 B
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/s/event?type=imp&id=84924097-2258-451e-8684-1b405c4d9c43_AppNexus_1
Requested by
Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
image/gif
access-control-allow-credentials
true
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
activeview
pagead2.googlesyndication.com/pcs/ Frame CFBD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstl3QFG40Sz_a60nRxjl7R5b8sSj20AMIlnrB7_o5S1TUe1NUhe4riPt_JVfhpuoCZydl1_uQmC6unYB76664tY35hHxRwPQG7uvmq4U3pD2MKDkbKJ&sig=Cg0ArKJSzPcmInNzmENGEAE&id=lidar2&mcvt=1084&p=773,892,1023,1192&mtos=1084,1084,1084,1084,1084&tos=1084,0,0,0,0&v=20220810&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3576296953&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660292218010&rpt=733&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csync
sync.spotim.market/ Frame 906D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=4838819436260598658
0
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=271858&extuid=4838819436260598658
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
0
Date
Fri, 12 Aug 2022 08:16:59 GMT
Etag
89046e99fc5497cd
Server
Adtelligent

Redirect headers

AN-X-Request-Uuid
4962ea00-8e0f-4776-a0e0-f1d78f83a8c6
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Fri, 12 Aug 2022 08:17:00 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.spotim.market/csync?t=a&ep=271858&extuid=4838819436260598658
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
/
onetag-sys.com/usync/ Frame 5740 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.187 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip187.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
csync
sync.spotim.market/ Frame 3D69
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58558/occ
  • https://sync.spotim.market/csync?t=a&ep=488792&extuid=y-RydbI5hE2uFDB9iSgTjz3M_1h9BFwOrDNIvwXc0-~A
0
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=488792&extuid=y-RydbI5hE2uFDB9iSgTjz3M_1h9BFwOrDNIvwXc0-~A
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
0
Date
Fri, 12 Aug 2022 08:17:00 GMT
Etag
89046e99fc5497cd
Server
Adtelligent

Redirect headers

age
0
content-length
0
date
Fri, 12 Aug 2022 08:16:59 GMT
location
https://sync.spotim.market/csync?t=a&ep=488792&extuid=y-RydbI5hE2uFDB9iSgTjz3M_1h9BFwOrDNIvwXc0-~A
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.0.46
strict-transport-security
max-age=31536000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0298 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=63026
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 12 Aug 2022 08:16:59 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 13 Aug 2022 01:47:25 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
csync
sync.spotim.market/ Frame FBC0 		0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=309017&extuid=${USER_ID}
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:17:00 GMT
Server
Adtelligent
Etag
89046e99fc5497cd
Content-Length
0
csync
sync.spotim.market/ Frame FBC0
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F2069.55%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=2120667406
  • https://tags.bluekai.com/site/17724?id=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F2069.55%2F3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60...
  • https://sync.1rx.io/usersync3/centro/2069.55/3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341?zcc=0&sspret=1&rndcb=2120667406
  • https://sync.targeting.unrulymedia.com/csync/RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D708476%26extuid%3DRX-505d6b14-b8dd-4151-861b-7...
  • https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:17:01 GMT
Server
Adtelligent
Etag
89046e99fc5497cd
Content-Length
0

Redirect headers

Date
Fri, 12 Aug 2022 08:17:00 GMT
Server
Tengine
ETag
RX505d6b14b8dd4151861b7b8be62c9851005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005
Connection
keep-alive
Content-Type
text/html
csync
sync.spotim.market/ Frame FBC0
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D%24%7BUID%7D
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=86d69b07-3e8c-4cfc-9a1f-40ef9a64da8e
0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=482928&extuid=86d69b07-3e8c-4cfc-9a1f-40ef9a64da8e
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:17:00 GMT
Server
Adtelligent
Etag
89046e99fc5497cd
Content-Length
0

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.spotim.market/csync?t=a&ep=482928&extuid=86d69b07-3e8c-4cfc-9a1f-40ef9a64da8e
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
qoe8fncjujli2h366eo0l6hrdsed4pgn
sync
visitor.omnitagjs.com/visitor/ Frame FBC0
Redirect Chain
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Fredir%3Dhttps%253A%252F%252Fvisitor.omnitagjs.com%252Fvisitor%252Fsync%253Fuid%253D9f93135e824096b627ff609f5cdee636...
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D9f93135e824096b627ff609f5cdee636%26visitor%3D%7Buid%7D%26name%3DOPENWEB
  • https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=89046e99fc5497cd&name=OPENWEB
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=89046e99fc5497cd&name=OPENWEB
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-type
image/gif
content-length
49
expires
0

Redirect headers

Location
https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=89046e99fc5497cd&name=OPENWEB
Date
Fri, 12 Aug 2022 08:16:59 GMT
Server
Adtelligent
Etag
89046e99fc5497cd
Content-Length
0
5007d44e-09d1-49b7-8c99-6b1cc38c3cbc
consumer.krxd.net/consent/get/ 		220 B
307 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_2
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fda4bd08a32841a53a33d5a25662c40070799de74b323f0bbd767d2dad207ff1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:16:59 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a003-ash-prod.krxd.net, cache-yul12834-YUL
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1660292220.916309,VS0,VE19
content-length
185
x-cache-hits
0, 0
truncated
/ Frame AB94 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame AB94 		182 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36c9e60ac74544c751a47fdcf9f3e39300f7a2e8778fba52354fb4f654fedd87

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame AB94 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
OpenSans_Bold.woff
res-a.akamaihd.net/__media__/fonts/OpenSans_Bold/ Frame AB94 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-a.akamaihd.net/__media__/fonts/OpenSans_Bold/OpenSans_Bold.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=360634848&size=320x480&cc=CA&chnm=HARMONY&pid=8POPGE52H&tpid=TG41K38&https=1&vif=2&requrl=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&nse=5&vi=1660292219385956852&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&bae=B44egagqBq&bcpf=B48fOnRrolnfOur84egagqBq&bdrId=294&bid=325626&ntv=0&matchstring=hr%3D0%7Cbcat%3D500121%2C501025%2C500780%2C500273%2C500532%2C99603%2C501011%2C501082%2C500008%2C101884%2C500786%2C500900&kttle=SafeFrame%20Container&katpre=1&katbid=-102&pgid=p0442255615t202208120816&goent=1&htmlsrc=1&allsc=QC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.200.0.200 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-0-200.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07

Request headers

Referer
https://contextual.media.net/
Origin
https://contextual.media.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:17:00 GMT
Last-Modified
Mon, 16 May 2016 10:39:41 GMT
Server
nginx
ETag
"5739a36d-6478"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25720
/
sync.richaudience.com/a9b03dc9bdef0bcb818e9c4110ca0368/ Frame 5EC6 		95 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/a9b03dc9bdef0bcb818e9c4110ca0368/?uid=5da55d22-df2d-4863-aaae-0dc136787b49
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:00 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
check
pixel.tapad.com/idsync/ex/receive/ Frame 5EC6
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=b9766734-dc14-4292-bb72-182c28b3d90f
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=b9766734-dc14-4292-bb72-182c28b3d90f
95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=b9766734-dc14-4292-bb72-182c28b3d90f
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:00 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=b9766734-dc14-4292-bb72-182c28b3d90f
date
Fri, 12 Aug 2022 08:17:00 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
ups.analytics.yahoo.com/ups/58294/ Frame 5EC6 		0
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=91cc9741-5f79-455c-a2b4-41f08c9cec6a
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-90-66.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:00 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
396846.gif
idsync.rlcdn.com/ Frame 5EC6
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=eace6bae-4a54-4975-aeea-000922a479db
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=eace6bae-4a54-4975-aeea-000922a479db
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=eace6bae-4a54-4975-aeea-000922a479db
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 08:17:00 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Fri, 12 Aug 2022 08:17:00 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=eace6bae-4a54-4975-aeea-000922a479db
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
sd
us-u.openx.net/w/1.0/ Frame 5EC6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=4838819436260598658
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=4838819436260598658
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:00 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
812f4984-d5ae-4d1f-afd7-69d91dde90ab
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=4838819436260598658
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 5EC6 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=e7de68b5-9bb9-c4ef-319d-026d730cd3e3
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
SN3NWYE2TAA36JEVYV86
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5EC6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4276077296345607779&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4276077296345607779&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:00 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4276077296345607779&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 12 Aug 2022 08:16:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
467226423720066
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/467226423720066?v=2.9.75&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3f42fd3009b499cc3616f3acb8252cc933c4b04ec2faba8d15eb7b88a8af1fb6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86364
x-xss-protection
0
pragma
public
x-fb-debug
0xl8g+JhEJs3n/0DHtf8hEN7aQWJXQIhON6+j5cokF2CR2ZunbX5ua11uMoprqR9LDR0QmCCWPavUrP50NvbZg==
x-frame-options
DENY
date
Fri, 12 Aug 2022 08:17:00 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
OpenSans-Regular.woff
res-a.akamaihd.net/__media__/fonts/OpenSans-Regular/ Frame AB94 		66 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-a.akamaihd.net/__media__/fonts/OpenSans-Regular/OpenSans-Regular.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=360634848&size=320x480&cc=CA&chnm=HARMONY&pid=8POPGE52H&tpid=TG41K38&https=1&vif=2&requrl=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&nse=5&vi=1660292219385956852&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&bae=B44egagqBq&bcpf=B48fOnRrolnfOur84egagqBq&bdrId=294&bid=325626&ntv=0&matchstring=hr%3D0%7Cbcat%3D500121%2C501025%2C500780%2C500273%2C500532%2C99603%2C501011%2C501082%2C500008%2C101884%2C500786%2C500900&kttle=SafeFrame%20Container&katpre=1&katbid=-102&pgid=p0442255615t202208120816&goent=1&htmlsrc=1&allsc=QC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.200.0.200 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-0-200.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5256d55a499ecb71f04dd716cfdf75bf9fe5f863620ec6634e3b43b4e6b11fd8

Request headers

Referer
https://contextual.media.net/
Origin
https://contextual.media.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:17:00 GMT
Last-Modified
Mon, 16 May 2016 10:39:41 GMT
Server
nginx
ETag
"5739a36d-107c8"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
67528
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 688F 		981 B
853 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292218648,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
79f86d2926ea7f14875633d1fcc86b1d675d9e5ce76755b545adc3af3f96b292

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:00 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
607
expires
Fri, 12 Aug 2022 08:17:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 1030
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=6c322cab
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=6c322cab
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
PZN52VFH1GKKG8QPDX8Y
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Fri, 12 Aug 2022 08:17:00 GMT
via
1.1 e1d636b234c38932eb25194cb146dbcc.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PHL50-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=6c322cab
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
iMKjMKfGea_nA-c3uo7c77N5qRKrRUojkavBuX0c4MvjgwiCKtxzbQ==
ecm3
s.amazon-adsystem.com/ Frame 1030
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=8315754224554931B82C11B06ADF48C8&ex=simpli.fi&status=ok
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=8315754224554931B82C11B06ADF48C8&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
J0WXPGV4PZJ6F56P8BDP
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Fri, 12 Aug 2022 08:17:00 GMT
x-content-type-options
nosniff
server
nginx
location
https://s.amazon-adsystem.com/ecm3?id=8315754224554931B82C11B06ADF48C8&ex=simpli.fi&status=ok
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Thu, 11 Aug 2022 08:17:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 1030
Redirect Chain
  • https://jadserve.postrelease.com/suid/101959?ntv_r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dnativo.com%26id%3DNTV_USER_ID
  • https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=7d3c15cb-e172-46cd-9df3-b15717929f10
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=7d3c15cb-e172-46cd-9df3-b15717929f10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
EYJSBNT77Z5SK5XASW2K
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:00 GMT
server
nginx/1.12.1
location
https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=7d3c15cb-e172-46cd-9df3-b15717929f10
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame ED24 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
843061eb460de0b038e56183343e2f2308875530fb61d3cdbdd47c1604c0557d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:17:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54905
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9453
Expires
Fri, 12 Aug 2022 23:32:05 GMT
ab
nym1-ib.adnxs.com/ Frame DF5C 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&e=wqT_3QLVDuhVBwAAAwDWAAUBCPqY2JcGEKfQoMKM0omUCxjW2ZSiroqJsWQqNglEfNNL4ZTOPxFeIGJ-ugTJPxkAAAEC8MIOQCGw3Upq-dXWPyknoImw4enbPzEAAACA61HgPzCB-vMKOKkfQJg5SAJQ_tiIsAFYxaqVAWAAaM-CVnixqQWAAQGKAQNVU0SSAQNCUkyYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigKWAXVmKCdhJywgNTU2NzQ1MCwgMTY2MDI5MjIxOCk7dWYoJ2knLCA3Mzg1MTk1LCAxNjYwMjkyMjE4KTt1ZignZycsIDE4Mzg0MTkxLCAxNjYyHgAwcycsIDI3NjQ2MzYyNkY9ADByJywgMzY5MjQxMjE0Nh8A8IuSAqEEIU1XMXh3UWo1OWJVWkVQN1lpTEFCR0FBZ3hhcVZBVEFFT0FCQUFFaVlPVkNCLXZNS1dBQmdwZ1pvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVJDb0FRcXdBUUM1QVFEV0JCVGw2ZHNfd1FFQTFnUVU1ZW5iUDhrQkFBQUFBQUFBOERfWkFRQQkOdFBBXzRBSHI0TUlEOVFGZDcxWV9tQUlBb0FJQnRRSQUkAHYNCPBpd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQmdBTUJtQU1Cb2dNT0NMUGloU01RQ3hnQ0xRQUFBQUM2QXdsT1dVMHlPalEwTnpYZ0E0SXZnQVQ4OHQ0SWlBVE1yT01Ja0FRQm1BUUJ3UQU1CQEITWtFCQkBARhEWUJBRHhCAQsNAeBpQVg3SXBnRmlvRHFnd0dwQllLUUxHQUNkeFJBc1FVQUFBREFSLW5oUDhFRkFBQUFvT3ZkNmpfSkIRYwxQQV8wBSgNAQROawUoAQHwRjhEX2dCZF9VQXZBRnY0cmlDUGdGMnVmVEFvSUdBMVZUUklnR0JKQUdBWmdHQUtFR21wbVptWm1aN1Qtb0JnU3lCaVFKQUFBEQMAUhEJDEFBQVoBBQ0BAGgNCCEoPDRCZ28umgKZASFNeGJtbEE6JQI0TVdxbFFFZ0FDZ0FNWnEFbRhtZTBfT2dsPV0UVkFnaTlKAU8BAQg4RDkdeQBCHXkAQh15BEJwASwJAQRCeAkIAQEQQjRBSWs1cPDQOEQ4LrICJDZjMDZjNjc5LWQxZDMtNDY1OC1hNTRhLTZkZDE5ZTY2ZmM0M9gCn0bgAu6QXeoCamh0dHBzOi8vZ2xhbW91ci5nbG9iby5jb20vbGlmZXN0eWxlL25vdGljaWEvMjAxOS8xMi9tZWxob3Jlcy1kby1hbm8tb3MtbWVtZXMtbWFpcy1lbmdyYWNhZG9zLWRlLTIwMTkuZ2h0bWzyAhEKBkFEVl9JRBIHNTU2NzQ1MPICEgoGQ1BHX0lEEggxODM4NDE5MfICEgoFQ1ABFAwJMjc2aco88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAWEIBzczhWYA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8OWAAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOSiALgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xNDkuNTYuMTUzLjE3OagEALIEDAgAEAAYACAAMAA4ArgEAMAEzcC5IsgEANIEDjczMjAjTllNMjo0NDc12gQCCAHgBADwBP7YiLAB-gQSCQAAAKDvv0ZAEQAAAGBtZVLAiAUBmAUAoAX___________8BqgUtODc2NzZhNTktN2VmZC00NjI0LWI1YzQtMTliZTM1ODc5MGEwX0FwcE5leHVzwAUAyQUAAMFqFPA_0gUJCQEKAQE02AUB4AUB8AWRlED6BQQBtiiQBgCYBgC4BgDBBgEhMAAA8D_QBqkl2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFIBBgABf4stARAAMgHsakF0gcNFXYBOAjaBwYJJ2jgBwDqBwIIAPAHxP8HiggCEACVCAAAgD-YCAE.&s=da9e8a2304858479368f317ff0472b2d743b006d&pp=0.195457
Requested by
Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.113 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
793d855246028f05294fde727ec345e3b9165456e9f89bdedbd72d98cb51ed26
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:17:00 GMT
Content-Encoding
gzip
X-Creative-ID
369241214
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1d9880be-d183-4942-a2f6-d1d46956b14b
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
event
s.seedtag.com/s/ Frame DF5C 		43 B
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/s/event?type=imp&id=87676a59-7efd-4624-b5c4-19be358790a0_AppNexus_1
Requested by
Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:00 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
image/gif
access-control-allow-credentials
true
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
generate_204
tpc.googlesyndication.com/ Frame A337 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?gtErfw
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
amzns2s
rtb.gumgum.com/usync/ Frame 6FF3 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.129.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-129-133.compute-1.amazonaws.com
Software
nginx /
Resource Hash
714be95d4c0006752676a90bcdbe9c9c3c8bbce83ad3ac3f1916ed0356457a14

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 12 Aug 2022 08:17:00 GMT
etag
W/"0026cb6a94a230b75f4196b393d0c3cf7"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame E020 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b0a467350d01c56047c47a5b922f3220504001f9a64c765247cbc2cc01dd63e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7397c5a80817a216-YYZ
content-encoding
br
content-type
text/html
date
Fri, 12 Aug 2022 08:17:00 GMT
dropped-udsids
241|45|230|39|105|218|41|123
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pao1n%2F7zjGYuY32eRjBCBPTJL1k4Y7hszJ%2BEoFFrv4OwNW69cB79fSFPSFRcTL0O2yixwNJ9UcYAxMORSj7o4wQM9IWk%2FIVXtovmYPY6LhtbtstSGqn%2FFbEbKm%2B8eEv1P0DR6eT4%2B%2FZidA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
/
match.sharethrough.com/jwumXNuB/v1/ Frame EA90 		427 B
612 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.189.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-189-0.compute-1.amazonaws.com
Software
/
Resource Hash
8be431ce956a9a057e862b7a4fc3a6ae4e3239cef434e656c34bee62074a5180

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
427
date
Fri, 12 Aug 2022 08:17:00 GMT
visitormatch
bh.contextweb.com/ Frame 9F50 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
134127ecdf2b16585f3bba85303cbb0bff025fef6a0bd8bdfcc1ca6e43e0cfac
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
content-length
930
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-stage-0
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
ecm3
s.amazon-adsystem.com/ Frame 8BF4
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=5fd0be465bb90cb7&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAEgkzftH-yeAMPLsUdAAAAAAA&expiration=1660378620&is_secure=true
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAEgkzftH-yeAMPLsUdAAAAAAA&expiration=1660378620&is_secure=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 12 Aug 2022 08:17:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
WKM7V3VSY5ASXD0PJTNN

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Fri, 12 Aug 2022 08:17:00 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAEgkzftH-yeAMPLsUdAAAAAAA&expiration=1660378620&is_secure=true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
ecm3
s.amazon-adsystem.com/ Frame 1F11
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=4838819436260598658&ex=appnexus.com
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=4838819436260598658&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 12 Aug 2022 08:17:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
V4EF11K2ES1QWM1TXGV7

Redirect headers

AN-X-Request-Uuid
aebf24b8-1cf0-4e5f-9b1a-8398a7817080
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Fri, 12 Aug 2022 08:17:00 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=4838819436260598658&ex=appnexus.com
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
ecm3
s.amazon-adsystem.com/ Frame 3A64
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4436417915014705237908
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4436417915014705237908
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 12 Aug 2022 08:17:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
CR6A0WX8Y3EXY0EC2N1K

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 12 Aug 2022 08:17:00 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4436417915014705237908
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
bql.php
lg3.media.net/ Frame AB94 		15 B
216 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5175&&&vgd_l2type=sca&fp=GTNvLkhInbI_dr6LIBY7yC5gtaDJEQd8SIS1j9iegx9hP2tDr9wfYVbNVaoEdEZY4OJQ0wFCRAguk1AhWjmzeSZrQajy_diJXVlKfmz-WmKe7PxyLAajmfhM8nwPsCHAeK87ZAmjnLmwZeAtU7vizw%3D%3D&cme=tH6z9fH0H1r6oKnPvXO4yuO43bpa8blbD0IjGiTIQ8-Gh21Y7GA8vA2nVlgnn7lXSFnHw96jM8iFs08L8hxZ1MDJk9eVGYQeiI0iFpg7UFtPI0yTQqHeImnylLzWhNtA61ALQ09WNNtIRVFPO1XKH6CCxfCkRPm0_836dKkyH2rnU3M548DJr60uRh0jvZyiRqR59IdCwRsRJOqIX-CiWJvLzUzd33J3ZyqM7J8Tpgs%3D%7C%7Cu8A6SM53vAcxkZY9VHWafLSuY-HKDieQ%7CJwgYdc1KQkFA0AkMtcoUY9olDV92JfOo%7CWBUUA2Z-5oq6soFwwgA45utOAG1AIWXgnAQTOZUNJsaBMCvntnS7o-uypmTjl-uQjCmeysIDY03Uhaeg6akjzDxVDIMZ1IehGCvvZsHDe13qY45U-T-0E4HQtRLydBYE%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Cx7qgWrhQLj9ANfaNY-GuJyAC6bqkrOjp_waNQP-CtHcRL9ZR7eVSp4pLVWFbFBdXN2fFRbwdZiXydjFp_KW8j5XGJg3H525b0tDGDEQ6zAcnC540fnfKESrA8tyoMSZemYQhW5AnD-ZfGN-CES2Ef8g-NWXvbuGhvRZnZ-vkeq_uHsneJZ2fe4bW47wcF5P7hcdbaVKowfRLXaEcncba16DnI2RITtturAr5MRTusR0%3D%7C&v=1&geo=45.5%7C-73.58&lper=100&lpid=&tsid=611&q=&prv=&type=&ps=&hint=&td=&cc=CA&wsip=170785174&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nff&vgd_fm_lang=EN&vgd_dnquo=00_XX&ksu=224&fdkt=375&vgde_kbbh=ffoyxQJuO&kwd[]=Best+Ways+to+Invest+in+Gold&kwt[]=375&kbc[]=157571&kwp[]=1&kid[]=316482289&kbc2[]=%23c%3A3469822%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D0.79%7C2%3D3.85%7Cps%3D0.983%7C3%3D0.90%7C4%3D3.20&ktd[]=274911527168&kwd[]=Stocks+To+Invest+In&kwt[]=375&kbc[]=112314&kwp[]=2&kid[]=27190006&kbc2[]=%23c%3A3469822%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D0.40%7C2%3D5.26%7Cps%3D0.983%7C3%3D0.88%7C4%3D3.17&ktd[]=274911527168&kwd[]=Mobile+App+Download&kwt[]=375&kbc[]=250087&kwp[]=3&kid[]=124326122&kbc2[]=%23c%3A3469822%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D0.65%7C2%3D5.24%7Cps%3D0.983%7C3%3D0.81%7C4%3D3.29&ktd[]=274894749952&kwd[]=Free+App+Download&kwt[]=375&kbc[]=250087&kwp[]=4&kid[]=216358784&kbc2[]=%23c%3A3469822%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D0.15%7C2%3D1.36%7Cps%3D0.983%7C3%3D0.44%7C4%3D3.62&ktd[]=274911527168&kwd[]=Change+My+Password&kwt[]=390&kbc[]=281%3A%3A119529&kwp[]=5&kid[]=5556246&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D0.38%7C2%3D2.27%7Cps%3D0.835%7C3%3D0.37%7C4%3D2.62&ktd[]=274911527168&kwd[]=Unique+Baby+Girl+Names&kwt[]=390&kbc[]=265%3A%3A3179&kwp[]=6&kid[]=29366695&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D0.18%7C2%3D1.13%7Cps%3D0.835%7C3%3D0.05%7C4%3D3.00&ktd[]=274911527168&cid=8CU5RJ1PV&vwid=1660292219385956852&vi=1660292219385956852&tdAdd[]=ib%3D0&vsid=3032938191454716&tdAdd[]=asnum%3D16276&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=775&vgd_l3_sc=QC&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_katbid=-102&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170785174&vgd_nrrv=57785&vgd_nrrmf=4808&vgd_nrrsf=scrr&vgd_cty=montreal&vgd_go_pid=8POPGE52H&vgd_go_bid=325626&vgd_go_abtid=88775&&vgd_ifrmode=14&vgd_l1rakh=1660292218114905538&sttm=1660292219138&upk=1660292219.19805&hvsid=00001660292219138025035145477106&verid=3111299&vgd_matchstr=hr%3D0%7Cbcat%3D500121%2C501025%2C500780%2C500273%2C500532%2C99603%2C501011%2C501082%2C500008%2C101884%2C500786%2C500900&sbdrId=196&vgd_ecrid=1700080812716500320048000001000&vgd_isiolc=1&vgd_fcm_enc_mis=1&&kbbq=%26asn%3D16276&&vgd_vstrid=3032938191454716&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.f~e8QMQOvfWA~xLjMLEQMGvuF.9W~ONfvu~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9ff9Wuuf9~8xLjMGvFXu.Hh~xLjM7UNv9~xLjMLf1MGv9~Q7Ov~c0v.*Q75jJ.*~j1Q7v~Nemyv9~e8QMxLjMGv9.Hh~8Evf6%20xQ9~kGGv9~e8QMxLjMjvu9~L88Ex1vA%2CA~J7vfX~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9ff9Wuf9u~e8QMGvFXf.iX~xLjMGvu.uh~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~xLjMjvu9~yN17vou~GGvuiF~eev9~NejfLMQOvfWH~jfLMGvu999~JLEYv9.f~ejfLMxLjMUNv949~ejfLMxEMjv9~GYvu~Q8OvAF9FAHWHW~QOvf~x8OvwWy%20XR2GU5jc%2FKBOg~xLjMLEQMUNv9~NejfLMGvA.fF~G7OvuuhHHAhAW9i9uFuF9A99Xh9uAhuHuWFiHiWXXfh9HFFXuihFHuWXfufHiHhFWui9HFuhXuhh9hHFWW9~NejfvA.fF~AENkviii.ii~x8Yv9~OYYMQ7Lyvw1LYmz5~ejfLMxEMGv9~QQvIK~x8Bvou~NJv9~LEQMGvuAA.h~xLjMQLEQMGvuF.9W~%3DVvfhuW~z7QvA~c0fv.*Q75jJ.*~7Gvou~N7vYmz7LJ1j~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~0sv9~8Q8kv9~jNvu~xLjMLENMGv9~G8Ov9.f~ONvW~xLjMLEQMLev9~ejfLMGvf.fA~QxEEj5M71yM8Ov~e8JB1G8j875v9.hf~1YEvu~NGOEv9.f99~OYYvw1LYmz5~Qx8Ov%3DK4b40dWh8p%2F_ku1%3DALjpZk3BWW~QOvf~O7NvJ1Q7MQN~-8OvKrtoExGoWWfWXWhuHiHhAHAh~O1jyv~w7Yjvu~1OGjUvuXAihfiF9W~QmGEv9.uX~N7Lv9.99AhWHuWAi~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9u9~myG8Ov9.f99~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vf9~OmyGv9ou~8GNvu~OO7vou~zQlvA~7yQvAf9-HW9%7CAAF-fW9%7CXW9-H99~GQGv9~GQEv9~7Y-vfHH&vgd_optout=0&vgd_cfud=220609&vgd_scsver=283&vgd_go_ent=1&vgd_rensize=320_480&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=east_sc&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A320%3Brend_h%3A480&&vgd_uspa=0&vgd_sc=QC&vgd_l1rhst=contextual.media.net&hvsid=00001660292219138025035145477106&subBdr=196&bdrid=294&rc=0&rand=1660292220004&acid=6ff0b9ea947f423ab3ae06140420df9a&matm=1660292220004&vgd_ltimesrc=1&vgd_ltime=1293&vgd_rtime=1148&vgd_etm=8&vgd_l1hcsd=A33%7C5248&vgd_l1ch=1&vgd_lhl=3198&vgd_pgid=p0442255615t202208120816&vgd_adprefflag=10&vgd_adpref_diff=100&vgd_csip=rtb-appnexus-5f777c6bc4-sdppq.SC&vgd_sbSup=1&vgd_nrrs=57785&vgd_cntrdt=SF%7C684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=360634848&size=320x480&cc=CA&chnm=HARMONY&pid=8POPGE52H&tpid=TG41K38&https=1&vif=2&requrl=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&nse=5&vi=1660292219385956852&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&bae=B44egagqBq&bcpf=B48fOnRrolnfOur84egagqBq&bdrId=294&bid=325626&ntv=0&matchstring=hr%3D0%7Cbcat%3D500121%2C501025%2C500780%2C500273%2C500532%2C99603%2C501011%2C501082%2C500008%2C101884%2C500786%2C500900&kttle=SafeFrame%20Container&katpre=1&katbid=-102&pgid=p0442255615t202208120816&goent=1&htmlsrc=1&allsc=QC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.223.56.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Fri, 12 Aug 2022 08:17:00 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Fri, 12 Aug 2022 08:17:00 GMT
pixel.gif
beacon.krxd.net/ 		0
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=J2lZajxx&_kpid=5007d44e-09d1-49b7-8c99-6b1cc38c3cbc&_kcp_s=Barra&_kcp_d=glamour.globo.com&_knifr=25&_kpref_=https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F&_kua_kx_tz=0&geo_country=ca&geo_region=qc&geo_dma=124462&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_tech_browser=Chrome%2010&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=ca&_kua_kx_geo_region=qc&_kua_kx_geo_dma=124462&_kpa_meta_keywordsDELIM=%2C&_kpa_kx_context_terms=Nu7TTsTR%3A1%2CNu7TVOIg%3A1%2CNu7TTFG6%3A1%2CNu7TXfT8%3A1%2CNu7TWVvS%3A1%2CNu7TWGye%3A1&t_navigation_type=0&t_dns=241&t_tcp=322&t_http_request=-1&t_http_response=478&t_content_ready=2414&t_window_load=0&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=xovovzj6l&userdata_user=PA2gS_tb%2Cxovovzj6l&sview=2&kplt1=19929&kplt2=19930&kplt3=19936&kplt4=27202&kplt5=30153&kplt6=32767&kplt7=35254&kplt8=41931&kplt10=43632&kplt11=43900&kplt19=45407&kplt20=46183&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F5007d44e-09d1-49b7-8c99-6b1cc38c3cbc%2C33%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C91%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C92
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.227.59.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-59-83.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:00 GMT
cache-control
private, no-cache, no-store
x-request-time
D=67 t=1660292220
x-served-by
beacon-n030-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7DC8 		624 B
733 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEJvK6wEYv43-zwEwAQ&v=APEucNUkkp0Oyl1SMAe365k-jrf8dO1f3XlCJ4cekUDr0U-EmDNhEThUafN7l0L_7y7VVW_UW_vWaXX-_3xG43Tja89YM33fKw
Requested by
Host: ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
URL: https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 08:17:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 4B0A 		83 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Doi2RTS11jZIwLUrs31k7x-7JVGDgYiKgBHj2wm8RH6mhDgbZDDh0oAiXqZrKzRltvrT-piAB2wjdoBQDQHITYSuN9ooi7UZDQ1Z66djxGKJfXUk9TIQtIbQTa04-UtbRT7gnfgyyyLdqv79cBao3hmJXyQA&dbm_d=AKAmf-CqdbIwZuK-hIZm3piVAhFNTCIf_9Vq0KJ0Kl_8uowmMrb7uhxV-xzNenmc1d7IU_4yLkd6Fps5Y_SXLVrtVu-DcCl9rGhatpokCpbVWgECE-dsxZ7QXC5qDB6t4fO5gFL-fRw5cootlRYmkTi1giuiY4bdOh-o3X8Jt4qOtGR_y2J75E6xw9O2pSzvFVs-5DcbHJnGylVpozFkM8oWgRSiwn-9GsK3xAcmX7f8lYfJj2GRTq9MG1lummwarP2iHM6Ig0Gxlxbx4B7BZnPoGPIv6tAK3Byf3mVNEuAoq2UQA0mt4L4_K2BuVNi9UHvn2b4xYp5wmaNYSo1lSQEOyQ0LT48hPhPOyHytwCEN3HI3PgVlyikjEYhnyJYhzYOJofxQ_I2chvNsIRRJ31I0AXZgsxT4Yk8HIm6fSlSubXFQNh7Xm-WAEJ8xRhFtwcdpR9FNgMN2MbkTFHvAKkReFnHhBEtkdxygjk_DRR5N-uVv8rC4Ah6KHzWFtEvocx7-RuCR5pVxBRB5fKzDRrh5vkJS3SG4AwiiFH5EjSy3zTTr5VPxJ4WGHe7rJj7vEjxrUnMABNaBy2lvYJUaWg2r58FXk2qSB3xkQD8d5P_e93-1uiC9WUPL_bS14Kr-5Gd0gmbJwL6Y_dBmkNInYPow2JkiMioPn4Ao4wAysxPNbrYJhcQTyc41YsoY1gYb14I-9ylDNQ8IsoQ5ROP2HjlUXShONflEXUv4t7pNFtQooIUPGrx_P3r50N6-ZzE3Vb1d8fkFB-ELQaG1K3TOHgXbd7uF62rCNigiRPxZY7kSS6hYrNyt6srVhrpxXDwHABDar-CNuiN__jflfkf7LyjOqMN-cKbspM6o8hH8x_u-XSbDwdjj-9SjYUKFHeORd-UPaMrXj8dOhSRKIQeAimXVsY88H9NcyHRv69Nq4-njoaApTZOrNGwCGA1WodIqQsnSH7_kyjbI_HYN0UWgAY2osMXF1K2yKJ_gRWcG5jJOz0fjfZHZqpaoGgIzVdXDcbUPPStck3tKuWwLq3lOtrD1aDpxtjdeW88ajSCLK8O_Qk5C2rsuUHa8y02If0JbkPE4d5esqtldlbWrz3gEncCYWKtk6b4W6ED26QuaKHSHo74H_WZfixAcO07006-FQaid2db2eFEp25bgTx-QFIw99WA0CmXBhmXn3RnN0PHaBqnjaE9SLPQy50DnLeRJyi-FDOhDz02BC9ktSwxOPfSmfQ4KC4gST8twf4gci-btwmxxvyhGTmKquvr8MpI4_uudUn6WlEQJr-7zc6DETKttu32dYEYMdF_Cl6P9e7t7aDa5CQAiaJneEm5miRHkG0sRw3Ec0TcUYYoMO5VTv7G9xtqAbaXMEKRwWvX4u3hVHVKb3MuNlH_zb7yv8UQEIT9h05hESY7bAdQkXHyMdEoxPbscBoOEDMRftUn_dOHvIbOwj3vIcfkj9YpJsYQR-2R2lu9mzZERgGVpjCSkn73jUiv6odyE8nL8w3N1zKfK1pHu3d25jjnX7IXYlWqhkPNnLMzJDLc99VprAm_Z7ry1k8rQ6L0Io8udXIVbAU9F4cH_vk7MUKH3m_m1cMOb5SbE2SoKes4oh-RCLiB0EbrANoG2Tr_808UqHqRJbwNVoWIrjqfQJZ5ytLXrqdgDJjyoYQvUyVwXJSyIqJNw6vGSNmLOo1Mtvm1854cUnha7OuIiJtWwlXqIAkkRvsZsndGDq5kT3TG-eVlerqsEtvfIKd58_IG5jLJ2bFBT0mD5njyUjbgV1buyAEvj5mWKc0mE4pLqm41TyHFHj2M_p7_uo4sG9uYcwRuvEvWDK0KJ6w4ae9i8t2uCDjATJY2UtNgtby6ed09pZBkyygK2WudogVQ-HVj6AcW5Wq4RMr7T976ocM3wbdfKf7Vssbjv7GP3fUar-Esi_YoT_X1bDrL0X1d7DgfW6bURNHOrLhCjGuYGulb_mgmAcELqyDN4xUuXzgdE6PobC3O6J_WOxlHDNuKWxji4c2OEqTimo-rSpv0uA2sfWrHzChrAxieBbW5zHekg7tn7OecfeQmYnUBc-2mxRWWQPY4RSmmn810DyVS-igeW7g-TuvTsimZpDdEiob-RN2GNRNfqz89OY0mNSR3sNU2DWBHRKxdAQKJlgyn94A1LuGtEGtLaqEE3v2k0f4u_dsxbG0jgoGJC2otns-KOjo0sLN5FAC2LVKWBRjE2TtAL3N1Q3XwJ46bxNCQcRxrGuqQK40gTV6TYX-dj1KbP3EOdH_PsKO3UyJ7-B7dFgfTyEolcpx_7NNC9CBwW1SRdlHTwx5tlDCUHooFK5vSDyXtnezgXLyO6WqGqz50HryO0HqKwf-Q9caBmUz2cGcyiACQTCRoiA07NDxvApmVzZquHC8iFsv-7fZQTGU9VjiJMS-c1n7KVC86Z9qfEPsKFBruVYTYSk6uMQTF4o9Xnx0pU5jYBg9Lg1bFndSXmmkn13xNaYlcepJg6uFYo9yaZjEEFgYTXtAX-Cugv1MY74kmQXJ_yRJebqn_8PYonUDURyiQycW58fwPtms5h1l4dswZytr30m3xvA1Qcdjgljn_vNueAeliK_2E0-kr1rBbF0zXNFSL6Z5ZKdBShfFq0ft7cfg9UXg_rFDB4k480tPSHkicqiO0HtELM2TyBNcgvaP9Je5DosrmV3qM_sRLLIsAYnazdEw288UvGloy3jw0Mn_7OFX_rc2mxtCxXRtydIVBr_O1qnV8bb0VIcuSDMVhSL6SmsEMiEttmRu8pvWHUxJzRhsyVKb8_45M_89qYQvbb1Z9P6B5OPvnaqAxpooV2Rh8I3h0lhAU_U4iVN8nS6vqpNbLyT6MD3V49jDhSurt7kMnXjdygbyQLsHBROQHR-9KUznDCJrIi1LFZuFCBXOnKx-GyZtYNC2LWeyehKuB_xBSQAgYctKsdmWqW6Z9poxey-tOoz6U-whaNt1kHg0hq_yiV6Jea3B3ZuxfIfqJE3cIUHinQNoFxchGi4XOO4xfzXREBAjXCm6yDRjwULyWaGWbuK4gEUpm7mI9KPCQRg7PfjrQo8Wz58enSkJSqc13D-32wqHAygdA1AoavL-pFMGPsBbeo7dwd-J52jG-ZtforqWVzJC0nZb9-d5T2F5eh4lrrUhZaM4eNR8gdIEaDNO3Ir5dvZw-eULvYI5zhno3d3s7wozRpUVkCxgKb7cgLzLD8XQdbHwRmyoaP_PfUgAuBfD-Z4A_CnVUdBzDpedi3yG2BWFeN8Ic8N3WI3jPJACl3eA6uQEIlxyf_7TA3NjGz28HLzCOs8LBVy4Lpr3b-I0Z_JHuoc6TBw3kxeGemLM6v_mjdyQkMQNGTtoLs5FgIOyGjZ7EUrVqMkFq7CqTUePIYqPLP7TTkkSE6Ssvm_h3Gy37qcHZY3dq8gPg7VzPHLV7tA-FoTfECnZ9oAvPaQIXqUEp05R5IFMKLwDoAD1zPLHx141xC2twdyJaw1e4Fh42jyyRJNDOiFTp2NRHqAaPkkOM5pfRdBwIqszETqRb_01Z4uq-O0IwCHV1T5ieGxfqwpRKDqMVmjzHvy8Rj1rR5tqtX1tWbt8LQRFIL51bFtkdykSA-awN2AMNK7EN7uIBzDUvTxBSRm-M5oRjHRdGWwF_is53NpOIkeKim1K4Rx7wJu8LSOePFCk4NKQS-bdVFYbPu5spFxEJGfGIDwP4CN1R0l-97e_9a_nWOKyOH0voJHF5eqTNtLp0-_lj-rNd-g3nGwQaLpaOHOEWakPrHW5eTHRKBaaVJo4Fw77jm_RB6ISinNlu2VnzaBAmKeRUjJiZ_ETznrGoi4JEXzPOhSU0-32OeDiFNun0lyHwMefafxgBUu3DOeDB_s7W2v7-IeFy7AR4NNFt9j1E5ig9echPBQqw-9ziVQsjr4yz1mq036-a9c5hYxnE1ddCNUsw2rrNqt5px3rIiB94Tnbi1zKQnzkLfD3yi1AOIk0WSe9d_ma-LTFXW9v442Z7AEa06evGeUHL6UquoEN7Wy3JNxTgZPMbCrCrQVH-53t_7nPXjya3HhZ6htzNKJYJhO6CCSRNNT2NVU75Qq7eaU62bEhg9BHuS0H_Xi20SzPpwdv3NzU9UWqGl8BTlTNN9Hy56BbO5yxmKohJlSNkohP_WSyZdnt26eJpwwABrlVi5TTm_kTvpU1YxLXs5_4nGTEGCdJET7tPOFw-YY7GSoqTZJKCHhWgyjmgmrwrM--WHLtd0WlWI_hz5my4wh0X6SWWi0_3OgwAnDg7nWbblCal_iUrxJPOJhVKgFFzV0lFNGAVWoOnzdoWmIFkxCLgs47B2nyb-CbEjWeD06fiAJN_TvBaUPLVlfr7F_E4gYZOIgfG6DWupE0hvWefuuSQRywBak_pXywuCqxuJnTXhGgfXuo2on7y-3PDw4vFs9x1KFwhDzhkq7jtxz2lyIJM8Mn77140v0hvY-YteBoPKFWueLzqfOYmm2wIjPVLDx9oqu6y5A2Spjxh1Aoe_B5JJu4ocAjh-OLR1EfgYVeLn4fzsx2wI6AprGviTbt46QB_1RtDWFOCF0mBSrWWZZZof8_2lhRwDkgkQlwMv3pqIjompTIkVGZP1HsIft3y77PS5wOstt_XMK8EFQdeMEGZh539bnaX1WU7pdxocU7MavhnYQcI3bGbEuo2_cx9iQ177VlxHAAWrvikGwre5VBQY8NkUbbO7EAtjFYREBilN8uiTmpD-f2hOVJqOVVN6PoE7mqcToLWUDg6FqcV-Afd65bh5I7kEfiDgKT3cVhrQniGSlb7SjFtAJwvp2AhDSIBSz22RzG26KmO0blE4FnSy9sU-ESaPcJmeL5Y6PBNnPLL4P-kuPrJ1QFqsCDP0qrg2f8T6cisJ8YbL1XYz1qzguWpccKmmgM7uzIcjlHpSjfIvzgsHOulgWhQdXCHtMPZb-pVCW7OLlDk-DQ&cid=CAASJeRoc3BHNAhaV9wCEdBGdEv8OH9W6SKMaLRSjrik0twwNh-YN_s&xfc=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuqQjxnd810VhjBdCiaHGdHevWWnssQPyL70MpyP1kDQguMBOYRwfB0g64AiZaFRFbqMz_eq-wpKUqHnhAtB3mFcJjtSx5nMcpS-M0_hR6EFY3P2lcNPCihSEdHla9mFgD0VVkp26c2ykZuhjdCRBfQBZTQQA3sbINUABl5BX_Aod0EDXi9KgiMSEA_CXbP3Nm-uLNVD4W4bMgs-SceS4rMiIkwFrhgPuBnP_sAI2XFPNWjFVu87xL_A4Y858cJAAn2NTYmKjbJDxdN8cg2DL54_4-lWulXz2VoE8c61G9MZkWXF_hgVVMxmwk1GBO0xqDy26DNFNnihoqTRhsyznpl9XdO86cTEmypqJvqkys%26sai%3DAMfl-YRGbatXcbyZ46715ZHohhCnLo59ot1NOT-LAHXZgKJbEsSaisHiuG7ic1m21APZr8RTbZaqEr4BBqBYB04jLqvK3NBelrKZLaHzinTJyXnaEgcysh5fKsITCJXGynI%26sig%3DCg0ArKJSzOmpQiDNowP3EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&rfl=2%2Chttps%253A%252F%252Fglamour.globo.com%242%2Chttps%253A%252F%252Fglamour.globo.com%252F%240
Requested by
Host: www.protocolo7em7.com.br.hackeandoansiedade.space
URL: https://www.protocolo7em7.com.br.hackeandoansiedade.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1faa2fd126cd52e36b732f0bf88999870ad193b24fa26b777109803ab56df916
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35597
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B0A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AB9vIvq00HsaOVD1OjrCgetPLSubpVSH1ol52jdkCQEVRYkl_gDzifD_OkgyXcsblOtzMcOF5UJywUQMNGcF1oL3MBrFmKD9vyRl8xmtvf0RB2my4
Requested by
Host: ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
URL: https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 4B0A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
URL: https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:07:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
542
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 08:07:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4B0A 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
URL: https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 08:17:00 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 4B0A 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
URL: https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:08:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
484
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 08:08:56 GMT
l
www.google.com/ads/measurement/ Frame 4B0A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaROzEULBz83NrhTq_SSk0uA-GQllOes5zBn6kOK1g1Fqz1U6ns_c21prAeDrP0arsAyc-fcsAxeKx0uxy_55_CewTwJ8g
Requested by
Host: ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
URL: https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 0A08 		158 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292218648,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
081d455bd5ad34e6a70e34cf5222173a504db11c69cff556b99a87f328b06931

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:00 GMT
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 05:53:15 GMT
server
Apache
etag
"277a7-5e42219c4aaee-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38049
client
ssl.connextra.com/Bet99/selector/ Frame 834C 		1013 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssl.connextra.com/Bet99/selector/client?client=Bet99&placement=DDM_APN_SB_ACQ_CA_FR_300x600&_cb=1703633298&apnauc=8177659082346338560&bidid=8177659082346338560&dspid=3bc1d7fd2e&tclk=https://nym1-ib.adnxs.com/click?RHzTS-GUzj9eIGJ-ugTJPwAAAGC4Hg1Axvp054r80j9MGqN1VDXXPwAZgLmb4Xxx1ixF5FIkYmR6DPZiAAAAAAX9XAGpDwAAmBwAAAIAAAB0LAIWRVUlAAAAAABVU0QAQlJMACwBWAJPgQAAAAABAgUCAAAAAKoA8iIKngAAAAA./bcr=AAAAAAAA8D8=/cnd=%21JBaFjwj59bUZEPTYiLABGMWqlQEgACgAMZqZmZmZme0_OglOWU0yOjU3MTJAgi9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjU3MTI=/bn=92138/clickenc=
Requested by
Host: nym1-ib.adnxs.com
URL: https://nym1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&e=wqT_3QLWDvDtVgcAAAMA1gAFAQj6mNiXBhCAsoDMu7O4vnEY1tmUoq6KibFkKjYJRHzTS-GUzj8RXiBifroEyT8ZAAAAYLgeDUAhxvp054r80j8pTBqjdVQ11z8xAAAA4FG43j8whfrzCjipH0CYOUgCUPTYiLABWMWqlQFgAGjPglZ46s8FgAEBigEDVVNEkgEDQlJMmAGsAqAB2ASoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKApYBdWYoJ2EnLCA1NTY3NDUwLCAxNjYwMjkyMjE4KTt1ZignaScsIDczODUxOTUsIDE2NjAyOTIyMTgpOwEdLGcnLCAxODM4NDE5MUY7ADBzJywgMjc2NDYzNjI2Rh8AMHInLCAzNjkyNDEyMDQ2HwDwi5ICoQQhVzJtVW5BajU5YlVaRVBUWWlMQUJHQUFneGFxVkFUQUVPQUJBQUVpWU9WQ0Ytdk1LV0FCZ3BnWm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUkNvQVFxd0FRQzVBUVVjU1lGWE5kY193UUVGSEVtQlZ6WFhQOGtCQUFBQUFBQUE4RF9aQVFBCQ50UEFfNEFIcjRNSUQ5UUZQdERJX21BSUFvQUlCdFFJBSQAdg0I8Gl3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlCZ0FNQm1BTUJvZ01PQ0xQaWhTTVFDeGdDTFFBQUFBQzZBd2xPV1UweU9qVTNNVExnQTRJdmdBVDg4dDRJaUFUTXJPTUlrQVFCbUFRQndRBTUJAQhNa0UJCQEBGERZQkFEeEIBCw0B4GlBWFFMSmdGaW9EcWd3R3BCWUtRTEdBQ2R4UkFzUVVBQUFEZ3Q4amRQOEVGQUFBQTZJbFc1al9KQhFjDFBBXzAFKA0BBE5rBSgBAfBDOERfZ0JhZWJBdkFGdjRyaUNQZ0YydWZUQW9JR0ExVlRSSWdHQkpBR0FaZ0dBS0VHbXBtWm1abVo3VC1vQmdTeUJpUUoBSA0BAFINCAEBAFoBBQ0BAGgNCCEoPDRCZ28umgKZASFKQmFGanc6JQI0TVdxbFFFZ0FDZ0FNWnEFbRhtZTBfT2dsPV0USkFnaTlKAU8BAQg4RDkdeQBCHXkAQh15BEJwASwJAQRCeAkIAQEQQjRBSWs1cPDQOEQ4LrICJDZjMDZjNjc5LWQxZDMtNDY1OC1hNTRhLTZkZDE5ZTY2ZmM0M9gCn0bgAu6QXeoCamh0dHBzOi8vZ2xhbW91ci5nbG9iby5jb20vbGlmZXN0eWxlL25vdGljaWEvMjAxOS8xMi9tZWxob3Jlcy1kby1hbm8tb3MtbWVtZXMtbWFpcy1lbmdyYWNhZG9zLWRlLTIwMTkuZ2h0bWzyAhEKBkFEVl9JRBIHNTU2NzQ1MPICEgoGQ1BHX0lEEggxODM4NDE5MfICEgoFQ1ABFAwJMjc2aco88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAWEgBzczODUxOTXyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwVCghTUExJVAFNGdn0BQGAAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOSiALgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xNDkuNTYuMTUzLjE3OagEALIEDAgAEAAYACAAMAA4ArgEAMAEzcC5IsgEANIEDjczMjAjTllNMjo1NzEy2gQCCAHgBADwBPTYiLAB-gQSCQAAAKDvv0ZAEQAAAGBtZVLAiAUBmAUAoAX___________8BqgUtODQ5MjQwOTctMjI1OC00NTFlLTg2ODQtMWI0MDVjNGQ5YzQzX0FwcE5leHVzwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFkZRA-gUEAbYokAYAmAYAuAYAwQYBLzAAAPA_0AapJdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSAQYAAX-MLQEQADIB-rPBdIHDQkROgE4CNoHBgknaOAHAOoHAggA8AfE_weKCAIQAJUIAACAP5gIAQ..&s=a5c58e0fd0f2ff0b1584461b63d59a7eea1f225e&pp=0.195457
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.81.133.133 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-81-133-133.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c9ed8bcb9eb4ad4d87c7e659924a2318f18b267dff58bb01fb44b6b448e1b312

Request headers

Referer
https://config.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
690
content-type
text/html;charset=utf-8
date
Fri, 12 Aug 2022 08:17:00 GMT
expires
Fri, 12 Aug 2022 08:17:00 GMT
p3p
CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
pragma
no-cache
vary
* Accept-Encoding
x-served-by
vlp-cxtadsrv07.connextra.net
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8E12 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=4009&pub_id=1986072
Requested by
Host: nym1-ib.adnxs.com
URL: https://nym1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&e=wqT_3QLWDvDtVgcAAAMA1gAFAQj6mNiXBhCAsoDMu7O4vnEY1tmUoq6KibFkKjYJRHzTS-GUzj8RXiBifroEyT8ZAAAAYLgeDUAhxvp054r80j8pTBqjdVQ11z8xAAAA4FG43j8whfrzCjipH0CYOUgCUPTYiLABWMWqlQFgAGjPglZ46s8FgAEBigEDVVNEkgEDQlJMmAGsAqAB2ASoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKApYBdWYoJ2EnLCA1NTY3NDUwLCAxNjYwMjkyMjE4KTt1ZignaScsIDczODUxOTUsIDE2NjAyOTIyMTgpOwEdLGcnLCAxODM4NDE5MUY7ADBzJywgMjc2NDYzNjI2Rh8AMHInLCAzNjkyNDEyMDQ2HwDwi5ICoQQhVzJtVW5BajU5YlVaRVBUWWlMQUJHQUFneGFxVkFUQUVPQUJBQUVpWU9WQ0Ytdk1LV0FCZ3BnWm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUkNvQVFxd0FRQzVBUVVjU1lGWE5kY193UUVGSEVtQlZ6WFhQOGtCQUFBQUFBQUE4RF9aQVFBCQ50UEFfNEFIcjRNSUQ5UUZQdERJX21BSUFvQUlCdFFJBSQAdg0I8Gl3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlCZ0FNQm1BTUJvZ01PQ0xQaWhTTVFDeGdDTFFBQUFBQzZBd2xPV1UweU9qVTNNVExnQTRJdmdBVDg4dDRJaUFUTXJPTUlrQVFCbUFRQndRBTUJAQhNa0UJCQEBGERZQkFEeEIBCw0B4GlBWFFMSmdGaW9EcWd3R3BCWUtRTEdBQ2R4UkFzUVVBQUFEZ3Q4amRQOEVGQUFBQTZJbFc1al9KQhFjDFBBXzAFKA0BBE5rBSgBAfBDOERfZ0JhZWJBdkFGdjRyaUNQZ0YydWZUQW9JR0ExVlRSSWdHQkpBR0FaZ0dBS0VHbXBtWm1abVo3VC1vQmdTeUJpUUoBSA0BAFINCAEBAFoBBQ0BAGgNCCEoPDRCZ28umgKZASFKQmFGanc6JQI0TVdxbFFFZ0FDZ0FNWnEFbRhtZTBfT2dsPV0USkFnaTlKAU8BAQg4RDkdeQBCHXkAQh15BEJwASwJAQRCeAkIAQEQQjRBSWs1cPDQOEQ4LrICJDZjMDZjNjc5LWQxZDMtNDY1OC1hNTRhLTZkZDE5ZTY2ZmM0M9gCn0bgAu6QXeoCamh0dHBzOi8vZ2xhbW91ci5nbG9iby5jb20vbGlmZXN0eWxlL25vdGljaWEvMjAxOS8xMi9tZWxob3Jlcy1kby1hbm8tb3MtbWVtZXMtbWFpcy1lbmdyYWNhZG9zLWRlLTIwMTkuZ2h0bWzyAhEKBkFEVl9JRBIHNTU2NzQ1MPICEgoGQ1BHX0lEEggxODM4NDE5MfICEgoFQ1ABFAwJMjc2aco88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAWEgBzczODUxOTXyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwVCghTUExJVAFNGdn0BQGAAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOSiALgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xNDkuNTYuMTUzLjE3OagEALIEDAgAEAAYACAAMAA4ArgEAMAEzcC5IsgEANIEDjczMjAjTllNMjo1NzEy2gQCCAHgBADwBPTYiLAB-gQSCQAAAKDvv0ZAEQAAAGBtZVLAiAUBmAUAoAX___________8BqgUtODQ5MjQwOTctMjI1OC00NTFlLTg2ODQtMWI0MDVjNGQ5YzQzX0FwcE5leHVzwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFkZRA-gUEAbYokAYAmAYAuAYAwQYBLzAAAPA_0AapJdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSAQYAAX-MLQEQADIB-rPBdIHDQkROgE4CNoHBgknaOAHAOoHAggA8AfE_weKCAIQAJUIAACAP5gIAQ..&s=a5c58e0fd0f2ff0b1584461b63d59a7eea1f225e&pp=0.195457
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.228 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-228.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://config.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 12 Aug 2022 08:17:00 GMT
ETag
"623de86a-cf34"
Expires
Sat, 13 Aug 2022 08:17:02 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
rd_log
nym1-ib.adnxs.com/ Frame D4EC 		0
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&e=wqT_3QLUDvDtVAcAAAMA1gAFAQj6mNiXBhCAsoDMu7O4vnEY1tmUoq6KibFkKjYJRHzTS-GUzj8RXiBifroEyT8ZAAAAYLgeDUAhxvp054r80j8pTBqjdVQ11z8xAAAA4FG43j8whfrzCjipH0CYOUgCUPTYiLABWMWqlQFgAGjPglZ46s8FgAEBigEDVVNEkgEDQlJMmAGsAqAB2ASoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKApYBdWYoJ2EnLCA1NTY3NDUwLCAxNjYwMjkyMjE4KTt1ZignaScsIDczODUxOTUsIDE2NjAyOTIyMTgpOwEdLGcnLCAxODM4NDE5MUY7ADBzJywgMjc2NDYzNjI2Rh8AMHInLCAzNjkyNDEyMDQ2HwDwi5ICoQQhVzJtVW5BajU5YlVaRVBUWWlMQUJHQUFneGFxVkFUQUVPQUJBQUVpWU9WQ0Ytdk1LV0FCZ3BnWm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUkNvQVFxd0FRQzVBUVVjU1lGWE5kY193UUVGSEVtQlZ6WFhQOGtCQUFBQUFBQUE4RF9aQVFBCQ50UEFfNEFIcjRNSUQ5UUZQdERJX21BSUFvQUlCdFFJBSQAdg0I8Gl3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlCZ0FNQm1BTUJvZ01PQ0xQaWhTTVFDeGdDTFFBQUFBQzZBd2xPV1UweU9qVTNNVExnQTRJdmdBVDg4dDRJaUFUTXJPTUlrQVFCbUFRQndRBTUJAQhNa0UJCQEBGERZQkFEeEIBCw0B4GlBWFFMSmdGaW9EcWd3R3BCWUtRTEdBQ2R4UkFzUVVBQUFEZ3Q4amRQOEVGQUFBQTZJbFc1al9KQhFjDFBBXzAFKA0BBE5rBSgBAfBDOERfZ0JhZWJBdkFGdjRyaUNQZ0YydWZUQW9JR0ExVlRSSWdHQkpBR0FaZ0dBS0VHbXBtWm1abVo3VC1vQmdTeUJpUUoBSA0BAFINCAEBAFoBBQ0BAGgNCCEoPDRCZ28umgKZASFKQmFGanc6JQI0TVdxbFFFZ0FDZ0FNWnEFbRhtZTBfT2dsPV0USkFnaTlKAU8BAQg4RDkdeQBCHXkAQh15BEJwASwJAQRCeAkIAQEQQjRBSWs1cPDQOEQ4LrICJDZjMDZjNjc5LWQxZDMtNDY1OC1hNTRhLTZkZDE5ZTY2ZmM0M9gCn0bgAu6QXeoCamh0dHBzOi8vZ2xhbW91ci5nbG9iby5jb20vbGlmZXN0eWxlL25vdGljaWEvMjAxOS8xMi9tZWxob3Jlcy1kby1hbm8tb3MtbWVtZXMtbWFpcy1lbmdyYWNhZG9zLWRlLTIwMTkuZ2h0bWzyAhEKBkFEVl9JRBIHNTU2NzQ1MPICEgoGQ1BHX0lEEggxODM4NDE5MfICEgoFQ1ABFAwJMjc2aco88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAWEgBzczODUxOTXyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwVCghTUExJVAFNGdn0BQGAAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOSiALgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xNDkuNTYuMTUzLjE3OagEALIEDAgAEAAYACAAMAA4ArgEAMAEzcC5IsgEANIEDjczMjAjTllNMjo1NzEy2gQCCAHgBADwBPTYiLAB-gQSCQAAAKDvv0ZAEQAAAGBtZVLAiAUBmAUAoAX___________8BqgUtODQ5MjQwOTctMjI1OC00NTFlLTg2ODQtMWI0MDVjNGQ5YzQzX0FwcE5leHVzwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFkZRA-gUEAbYokAYAmAYAuAYAwQYBLzAAAPA_0AapJdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSAQYAAX-MLQEQADIB-rPBdIHDQkROgE4CNoHBgknYOAHAOoHAggA8AcAiggCEACVCAAAgD-YCAE.&s=13f7845136e467c673b2368336f5b0366f6b65fd&bdref=https%3A%2F%2Fglamour.globo.com&bdtop=false&bdifs=2&bstk=https%3A%2F%2Fglamour.globo.com,https%3A%2F%2Fglamour.globo.com%2F,https%3A%2F%2Fconfig.seedtag.com%2Fstandard-iframe%2Findex.v1.html&
Requested by
Host: nym1-ib.adnxs.com
URL: https://nym1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&e=wqT_3QLWDvDtVgcAAAMA1gAFAQj6mNiXBhCAsoDMu7O4vnEY1tmUoq6KibFkKjYJRHzTS-GUzj8RXiBifroEyT8ZAAAAYLgeDUAhxvp054r80j8pTBqjdVQ11z8xAAAA4FG43j8whfrzCjipH0CYOUgCUPTYiLABWMWqlQFgAGjPglZ46s8FgAEBigEDVVNEkgEDQlJMmAGsAqAB2ASoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKApYBdWYoJ2EnLCA1NTY3NDUwLCAxNjYwMjkyMjE4KTt1ZignaScsIDczODUxOTUsIDE2NjAyOTIyMTgpOwEdLGcnLCAxODM4NDE5MUY7ADBzJywgMjc2NDYzNjI2Rh8AMHInLCAzNjkyNDEyMDQ2HwDwi5ICoQQhVzJtVW5BajU5YlVaRVBUWWlMQUJHQUFneGFxVkFUQUVPQUJBQUVpWU9WQ0Ytdk1LV0FCZ3BnWm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUkNvQVFxd0FRQzVBUVVjU1lGWE5kY193UUVGSEVtQlZ6WFhQOGtCQUFBQUFBQUE4RF9aQVFBCQ50UEFfNEFIcjRNSUQ5UUZQdERJX21BSUFvQUlCdFFJBSQAdg0I8Gl3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlCZ0FNQm1BTUJvZ01PQ0xQaWhTTVFDeGdDTFFBQUFBQzZBd2xPV1UweU9qVTNNVExnQTRJdmdBVDg4dDRJaUFUTXJPTUlrQVFCbUFRQndRBTUJAQhNa0UJCQEBGERZQkFEeEIBCw0B4GlBWFFMSmdGaW9EcWd3R3BCWUtRTEdBQ2R4UkFzUVVBQUFEZ3Q4amRQOEVGQUFBQTZJbFc1al9KQhFjDFBBXzAFKA0BBE5rBSgBAfBDOERfZ0JhZWJBdkFGdjRyaUNQZ0YydWZUQW9JR0ExVlRSSWdHQkpBR0FaZ0dBS0VHbXBtWm1abVo3VC1vQmdTeUJpUUoBSA0BAFINCAEBAFoBBQ0BAGgNCCEoPDRCZ28umgKZASFKQmFGanc6JQI0TVdxbFFFZ0FDZ0FNWnEFbRhtZTBfT2dsPV0USkFnaTlKAU8BAQg4RDkdeQBCHXkAQh15BEJwASwJAQRCeAkIAQEQQjRBSWs1cPDQOEQ4LrICJDZjMDZjNjc5LWQxZDMtNDY1OC1hNTRhLTZkZDE5ZTY2ZmM0M9gCn0bgAu6QXeoCamh0dHBzOi8vZ2xhbW91ci5nbG9iby5jb20vbGlmZXN0eWxlL25vdGljaWEvMjAxOS8xMi9tZWxob3Jlcy1kby1hbm8tb3MtbWVtZXMtbWFpcy1lbmdyYWNhZG9zLWRlLTIwMTkuZ2h0bWzyAhEKBkFEVl9JRBIHNTU2NzQ1MPICEgoGQ1BHX0lEEggxODM4NDE5MfICEgoFQ1ABFAwJMjc2aco88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAWEgBzczODUxOTXyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwVCghTUExJVAFNGdn0BQGAAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOSiALgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xNDkuNTYuMTUzLjE3OagEALIEDAgAEAAYACAAMAA4ArgEAMAEzcC5IsgEANIEDjczMjAjTllNMjo1NzEy2gQCCAHgBADwBPTYiLAB-gQSCQAAAKDvv0ZAEQAAAGBtZVLAiAUBmAUAoAX___________8BqgUtODQ5MjQwOTctMjI1OC00NTFlLTg2ODQtMWI0MDVjNGQ5YzQzX0FwcE5leHVzwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFkZRA-gUEAbYokAYAmAYAuAYAwQYBLzAAAPA_0AapJdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSAQYAAX-MLQEQADIB-rPBdIHDQkROgE4CNoHBgknaOAHAOoHAggA8AfE_weKCAIQAJUIAACAP5gIAQ..&s=a5c58e0fd0f2ff0b1584461b63d59a7eea1f225e&pp=0.195457
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.113 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
4d45d737-a68c-499d-ad79-e2f23ae7c430
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
it
nym1-ib.adnxs.com/ Frame D4EC 		0
817 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&e=wqT_3QK9DPDtPQYAAAMA1gAFAQj6mNiXBhCAsoDMu7O4vnEY1tmUoq6KibFkKjYJRHzTS-GUzj8RXiBifroEyT8ZAAAAYLgeDUAhxvp054r80j8pTBqjdVQ11z8xAAAA4FG43j8whfrzCjipH0CYOUgCUPTYiLABWMWqlQFgAGjPglZ46s8FgAEBigEDVVNEkgEDQlJMmAGsAqAB2ASoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKApYBdWYoJ2EnLCA1NTY3NDUwLCAxNjYwMjkyMjE4KTt1ZignaScsIDczODUxOTUsIDE2NjAyOTIyMTgpOwEdLGcnLCAxODM4NDE5MUY7ADBzJywgMjc2NDYzNjI2Rh8AMHInLCAzNjkyNDEyMDQ2HwDwi5ICoQQhVzJtVW5BajU5YlVaRVBUWWlMQUJHQUFneGFxVkFUQUVPQUJBQUVpWU9WQ0Ytdk1LV0FCZ3BnWm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUkNvQVFxd0FRQzVBUVVjU1lGWE5kY193UUVGSEVtQlZ6WFhQOGtCQUFBQUFBQUE4RF9aQVFBCQ50UEFfNEFIcjRNSUQ5UUZQdERJX21BSUFvQUlCdFFJBSQAdg0I8Gl3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlCZ0FNQm1BTUJvZ01PQ0xQaWhTTVFDeGdDTFFBQUFBQzZBd2xPV1UweU9qVTNNVExnQTRJdmdBVDg4dDRJaUFUTXJPTUlrQVFCbUFRQndRBTUJAQhNa0UJCQEBGERZQkFEeEIBCw0B4GlBWFFMSmdGaW9EcWd3R3BCWUtRTEdBQ2R4UkFzUVVBQUFEZ3Q4amRQOEVGQUFBQTZJbFc1al9KQhFjDFBBXzAFKA0BBE5rBSgBAfBDOERfZ0JhZWJBdkFGdjRyaUNQZ0YydWZUQW9JR0ExVlRSSWdHQkpBR0FaZ0dBS0VHbXBtWm1abVo3VC1vQmdTeUJpUUoBSA0BAFINCAEBAFoBBQ0BAGgNCCEoPDRCZ28umgKZASFKQmFGanc6JQI0TVdxbFFFZ0FDZ0FNWnEFbRhtZTBfT2dsPV0USkFnaTlKAU8BAQg4RDkdeQBCHXkAQh15BEJwASwJAQRCeAkIAQEQQjRBSWs1cPQ0AjhEOC6yAiQ2YzA2YzY3OS1kMWQzLTQ2NTgtYTU0YS02ZGQxOWU2NmZjNDPYAp9G4ALukF3qAmpodHRwczovL2dsYW1vdXIuZ2xvYm8uY29tL2xpZmVzdHlsZS9ub3RpY2lhLzIwMTkvMTIvbWVsaG9yZXMtZG8tYW5vLW9zLW1lbWVzLW1haXMtZW5ncmFjYWRvcy1kZS0yMDE5LmdodG1sgAMAiAMBkAMAmAMUoAMBqgMAwAOsAsgDANgDkogC4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQOMTQ5LjU2LjE1My4xNzmoBACyBAwIABAAGAAgADAAOAK4BADABM3AuSLIBADSBA43MzIwI05ZTTI6NTcxMtoEAggB4AQA8AT02IiwAfoEEgkAAACg779GQBEAAABgbWVSwIgFAZgFAKAF____________AaoFLTg0OTI0MDk3LTIyNTgtNDUxZS04Njg0LTFiNDA1YzRkOWM0M19BcHBOZXh1c8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBZGUQPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AapJdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgAEAAYACAAMAA4tARAAMgH6s8F0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AcAiggCEACVCAAAgD-YCAE.&s=cbfdd16844d7621156f22980c0545ef16e8b200c
Requested by
Host: nym1-ib.adnxs.com
URL: https://nym1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&e=wqT_3QLWDvDtVgcAAAMA1gAFAQj6mNiXBhCAsoDMu7O4vnEY1tmUoq6KibFkKjYJRHzTS-GUzj8RXiBifroEyT8ZAAAAYLgeDUAhxvp054r80j8pTBqjdVQ11z8xAAAA4FG43j8whfrzCjipH0CYOUgCUPTYiLABWMWqlQFgAGjPglZ46s8FgAEBigEDVVNEkgEDQlJMmAGsAqAB2ASoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKApYBdWYoJ2EnLCA1NTY3NDUwLCAxNjYwMjkyMjE4KTt1ZignaScsIDczODUxOTUsIDE2NjAyOTIyMTgpOwEdLGcnLCAxODM4NDE5MUY7ADBzJywgMjc2NDYzNjI2Rh8AMHInLCAzNjkyNDEyMDQ2HwDwi5ICoQQhVzJtVW5BajU5YlVaRVBUWWlMQUJHQUFneGFxVkFUQUVPQUJBQUVpWU9WQ0Ytdk1LV0FCZ3BnWm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUkNvQVFxd0FRQzVBUVVjU1lGWE5kY193UUVGSEVtQlZ6WFhQOGtCQUFBQUFBQUE4RF9aQVFBCQ50UEFfNEFIcjRNSUQ5UUZQdERJX21BSUFvQUlCdFFJBSQAdg0I8Gl3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlCZ0FNQm1BTUJvZ01PQ0xQaWhTTVFDeGdDTFFBQUFBQzZBd2xPV1UweU9qVTNNVExnQTRJdmdBVDg4dDRJaUFUTXJPTUlrQVFCbUFRQndRBTUJAQhNa0UJCQEBGERZQkFEeEIBCw0B4GlBWFFMSmdGaW9EcWd3R3BCWUtRTEdBQ2R4UkFzUVVBQUFEZ3Q4amRQOEVGQUFBQTZJbFc1al9KQhFjDFBBXzAFKA0BBE5rBSgBAfBDOERfZ0JhZWJBdkFGdjRyaUNQZ0YydWZUQW9JR0ExVlRSSWdHQkpBR0FaZ0dBS0VHbXBtWm1abVo3VC1vQmdTeUJpUUoBSA0BAFINCAEBAFoBBQ0BAGgNCCEoPDRCZ28umgKZASFKQmFGanc6JQI0TVdxbFFFZ0FDZ0FNWnEFbRhtZTBfT2dsPV0USkFnaTlKAU8BAQg4RDkdeQBCHXkAQh15BEJwASwJAQRCeAkIAQEQQjRBSWs1cPDQOEQ4LrICJDZjMDZjNjc5LWQxZDMtNDY1OC1hNTRhLTZkZDE5ZTY2ZmM0M9gCn0bgAu6QXeoCamh0dHBzOi8vZ2xhbW91ci5nbG9iby5jb20vbGlmZXN0eWxlL25vdGljaWEvMjAxOS8xMi9tZWxob3Jlcy1kby1hbm8tb3MtbWVtZXMtbWFpcy1lbmdyYWNhZG9zLWRlLTIwMTkuZ2h0bWzyAhEKBkFEVl9JRBIHNTU2NzQ1MPICEgoGQ1BHX0lEEggxODM4NDE5MfICEgoFQ1ABFAwJMjc2aco88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAWEgBzczODUxOTXyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwVCghTUExJVAFNGdn0BQGAAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOSiALgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xNDkuNTYuMTUzLjE3OagEALIEDAgAEAAYACAAMAA4ArgEAMAEzcC5IsgEANIEDjczMjAjTllNMjo1NzEy2gQCCAHgBADwBPTYiLAB-gQSCQAAAKDvv0ZAEQAAAGBtZVLAiAUBmAUAoAX___________8BqgUtODQ5MjQwOTctMjI1OC00NTFlLTg2ODQtMWI0MDVjNGQ5YzQzX0FwcE5leHVzwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFkZRA-gUEAbYokAYAmAYAuAYAwQYBLzAAAPA_0AapJdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSAQYAAX-MLQEQADIB-rPBdIHDQkROgE4CNoHBgknaOAHAOoHAggA8AfE_weKCAIQAJUIAACAP5gIAQ..&s=a5c58e0fd0f2ff0b1584461b63d59a7eea1f225e&pp=0.195457
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.113 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
11d177ad-3a17-4e95-969e-a588c1e017f4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame D4EC 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: nym1-ib.adnxs.com
URL: https://nym1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&e=wqT_3QLWDvDtVgcAAAMA1gAFAQj6mNiXBhCAsoDMu7O4vnEY1tmUoq6KibFkKjYJRHzTS-GUzj8RXiBifroEyT8ZAAAAYLgeDUAhxvp054r80j8pTBqjdVQ11z8xAAAA4FG43j8whfrzCjipH0CYOUgCUPTYiLABWMWqlQFgAGjPglZ46s8FgAEBigEDVVNEkgEDQlJMmAGsAqAB2ASoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKApYBdWYoJ2EnLCA1NTY3NDUwLCAxNjYwMjkyMjE4KTt1ZignaScsIDczODUxOTUsIDE2NjAyOTIyMTgpOwEdLGcnLCAxODM4NDE5MUY7ADBzJywgMjc2NDYzNjI2Rh8AMHInLCAzNjkyNDEyMDQ2HwDwi5ICoQQhVzJtVW5BajU5YlVaRVBUWWlMQUJHQUFneGFxVkFUQUVPQUJBQUVpWU9WQ0Ytdk1LV0FCZ3BnWm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUkNvQVFxd0FRQzVBUVVjU1lGWE5kY193UUVGSEVtQlZ6WFhQOGtCQUFBQUFBQUE4RF9aQVFBCQ50UEFfNEFIcjRNSUQ5UUZQdERJX21BSUFvQUlCdFFJBSQAdg0I8Gl3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlCZ0FNQm1BTUJvZ01PQ0xQaWhTTVFDeGdDTFFBQUFBQzZBd2xPV1UweU9qVTNNVExnQTRJdmdBVDg4dDRJaUFUTXJPTUlrQVFCbUFRQndRBTUJAQhNa0UJCQEBGERZQkFEeEIBCw0B4GlBWFFMSmdGaW9EcWd3R3BCWUtRTEdBQ2R4UkFzUVVBQUFEZ3Q4amRQOEVGQUFBQTZJbFc1al9KQhFjDFBBXzAFKA0BBE5rBSgBAfBDOERfZ0JhZWJBdkFGdjRyaUNQZ0YydWZUQW9JR0ExVlRSSWdHQkpBR0FaZ0dBS0VHbXBtWm1abVo3VC1vQmdTeUJpUUoBSA0BAFINCAEBAFoBBQ0BAGgNCCEoPDRCZ28umgKZASFKQmFGanc6JQI0TVdxbFFFZ0FDZ0FNWnEFbRhtZTBfT2dsPV0USkFnaTlKAU8BAQg4RDkdeQBCHXkAQh15BEJwASwJAQRCeAkIAQEQQjRBSWs1cPDQOEQ4LrICJDZjMDZjNjc5LWQxZDMtNDY1OC1hNTRhLTZkZDE5ZTY2ZmM0M9gCn0bgAu6QXeoCamh0dHBzOi8vZ2xhbW91ci5nbG9iby5jb20vbGlmZXN0eWxlL25vdGljaWEvMjAxOS8xMi9tZWxob3Jlcy1kby1hbm8tb3MtbWVtZXMtbWFpcy1lbmdyYWNhZG9zLWRlLTIwMTkuZ2h0bWzyAhEKBkFEVl9JRBIHNTU2NzQ1MPICEgoGQ1BHX0lEEggxODM4NDE5MfICEgoFQ1ABFAwJMjc2aco88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAWEgBzczODUxOTXyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwVCghTUExJVAFNGdn0BQGAAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOSiALgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xNDkuNTYuMTUzLjE3OagEALIEDAgAEAAYACAAMAA4ArgEAMAEzcC5IsgEANIEDjczMjAjTllNMjo1NzEy2gQCCAHgBADwBPTYiLAB-gQSCQAAAKDvv0ZAEQAAAGBtZVLAiAUBmAUAoAX___________8BqgUtODQ5MjQwOTctMjI1OC00NTFlLTg2ODQtMWI0MDVjNGQ5YzQzX0FwcE5leHVzwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFkZRA-gUEAbYokAYAmAYAuAYAwQYBLzAAAPA_0AapJdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSAQYAAX-MLQEQADIB-rPBdIHDQkROgE4CNoHBgknaOAHAOoHAggA8AfE_weKCAIQAJUIAACAP5gIAQ..&s=a5c58e0fd0f2ff0b1584461b63d59a7eea1f225e&pp=0.195457
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.228 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:17:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29216
Expires
Sat, 12 Aug 2023 08:17:00 GMT
ev
s.seedtag.com/e/ 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/e/ev
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.245ca9ae237c3d8742dd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Aug 2022 08:17:00 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cookiesyncendpoint
sync.aniview.com/ Frame ED24
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17184&khaos=L6Q748YP-1X-5LKK
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=L6Q748YP-1X-5LKK
0
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=L6Q748YP-1X-5LKK
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Protocol
H2
Server
52.70.17.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-17-67.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:00 GMT
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=L6Q748YP-1X-5LKK
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
c57992b917a1c5de787b922c662fdf18
Expires
0
client
ssl.connextra.com/Bet99/selector/ Frame DC0B 		1003 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssl.connextra.com/Bet99/selector/client?client=Bet99&placement=DDM_APN_SB_ACQ_CA_FR_728x90&_cb=1048614941&apnauc=803934936762951719&bidid=803934936762951719&dspid=3bc1d7fd2e&tclk=https://nym1-ib.adnxs.com/click?RHzTS-GUzj9eIGJ-ugTJPwAAAAAAAA5AsN1KavnV1j8noImw4enbPycoSMiQJigL1ixF5FIkYmR6DPZiAAAAAAH9XAGpDwAAmBwAAAIAAAB-LAIWRVUlAAAAAABVU0QAQlJMANgCWgBPgQAAAAABAgUCAAAAAKoANiJsIwAAAAA./bcr=AAAAAAAA8D8=/cnd=%21MxbmlAj59bUZEP7YiLABGMWqlQEgACgAMZqZmZmZme0_OglOWU0yOjQ0NzVAgi9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjQ0NzU=/bn=87217/clickenc=
Requested by
Host: nym1-ib.adnxs.com
URL: https://nym1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&e=wqT_3QLVDuhVBwAAAwDWAAUBCPqY2JcGEKfQoMKM0omUCxjW2ZSiroqJsWQqNglEfNNL4ZTOPxFeIGJ-ugTJPxkAAAEC8MIOQCGw3Upq-dXWPyknoImw4enbPzEAAACA61HgPzCB-vMKOKkfQJg5SAJQ_tiIsAFYxaqVAWAAaM-CVnixqQWAAQGKAQNVU0SSAQNCUkyYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigKWAXVmKCdhJywgNTU2NzQ1MCwgMTY2MDI5MjIxOCk7dWYoJ2knLCA3Mzg1MTk1LCAxNjYwMjkyMjE4KTt1ZignZycsIDE4Mzg0MTkxLCAxNjYyHgAwcycsIDI3NjQ2MzYyNkY9ADByJywgMzY5MjQxMjE0Nh8A8IuSAqEEIU1XMXh3UWo1OWJVWkVQN1lpTEFCR0FBZ3hhcVZBVEFFT0FCQUFFaVlPVkNCLXZNS1dBQmdwZ1pvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVJDb0FRcXdBUUM1QVFEV0JCVGw2ZHNfd1FFQTFnUVU1ZW5iUDhrQkFBQUFBQUFBOERfWkFRQQkOdFBBXzRBSHI0TUlEOVFGZDcxWV9tQUlBb0FJQnRRSQUkAHYNCPBpd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQmdBTUJtQU1Cb2dNT0NMUGloU01RQ3hnQ0xRQUFBQUM2QXdsT1dVMHlPalEwTnpYZ0E0SXZnQVQ4OHQ0SWlBVE1yT01Ja0FRQm1BUUJ3UQU1CQEITWtFCQkBARhEWUJBRHhCAQsNAeBpQVg3SXBnRmlvRHFnd0dwQllLUUxHQUNkeFJBc1FVQUFBREFSLW5oUDhFRkFBQUFvT3ZkNmpfSkIRYwxQQV8wBSgNAQROawUoAQHwRjhEX2dCZF9VQXZBRnY0cmlDUGdGMnVmVEFvSUdBMVZUUklnR0JKQUdBWmdHQUtFR21wbVptWm1aN1Qtb0JnU3lCaVFKQUFBEQMAUhEJDEFBQVoBBQ0BAGgNCCEoPDRCZ28umgKZASFNeGJtbEE6JQI0TVdxbFFFZ0FDZ0FNWnEFbRhtZTBfT2dsPV0UVkFnaTlKAU8BAQg4RDkdeQBCHXkAQh15BEJwASwJAQRCeAkIAQEQQjRBSWs1cPDQOEQ4LrICJDZjMDZjNjc5LWQxZDMtNDY1OC1hNTRhLTZkZDE5ZTY2ZmM0M9gCn0bgAu6QXeoCamh0dHBzOi8vZ2xhbW91ci5nbG9iby5jb20vbGlmZXN0eWxlL25vdGljaWEvMjAxOS8xMi9tZWxob3Jlcy1kby1hbm8tb3MtbWVtZXMtbWFpcy1lbmdyYWNhZG9zLWRlLTIwMTkuZ2h0bWzyAhEKBkFEVl9JRBIHNTU2NzQ1MPICEgoGQ1BHX0lEEggxODM4NDE5MfICEgoFQ1ABFAwJMjc2aco88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAWEIBzczhWYA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8OWAAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOSiALgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xNDkuNTYuMTUzLjE3OagEALIEDAgAEAAYACAAMAA4ArgEAMAEzcC5IsgEANIEDjczMjAjTllNMjo0NDc12gQCCAHgBADwBP7YiLAB-gQSCQAAAKDvv0ZAEQAAAGBtZVLAiAUBmAUAoAX___________8BqgUtODc2NzZhNTktN2VmZC00NjI0LWI1YzQtMTliZTM1ODc5MGEwX0FwcE5leHVzwAUAyQUAAMFqFPA_0gUJCQEKAQE02AUB4AUB8AWRlED6BQQBtiiQBgCYBgC4BgDBBgEhMAAA8D_QBqkl2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFIBBgABf4stARAAMgHsakF0gcNFXYBOAjaBwYJJ2jgBwDqBwIIAPAHxP8HiggCEACVCAAAgD-YCAE.&s=da9e8a2304858479368f317ff0472b2d743b006d&pp=0.195457
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.81.133.133 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-81-133-133.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bbd4b697b7f62c2be5cf4bf1820b6e19a8c9e51ed51e18404dabc54e0468cf86

Request headers

Referer
https://config.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
680
content-type
text/html;charset=utf-8
date
Fri, 12 Aug 2022 08:17:00 GMT
expires
Fri, 12 Aug 2022 08:17:00 GMT
p3p
CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
pragma
no-cache
vary
* Accept-Encoding
x-served-by
vlp-cxtadsrv01.connextra.net
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7B75 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=4009&pub_id=1986072
Requested by
Host: nym1-ib.adnxs.com
URL: https://nym1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&e=wqT_3QLVDuhVBwAAAwDWAAUBCPqY2JcGEKfQoMKM0omUCxjW2ZSiroqJsWQqNglEfNNL4ZTOPxFeIGJ-ugTJPxkAAAEC8MIOQCGw3Upq-dXWPyknoImw4enbPzEAAACA61HgPzCB-vMKOKkfQJg5SAJQ_tiIsAFYxaqVAWAAaM-CVnixqQWAAQGKAQNVU0SSAQNCUkyYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigKWAXVmKCdhJywgNTU2NzQ1MCwgMTY2MDI5MjIxOCk7dWYoJ2knLCA3Mzg1MTk1LCAxNjYwMjkyMjE4KTt1ZignZycsIDE4Mzg0MTkxLCAxNjYyHgAwcycsIDI3NjQ2MzYyNkY9ADByJywgMzY5MjQxMjE0Nh8A8IuSAqEEIU1XMXh3UWo1OWJVWkVQN1lpTEFCR0FBZ3hhcVZBVEFFT0FCQUFFaVlPVkNCLXZNS1dBQmdwZ1pvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVJDb0FRcXdBUUM1QVFEV0JCVGw2ZHNfd1FFQTFnUVU1ZW5iUDhrQkFBQUFBQUFBOERfWkFRQQkOdFBBXzRBSHI0TUlEOVFGZDcxWV9tQUlBb0FJQnRRSQUkAHYNCPBpd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQmdBTUJtQU1Cb2dNT0NMUGloU01RQ3hnQ0xRQUFBQUM2QXdsT1dVMHlPalEwTnpYZ0E0SXZnQVQ4OHQ0SWlBVE1yT01Ja0FRQm1BUUJ3UQU1CQEITWtFCQkBARhEWUJBRHhCAQsNAeBpQVg3SXBnRmlvRHFnd0dwQllLUUxHQUNkeFJBc1FVQUFBREFSLW5oUDhFRkFBQUFvT3ZkNmpfSkIRYwxQQV8wBSgNAQROawUoAQHwRjhEX2dCZF9VQXZBRnY0cmlDUGdGMnVmVEFvSUdBMVZUUklnR0JKQUdBWmdHQUtFR21wbVptWm1aN1Qtb0JnU3lCaVFKQUFBEQMAUhEJDEFBQVoBBQ0BAGgNCCEoPDRCZ28umgKZASFNeGJtbEE6JQI0TVdxbFFFZ0FDZ0FNWnEFbRhtZTBfT2dsPV0UVkFnaTlKAU8BAQg4RDkdeQBCHXkAQh15BEJwASwJAQRCeAkIAQEQQjRBSWs1cPDQOEQ4LrICJDZjMDZjNjc5LWQxZDMtNDY1OC1hNTRhLTZkZDE5ZTY2ZmM0M9gCn0bgAu6QXeoCamh0dHBzOi8vZ2xhbW91ci5nbG9iby5jb20vbGlmZXN0eWxlL25vdGljaWEvMjAxOS8xMi9tZWxob3Jlcy1kby1hbm8tb3MtbWVtZXMtbWFpcy1lbmdyYWNhZG9zLWRlLTIwMTkuZ2h0bWzyAhEKBkFEVl9JRBIHNTU2NzQ1MPICEgoGQ1BHX0lEEggxODM4NDE5MfICEgoFQ1ABFAwJMjc2aco88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAWEIBzczhWYA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8OWAAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOSiALgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xNDkuNTYuMTUzLjE3OagEALIEDAgAEAAYACAAMAA4ArgEAMAEzcC5IsgEANIEDjczMjAjTllNMjo0NDc12gQCCAHgBADwBP7YiLAB-gQSCQAAAKDvv0ZAEQAAAGBtZVLAiAUBmAUAoAX___________8BqgUtODc2NzZhNTktN2VmZC00NjI0LWI1YzQtMTliZTM1ODc5MGEwX0FwcE5leHVzwAUAyQUAAMFqFPA_0gUJCQEKAQE02AUB4AUB8AWRlED6BQQBtiiQBgCYBgC4BgDBBgEhMAAA8D_QBqkl2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFIBBgABf4stARAAMgHsakF0gcNFXYBOAjaBwYJJ2jgBwDqBwIIAPAHxP8HiggCEACVCAAAgD-YCAE.&s=da9e8a2304858479368f317ff0472b2d743b006d&pp=0.195457
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.228 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-228.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://config.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 12 Aug 2022 08:17:00 GMT
ETag
"623de86a-cf34"
Expires
Sat, 13 Aug 2022 08:17:02 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
rd_log
nym1-ib.adnxs.com/ Frame DF5C 		0
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&e=wqT_3QLTDuhTBwAAAwDWAAUBCPqY2JcGEKfQoMKM0omUCxjW2ZSiroqJsWQqNglEfNNL4ZTOPxFeIGJ-ugTJPxkAAAEC8MIOQCGw3Upq-dXWPyknoImw4enbPzEAAACA61HgPzCB-vMKOKkfQJg5SAJQ_tiIsAFYxaqVAWAAaM-CVnixqQWAAQGKAQNVU0SSAQNCUkyYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigKWAXVmKCdhJywgNTU2NzQ1MCwgMTY2MDI5MjIxOCk7dWYoJ2knLCA3Mzg1MTk1LCAxNjYwMjkyMjE4KTt1ZignZycsIDE4Mzg0MTkxLCAxNjYyHgAwcycsIDI3NjQ2MzYyNkY9ADByJywgMzY5MjQxMjE0Nh8A8IuSAqEEIU1XMXh3UWo1OWJVWkVQN1lpTEFCR0FBZ3hhcVZBVEFFT0FCQUFFaVlPVkNCLXZNS1dBQmdwZ1pvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVJDb0FRcXdBUUM1QVFEV0JCVGw2ZHNfd1FFQTFnUVU1ZW5iUDhrQkFBQUFBQUFBOERfWkFRQQkOdFBBXzRBSHI0TUlEOVFGZDcxWV9tQUlBb0FJQnRRSQUkAHYNCPBpd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQmdBTUJtQU1Cb2dNT0NMUGloU01RQ3hnQ0xRQUFBQUM2QXdsT1dVMHlPalEwTnpYZ0E0SXZnQVQ4OHQ0SWlBVE1yT01Ja0FRQm1BUUJ3UQU1CQEITWtFCQkBARhEWUJBRHhCAQsNAeBpQVg3SXBnRmlvRHFnd0dwQllLUUxHQUNkeFJBc1FVQUFBREFSLW5oUDhFRkFBQUFvT3ZkNmpfSkIRYwxQQV8wBSgNAQROawUoAQHwRjhEX2dCZF9VQXZBRnY0cmlDUGdGMnVmVEFvSUdBMVZUUklnR0JKQUdBWmdHQUtFR21wbVptWm1aN1Qtb0JnU3lCaVFKQUFBEQMAUhEJDEFBQVoBBQ0BAGgNCCEoPDRCZ28umgKZASFNeGJtbEE6JQI0TVdxbFFFZ0FDZ0FNWnEFbRhtZTBfT2dsPV0UVkFnaTlKAU8BAQg4RDkdeQBCHXkAQh15BEJwASwJAQRCeAkIAQEQQjRBSWs1cPDQOEQ4LrICJDZjMDZjNjc5LWQxZDMtNDY1OC1hNTRhLTZkZDE5ZTY2ZmM0M9gCn0bgAu6QXeoCamh0dHBzOi8vZ2xhbW91ci5nbG9iby5jb20vbGlmZXN0eWxlL25vdGljaWEvMjAxOS8xMi9tZWxob3Jlcy1kby1hbm8tb3MtbWVtZXMtbWFpcy1lbmdyYWNhZG9zLWRlLTIwMTkuZ2h0bWzyAhEKBkFEVl9JRBIHNTU2NzQ1MPICEgoGQ1BHX0lEEggxODM4NDE5MfICEgoFQ1ABFAwJMjc2aco88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAWEIBzczhWYA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8OWAAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOSiALgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xNDkuNTYuMTUzLjE3OagEALIEDAgAEAAYACAAMAA4ArgEAMAEzcC5IsgEANIEDjczMjAjTllNMjo0NDc12gQCCAHgBADwBP7YiLAB-gQSCQAAAKDvv0ZAEQAAAGBtZVLAiAUBmAUAoAX___________8BqgUtODc2NzZhNTktN2VmZC00NjI0LWI1YzQtMTliZTM1ODc5MGEwX0FwcE5leHVzwAUAyQUAAMFqFPA_0gUJCQEKAQE02AUB4AUB8AWRlED6BQQBtiiQBgCYBgC4BgDBBgEhMAAA8D_QBqkl2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFIBBgABf4stARAAMgHsakF0gcNFXYBOAjaBwYJJ2DgBwDqBwIIAPAHAIoIAhAAlQgAAIA_mAgB&s=abead4f26043e5aec22a2c6bf2ee0a93c88a6632&bdref=https%3A%2F%2Fglamour.globo.com&bdtop=false&bdifs=2&bstk=https%3A%2F%2Fglamour.globo.com,https%3A%2F%2Fglamour.globo.com%2F,https%3A%2F%2Fconfig.seedtag.com%2Fstandard-iframe%2Findex.v1.html&
Requested by
Host: nym1-ib.adnxs.com
URL: https://nym1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&e=wqT_3QLVDuhVBwAAAwDWAAUBCPqY2JcGEKfQoMKM0omUCxjW2ZSiroqJsWQqNglEfNNL4ZTOPxFeIGJ-ugTJPxkAAAEC8MIOQCGw3Upq-dXWPyknoImw4enbPzEAAACA61HgPzCB-vMKOKkfQJg5SAJQ_tiIsAFYxaqVAWAAaM-CVnixqQWAAQGKAQNVU0SSAQNCUkyYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigKWAXVmKCdhJywgNTU2NzQ1MCwgMTY2MDI5MjIxOCk7dWYoJ2knLCA3Mzg1MTk1LCAxNjYwMjkyMjE4KTt1ZignZycsIDE4Mzg0MTkxLCAxNjYyHgAwcycsIDI3NjQ2MzYyNkY9ADByJywgMzY5MjQxMjE0Nh8A8IuSAqEEIU1XMXh3UWo1OWJVWkVQN1lpTEFCR0FBZ3hhcVZBVEFFT0FCQUFFaVlPVkNCLXZNS1dBQmdwZ1pvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVJDb0FRcXdBUUM1QVFEV0JCVGw2ZHNfd1FFQTFnUVU1ZW5iUDhrQkFBQUFBQUFBOERfWkFRQQkOdFBBXzRBSHI0TUlEOVFGZDcxWV9tQUlBb0FJQnRRSQUkAHYNCPBpd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQmdBTUJtQU1Cb2dNT0NMUGloU01RQ3hnQ0xRQUFBQUM2QXdsT1dVMHlPalEwTnpYZ0E0SXZnQVQ4OHQ0SWlBVE1yT01Ja0FRQm1BUUJ3UQU1CQEITWtFCQkBARhEWUJBRHhCAQsNAeBpQVg3SXBnRmlvRHFnd0dwQllLUUxHQUNkeFJBc1FVQUFBREFSLW5oUDhFRkFBQUFvT3ZkNmpfSkIRYwxQQV8wBSgNAQROawUoAQHwRjhEX2dCZF9VQXZBRnY0cmlDUGdGMnVmVEFvSUdBMVZUUklnR0JKQUdBWmdHQUtFR21wbVptWm1aN1Qtb0JnU3lCaVFKQUFBEQMAUhEJDEFBQVoBBQ0BAGgNCCEoPDRCZ28umgKZASFNeGJtbEE6JQI0TVdxbFFFZ0FDZ0FNWnEFbRhtZTBfT2dsPV0UVkFnaTlKAU8BAQg4RDkdeQBCHXkAQh15BEJwASwJAQRCeAkIAQEQQjRBSWs1cPDQOEQ4LrICJDZjMDZjNjc5LWQxZDMtNDY1OC1hNTRhLTZkZDE5ZTY2ZmM0M9gCn0bgAu6QXeoCamh0dHBzOi8vZ2xhbW91ci5nbG9iby5jb20vbGlmZXN0eWxlL25vdGljaWEvMjAxOS8xMi9tZWxob3Jlcy1kby1hbm8tb3MtbWVtZXMtbWFpcy1lbmdyYWNhZG9zLWRlLTIwMTkuZ2h0bWzyAhEKBkFEVl9JRBIHNTU2NzQ1MPICEgoGQ1BHX0lEEggxODM4NDE5MfICEgoFQ1ABFAwJMjc2aco88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAWEIBzczhWYA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8OWAAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOSiALgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xNDkuNTYuMTUzLjE3OagEALIEDAgAEAAYACAAMAA4ArgEAMAEzcC5IsgEANIEDjczMjAjTllNMjo0NDc12gQCCAHgBADwBP7YiLAB-gQSCQAAAKDvv0ZAEQAAAGBtZVLAiAUBmAUAoAX___________8BqgUtODc2NzZhNTktN2VmZC00NjI0LWI1YzQtMTliZTM1ODc5MGEwX0FwcE5leHVzwAUAyQUAAMFqFPA_0gUJCQEKAQE02AUB4AUB8AWRlED6BQQBtiiQBgCYBgC4BgDBBgEhMAAA8D_QBqkl2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFIBBgABf4stARAAMgHsakF0gcNFXYBOAjaBwYJJ2jgBwDqBwIIAPAHxP8HiggCEACVCAAAgD-YCAE.&s=da9e8a2304858479368f317ff0472b2d743b006d&pp=0.195457
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.113 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
f70c2395-b790-4f6f-abb0-441a8b4a692d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
it
nym1-ib.adnxs.com/ Frame DF5C 		0
817 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&e=wqT_3QK8DOg8BgAAAwDWAAUBCPqY2JcGEKfQoMKM0omUCxjW2ZSiroqJsWQqNglEfNNL4ZTOPxFeIGJ-ugTJPxkAAAEC8MIOQCGw3Upq-dXWPyknoImw4enbPzEAAACA61HgPzCB-vMKOKkfQJg5SAJQ_tiIsAFYxaqVAWAAaM-CVnixqQWAAQGKAQNVU0SSAQNCUkyYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigKWAXVmKCdhJywgNTU2NzQ1MCwgMTY2MDI5MjIxOCk7dWYoJ2knLCA3Mzg1MTk1LCAxNjYwMjkyMjE4KTt1ZignZycsIDE4Mzg0MTkxLCAxNjYyHgAwcycsIDI3NjQ2MzYyNkY9ADByJywgMzY5MjQxMjE0Nh8A8IuSAqEEIU1XMXh3UWo1OWJVWkVQN1lpTEFCR0FBZ3hhcVZBVEFFT0FCQUFFaVlPVkNCLXZNS1dBQmdwZ1pvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVJDb0FRcXdBUUM1QVFEV0JCVGw2ZHNfd1FFQTFnUVU1ZW5iUDhrQkFBQUFBQUFBOERfWkFRQQkOdFBBXzRBSHI0TUlEOVFGZDcxWV9tQUlBb0FJQnRRSQUkAHYNCPBpd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQmdBTUJtQU1Cb2dNT0NMUGloU01RQ3hnQ0xRQUFBQUM2QXdsT1dVMHlPalEwTnpYZ0E0SXZnQVQ4OHQ0SWlBVE1yT01Ja0FRQm1BUUJ3UQU1CQEITWtFCQkBARhEWUJBRHhCAQsNAeBpQVg3SXBnRmlvRHFnd0dwQllLUUxHQUNkeFJBc1FVQUFBREFSLW5oUDhFRkFBQUFvT3ZkNmpfSkIRYwxQQV8wBSgNAQROawUoAQHwRjhEX2dCZF9VQXZBRnY0cmlDUGdGMnVmVEFvSUdBMVZUUklnR0JKQUdBWmdHQUtFR21wbVptWm1aN1Qtb0JnU3lCaVFKQUFBEQMAUhEJDEFBQVoBBQ0BAGgNCCEoPDRCZ28umgKZASFNeGJtbEE6JQI0TVdxbFFFZ0FDZ0FNWnEFbRhtZTBfT2dsPV0UVkFnaTlKAU8BAQg4RDkdeQBCHXkAQh15BEJwASwJAQRCeAkIAQEQQjRBSWs1cPS2AThEOC6yAiQ2YzA2YzY3OS1kMWQzLTQ2NTgtYTU0YS02ZGQxOWU2NmZjNDPYAp9G4ALukF3qAmpodHRwczovL2dsYW1vdXIuZ2xvYm8uY29tL2xpZmVzdHlsZS9ub3RpY2lhLzIwMTkvMTIvbWVsaG9yZXMtZG8tYW5vLW9zLW1lbWVzLW1haXMtZW5ncmFjYWRvcy1kZS0yMDE5LmdodG1sgAMAiAMBkAMAmAMUoAMBqgMAwAOsAsgDANgDkogC4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQOMTQ5LjU2LjE1My4xNzmoBACyBAwIABAAGAAgADAAOAK4BADABM3AuSLIBADSBA43MzIwI05ZTTI6NDQ3NdoEAggB4AQA8AT-2IiwAfoEEgkAAACg779GQBEAAABgbWVSwIgFAZgFAKAF____________AaoFLTg3Njc2YTU5LTdlZmQtNDYyNC1iNWM0LTE5YmUzNTg3OTBhMF9BcHBOZXh1c8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBZGUQPoFBAgAEACQBgCYBgC4BgDBBgChgywA8D_QBqkl2gYWChAFEB0BYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOLQEQADIB7GpBdIHDQkROwE4CNoHBgknYOAHAOoHAggA8AcAiggCEACVCAAAgD-YCAE.&s=32424a1ae5ea2aa21bb0065ed8a4a262e144d225
Requested by
Host: nym1-ib.adnxs.com
URL: https://nym1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&e=wqT_3QLVDuhVBwAAAwDWAAUBCPqY2JcGEKfQoMKM0omUCxjW2ZSiroqJsWQqNglEfNNL4ZTOPxFeIGJ-ugTJPxkAAAEC8MIOQCGw3Upq-dXWPyknoImw4enbPzEAAACA61HgPzCB-vMKOKkfQJg5SAJQ_tiIsAFYxaqVAWAAaM-CVnixqQWAAQGKAQNVU0SSAQNCUkyYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigKWAXVmKCdhJywgNTU2NzQ1MCwgMTY2MDI5MjIxOCk7dWYoJ2knLCA3Mzg1MTk1LCAxNjYwMjkyMjE4KTt1ZignZycsIDE4Mzg0MTkxLCAxNjYyHgAwcycsIDI3NjQ2MzYyNkY9ADByJywgMzY5MjQxMjE0Nh8A8IuSAqEEIU1XMXh3UWo1OWJVWkVQN1lpTEFCR0FBZ3hhcVZBVEFFT0FCQUFFaVlPVkNCLXZNS1dBQmdwZ1pvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVJDb0FRcXdBUUM1QVFEV0JCVGw2ZHNfd1FFQTFnUVU1ZW5iUDhrQkFBQUFBQUFBOERfWkFRQQkOdFBBXzRBSHI0TUlEOVFGZDcxWV9tQUlBb0FJQnRRSQUkAHYNCPBpd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQmdBTUJtQU1Cb2dNT0NMUGloU01RQ3hnQ0xRQUFBQUM2QXdsT1dVMHlPalEwTnpYZ0E0SXZnQVQ4OHQ0SWlBVE1yT01Ja0FRQm1BUUJ3UQU1CQEITWtFCQkBARhEWUJBRHhCAQsNAeBpQVg3SXBnRmlvRHFnd0dwQllLUUxHQUNkeFJBc1FVQUFBREFSLW5oUDhFRkFBQUFvT3ZkNmpfSkIRYwxQQV8wBSgNAQROawUoAQHwRjhEX2dCZF9VQXZBRnY0cmlDUGdGMnVmVEFvSUdBMVZUUklnR0JKQUdBWmdHQUtFR21wbVptWm1aN1Qtb0JnU3lCaVFKQUFBEQMAUhEJDEFBQVoBBQ0BAGgNCCEoPDRCZ28umgKZASFNeGJtbEE6JQI0TVdxbFFFZ0FDZ0FNWnEFbRhtZTBfT2dsPV0UVkFnaTlKAU8BAQg4RDkdeQBCHXkAQh15BEJwASwJAQRCeAkIAQEQQjRBSWs1cPDQOEQ4LrICJDZjMDZjNjc5LWQxZDMtNDY1OC1hNTRhLTZkZDE5ZTY2ZmM0M9gCn0bgAu6QXeoCamh0dHBzOi8vZ2xhbW91ci5nbG9iby5jb20vbGlmZXN0eWxlL25vdGljaWEvMjAxOS8xMi9tZWxob3Jlcy1kby1hbm8tb3MtbWVtZXMtbWFpcy1lbmdyYWNhZG9zLWRlLTIwMTkuZ2h0bWzyAhEKBkFEVl9JRBIHNTU2NzQ1MPICEgoGQ1BHX0lEEggxODM4NDE5MfICEgoFQ1ABFAwJMjc2aco88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAWEIBzczhWYA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8OWAAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOSiALgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xNDkuNTYuMTUzLjE3OagEALIEDAgAEAAYACAAMAA4ArgEAMAEzcC5IsgEANIEDjczMjAjTllNMjo0NDc12gQCCAHgBADwBP7YiLAB-gQSCQAAAKDvv0ZAEQAAAGBtZVLAiAUBmAUAoAX___________8BqgUtODc2NzZhNTktN2VmZC00NjI0LWI1YzQtMTliZTM1ODc5MGEwX0FwcE5leHVzwAUAyQUAAMFqFPA_0gUJCQEKAQE02AUB4AUB8AWRlED6BQQBtiiQBgCYBgC4BgDBBgEhMAAA8D_QBqkl2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFIBBgABf4stARAAMgHsakF0gcNFXYBOAjaBwYJJ2jgBwDqBwIIAPAHxP8HiggCEACVCAAAgD-YCAE.&s=da9e8a2304858479368f317ff0472b2d743b006d&pp=0.195457
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.113 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
4ea9f80e-f95d-4a97-8c04-051a15227216
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame DF5C 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: nym1-ib.adnxs.com
URL: https://nym1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&e=wqT_3QLVDuhVBwAAAwDWAAUBCPqY2JcGEKfQoMKM0omUCxjW2ZSiroqJsWQqNglEfNNL4ZTOPxFeIGJ-ugTJPxkAAAEC8MIOQCGw3Upq-dXWPyknoImw4enbPzEAAACA61HgPzCB-vMKOKkfQJg5SAJQ_tiIsAFYxaqVAWAAaM-CVnixqQWAAQGKAQNVU0SSAQNCUkyYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigKWAXVmKCdhJywgNTU2NzQ1MCwgMTY2MDI5MjIxOCk7dWYoJ2knLCA3Mzg1MTk1LCAxNjYwMjkyMjE4KTt1ZignZycsIDE4Mzg0MTkxLCAxNjYyHgAwcycsIDI3NjQ2MzYyNkY9ADByJywgMzY5MjQxMjE0Nh8A8IuSAqEEIU1XMXh3UWo1OWJVWkVQN1lpTEFCR0FBZ3hhcVZBVEFFT0FCQUFFaVlPVkNCLXZNS1dBQmdwZ1pvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVJDb0FRcXdBUUM1QVFEV0JCVGw2ZHNfd1FFQTFnUVU1ZW5iUDhrQkFBQUFBQUFBOERfWkFRQQkOdFBBXzRBSHI0TUlEOVFGZDcxWV9tQUlBb0FJQnRRSQUkAHYNCPBpd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQmdBTUJtQU1Cb2dNT0NMUGloU01RQ3hnQ0xRQUFBQUM2QXdsT1dVMHlPalEwTnpYZ0E0SXZnQVQ4OHQ0SWlBVE1yT01Ja0FRQm1BUUJ3UQU1CQEITWtFCQkBARhEWUJBRHhCAQsNAeBpQVg3SXBnRmlvRHFnd0dwQllLUUxHQUNkeFJBc1FVQUFBREFSLW5oUDhFRkFBQUFvT3ZkNmpfSkIRYwxQQV8wBSgNAQROawUoAQHwRjhEX2dCZF9VQXZBRnY0cmlDUGdGMnVmVEFvSUdBMVZUUklnR0JKQUdBWmdHQUtFR21wbVptWm1aN1Qtb0JnU3lCaVFKQUFBEQMAUhEJDEFBQVoBBQ0BAGgNCCEoPDRCZ28umgKZASFNeGJtbEE6JQI0TVdxbFFFZ0FDZ0FNWnEFbRhtZTBfT2dsPV0UVkFnaTlKAU8BAQg4RDkdeQBCHXkAQh15BEJwASwJAQRCeAkIAQEQQjRBSWs1cPDQOEQ4LrICJDZjMDZjNjc5LWQxZDMtNDY1OC1hNTRhLTZkZDE5ZTY2ZmM0M9gCn0bgAu6QXeoCamh0dHBzOi8vZ2xhbW91ci5nbG9iby5jb20vbGlmZXN0eWxlL25vdGljaWEvMjAxOS8xMi9tZWxob3Jlcy1kby1hbm8tb3MtbWVtZXMtbWFpcy1lbmdyYWNhZG9zLWRlLTIwMTkuZ2h0bWzyAhEKBkFEVl9JRBIHNTU2NzQ1MPICEgoGQ1BHX0lEEggxODM4NDE5MfICEgoFQ1ABFAwJMjc2aco88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAWEIBzczhWYA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8OWAAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOSiALgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xNDkuNTYuMTUzLjE3OagEALIEDAgAEAAYACAAMAA4ArgEAMAEzcC5IsgEANIEDjczMjAjTllNMjo0NDc12gQCCAHgBADwBP7YiLAB-gQSCQAAAKDvv0ZAEQAAAGBtZVLAiAUBmAUAoAX___________8BqgUtODc2NzZhNTktN2VmZC00NjI0LWI1YzQtMTliZTM1ODc5MGEwX0FwcE5leHVzwAUAyQUAAMFqFPA_0gUJCQEKAQE02AUB4AUB8AWRlED6BQQBtiiQBgCYBgC4BgDBBgEhMAAA8D_QBqkl2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFIBBgABf4stARAAMgHsakF0gcNFXYBOAjaBwYJJ2jgBwDqBwIIAPAHxP8HiggCEACVCAAAgD-YCAE.&s=da9e8a2304858479368f317ff0472b2d743b006d&pp=0.195457
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.228 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:17:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29216
Expires
Sat, 12 Aug 2023 08:17:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D37C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022080801&jk=3921357706765368&rc=
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
rtset
bh.contextweb.com/bh/ Frame 9F50
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=N3ZScVZzSnBZaVAzV0M1azVlNGd4dw&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESELQYgmFs68ofCNAgncefWRQ&google_cver=1
49 B
681 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESELQYgmFs68ofCNAgncefWRQ&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-CA
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-stage-0
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESELQYgmFs68ofCNAgncefWRQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 9F50
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=76a6b92fcea8122b&is_secure=true&networkId=14200&version=1&nuid=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAEfVOUzjrYxQMp4D20AAAAAAA&expiration=1660378620&nuid=&is_secure=true
49 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAEfVOUzjrYxQMp4D20AAAAAAA&expiration=1660378620&nuid=&is_secure=true
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-CA
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-stage-0
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:00 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAEfVOUzjrYxQMp4D20AAAAAAA&expiration=1660378620&nuid=&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
rtset
bh.contextweb.com/bh/ Frame 9F50
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=95&gdpr=0&gdpr_consent=
  • https://tags.bluekai.com/site/17724?id=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341&redir=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D543793%26ev%3D3b411936-d003-4cd9-9e67...
  • https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341&gdpr_in_effect=0&gdpr_consent=
49 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341&gdpr_in_effect=0&gdpr_consent=
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-CA
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-stage-0
expires
-1

Redirect headers

location
https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341&gdpr_in_effect=0&gdpr_consent=
date
Fri, 12 Aug 2022 08:17:00 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
ecm3
s.amazon-adsystem.com/ Frame 9F50 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=hMxmzlf716FU&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
7EEZZYMGMM1A8QYV9TC2
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=467226423720066&ev=PageView&dl=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&rl=https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F&if=false&ts=1660292220329&sw=1600&sh=1200&v=2.9.75&r=stable&a=tmsalesforce&ec=0&o=30&fbp=fb.1.1660292220327.1141209380&it=1660292219969&coo=false&rqm=GET
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:00 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 12 Aug 2022 08:17:00 GMT
dcm
s.amazon-adsystem.com/ Frame E020 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YvYMeptZyA-1HFbuQyqMsAAAAd8AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
0MN4G04X62E431WKYWWE
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E020
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YvYMeptZyA.1HFbuQyqMsAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAUtS0zSL0dGNue_Trz6X7A&google_cver=1&google_hm=2
43 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAUtS0zSL0dGNue_Trz6X7A&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
7397c5abf83af97d-YYZ
pragma
no-cache
date
Fri, 12 Aug 2022 08:17:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BlViha3dMqbsJ%2BCZkW73F6wg5WbxO2vvAyWkUtmEZhWF4Qwhi%2Bcd2MoKmmTIF9Brg4I7ZFRhVqRGD1WSxL4VWbA4znGokNhRVnUyywqUw0og7e1tUAcDooFJ8Gt5r8j1DqRma8XqQws3gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAUtS0zSL0dGNue_Trz6X7A&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame E020
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YvYMeptZyA-1HFbuQyqMsAAAAd8AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIIqKazOBv-WeVZiIl7EtM0&google_cver=1
43 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIIqKazOBv-WeVZiIl7EtM0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
7397c5aa4a0ba216-YYZ
pragma
no-cache
date
Fri, 12 Aug 2022 08:17:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uTo%2BBGFUweWKkxm3CfmvgJDqsvzcFtZFrrnih9FnvhjqSljdTQWMs7qxSyCyyo1AlG%2Btk1vKIyeztdjsvVLgUGDMN4NHjr337bkDkTCRU3TlVKo7XzvWvrDtr6I3ng6%2FDAo1ZgwCcSDPNw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIIqKazOBv-WeVZiIl7EtM0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E020
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=b88f2951-bac5-41e7-bff4-9adb35ec6b09&expiration=1662884220&gdpr=0&gdpr_consent=
43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=b88f2951-bac5-41e7-bff4-9adb35ec6b09&expiration=1662884220&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
7397c5abcbdfa235-YYZ
pragma
no-cache
date
Fri, 12 Aug 2022 08:17:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X7nuSpqbZ3K17hZj3HNBcBH%2FNZJFGHc5IOG2GdmebtEuOz0BR0mx6%2Fso8KRzE%2FEcAjBM1FhL%2FnFRoN3Dg0NXct7NYTHPu%2B5GisbgkLdDI0RrT2RxmhtC4Dl6lDBER97U4DdX2jyfH%2FYrGA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=b88f2951-bac5-41e7-bff4-9adb35ec6b09&expiration=1662884220&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
crum
dsum-sec.casalemedia.com/ Frame E020
Redirect Chain
  • https://d.adroll.com/cm/index/ssp
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
950 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
7397c5abf83cf97d-YYZ
pragma
no-cache
date
Fri, 12 Aug 2022 08:17:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6A2PTMLdhMeVfzgDjfNRY0SkBxku%2FzPf76UXLsgoXpu4GpplFo7xYCYOIE3CvwflV6jxbP53%2BIaWpNlyLDE6JfvL32PkX%2BgnOIbYCZ%2FWsWCUcr%2FRh2yRKq7mEzYcU%2FclO739NNAOEh5XLA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Fri, 12 Aug 2022 08:17:00 GMT
server
nginx/1.20.0
content-length
76
ibs:dpid=23728&dpuuid=YvYMeptZyA.1HFbuQyqMsAAA%26479
dpm.demdex.net/ Frame E020 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YvYMeptZyA.1HFbuQyqMsAAA%26479?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.27.120.158 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-27-120-158.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v035-0ad6a1dfd.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
RDW0bKkgRos=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame E020
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=23234c52-1a17-11ed-9465-f3edc820c7ab
43 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=23234c52-1a17-11ed-9465-f3edc820c7ab
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
7397c5abf83df97d-YYZ
pragma
no-cache
date
Fri, 12 Aug 2022 08:17:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pkCPSU%2BB3%2FT2LZHB%2Bx3HzI2ZYIgVYuex4KxN8x2VzbTu45POKFkhzoSJlTDty8WCVTrJGdsA3s9vx1HnHnk5h05%2FgUh3GBJM6cF4fCDXrz8jL9JuStVG9fxgk8bqYn%2Fzl9sptP%2FLVhc%2F3w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
server
Cowboy
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=23234c52-1a17-11ed-9465-f3edc820c7ab
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
lga-delivery-5
Content-Length
0
Expires
Thu, 23 Sep 2004 17:42:04 GMT
rum
dsum-sec.casalemedia.com/ Frame E020
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=s2-c1UJiToJucJinG1V3nJU4mbM
43 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=s2-c1UJiToJucJinG1V3nJU4mbM
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
7397c5abcbdea235-YYZ
pragma
no-cache
date
Fri, 12 Aug 2022 08:17:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHE1YZ%2FJBoV9MQwwcDtLKLluONoc4ChlEznjTvvMPzWA5PunStOGs6rFErlTkOM34kW82h6hEUghWDgphha60%2BKE5upk66pajVZZX6yeC5oXtEhdmrIVRQ7uvjF2zflh%2BPI0Q747cTVzzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=s2-c1UJiToJucJinG1V3nJU4mbM
Date
Fri, 12 Aug 2022 08:17:00 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
ecm3
s.amazon-adsystem.com/ Frame E020 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=YvYMeptZyA-1HFbuQyqMsAAAAd8AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6J13SRZYCHGGCDVTZE7P
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
pagead2.googlesyndication.com/bg/ Frame 887E 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 07:45:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
261062
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14139
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 07:45:58 GMT
usersync
usersync.gumgum.com/ Frame 6FF3
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=4838819436260598658
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=4838819436260598658
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
84775332-329c-4d50-ae01-5ef57d7d356e
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usersync.gumgum.com/usersync?b=apn&i=4838819436260598658
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 6FF3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_72b13e66-8638-4bdc-975a-2eec0f6e1321&gdpr=&gdpr_consent=&us_privacy=
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=562c12ab-42ac-4d31-9b38-debb46a9cd2d&ssp=gumgum2&bsw_param=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
  • https://usersync.gumgum.com/usersync?b=bsw&i=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
Date
Fri, 12 Aug 2022 08:17:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame 6FF3
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28YCQ7QQEIfw8y1OHumdK20MB8yS3ykV7A5eF1oDRx1RO8_lVLN2AVxq8p2UyLHrro%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_72b13e66-8638-4bdc-975a-2eec0f6e1321&obuid=ENC(YCQ7QQEIfw8y1OHumdK20MB8yS3ykV7A5eF1oDRx1RO8_lVLN2AVxq8p2UyLHrro)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=YCQ7QQEIfw8y1OHumdK20MB8yS3ykV7A5eF1oDRx1RO8_lVLN2AVxq8p2UyLHrro
  • https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=outbrain&ssp_uuid=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
  • https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=outbrain&ssp_uuid=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
  • https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=outbrain&user_id=6cb36c40-8c62-4ffe-8686-dfa7226d5fb1
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=9f6c8083-3ab4-40a9-9e61-00d2d73f3398&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=9f6c8083-3ab4-40a9-9e61-00d2d73f3398&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:17:01 GMT
Cache-Control
no-cache
X-TraceId
ead5189d0dc110bdb49309932cb0c517
Content-Length
0

Redirect headers

Location
//sync.outbrain.com/cookie-sync?p=bidswitch&uid=9f6c8083-3ab4-40a9-9e61-00d2d73f3398&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Fri, 12 Aug 2022 08:17:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame 6FF3
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=4835b0b8-af06-4743-96e8-9017d36f1945
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=4835b0b8-af06-4743-96e8-9017d36f1945
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Fri, 12 Aug 2022 08:17:00 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usersync.gumgum.com/usersync?b=opx&i=4835b0b8-af06-4743-96e8-9017d36f1945
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
usersync.gumgum.com/ Frame 6FF3
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-b36f9cd5-4262-4e82-6e70-98a71b55779c$ip$149.56.153.179
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-b36f9cd5-4262-4e82-6e70-98a71b55779c$ip$149.56.153.179
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-b36f9cd5-4262-4e82-6e70-98a71b55779c$ip$149.56.153.179
Date
Fri, 12 Aug 2022 08:17:00 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 6FF3
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-M9KZkjtE2pd6kc4txwSpO7nsRma6pUVHbmU2~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-M9KZkjtE2pd6kc4txwSpO7nsRma6pUVHbmU2~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Fri, 12 Aug 2022 08:17:00 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://usersync.gumgum.com/usersync?b=oth&i=y-M9KZkjtE2pd6kc4txwSpO7nsRma6pUVHbmU2~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
usersync
usersync.gumgum.com/ Frame 6FF3
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=1f908b89-879f-4467-acd7-d70027d2a07e
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=1f908b89-879f-4467-acd7-d70027d2a07e
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=1f908b89-879f-4467-acd7-d70027d2a07e
Date
Fri, 12 Aug 2022 08:17:00 GMT
X-CI-RTID
7929f131-74b0-4385-931e-23c2dd5fa051
Connection
keep-alive
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 6FF3
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=14E007207C1042BAB885E0FAC3A8C6AC
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=14E007207C1042BAB885E0FAC3A8C6AC
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Fri, 12 Aug 2022 08:17:00 GMT
via
1.1 varnish
server
nginx
age
0
location
https://usersync.gumgum.com/usersync?b=snc&i=14E007207C1042BAB885E0FAC3A8C6AC
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
898279325
access-control-allow-origin
*
content-type
text/plain
content-length
0
usersync
usersync.gumgum.com/ Frame 6FF3
Redirect Chain
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=dit&i=di_8e26fc569f664441815e1
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=dit&i=di_8e26fc569f664441815e1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=dit&i=di_8e26fc569f664441815e1
date
Fri, 12 Aug 2022 08:17:00 GMT
server
a
content-type
image/gif
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 6FF3
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_72b13e66-8638-4bdc-975a-2eec0f6e1321&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=CAj9tp6lCQS85i0jAlFa&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVBUC2RZORYDM3CDKFJTQNLJGBVEC3CGME
  • https://usersync.gumgum.com/usersync?b=zem&i=CAj9tp6lCQS85i0jAlFa
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=CAj9tp6lCQS85i0jAlFa
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
P3p
CP="We do not support P3P header."
Location
https://usersync.gumgum.com/usersync?b=zem&i=CAj9tp6lCQS85i0jAlFa
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 6FF3
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=ea9885a8-0f84-4e27-872a-648e2874a0f2
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=ea9885a8-0f84-4e27-872a-648e2874a0f2
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=ea9885a8-0f84-4e27-872a-648e2874a0f2
date
Fri, 12 Aug 2022 08:17:00 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 6FF3
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F1506%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=7768230212
  • https://tags.bluekai.com/site/17724?id=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F1506%2F3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78...
  • https://sync.1rx.io/usersync3/centro/1506/3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341?zcc=0&sspret=1&rndcb=7768230212
  • https://sync.targeting.unrulymedia.com/csync/RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-505d6b14-b8dd-4151-861b-7b8be62c9851-005
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Date
Fri, 12 Aug 2022 08:17:00 GMT
Server
Tengine
ETag
RX505d6b14b8dd4151861b7b8be62c9851005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005
Connection
keep-alive
Content-Type
text/html
usersync
usersync.gumgum.com/ Frame 6FF3
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=hMxmzlf716FU&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=hMxmzlf716FU&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
location
https://usersync.gumgum.com/usersync?b=pln&i=hMxmzlf716FU&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-stage-0
expires
-1
usersync
usersync.gumgum.com/ Frame 6FF3
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=3845884433550291021
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=3845884433550291021
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=3845884433550291021
date
Fri, 12 Aug 2022 08:17:00 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 6FF3 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_72b13e66-8638-4bdc-975a-2eec0f6e1321
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
GJYRQBFRDQHJDZC223XK
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame EA90 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=cda4531b-827a-4e26-8826-4ac73e3d9478
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6SVVGQVXDVJ9KNSA9P3K
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame EA90
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://ssum.casalemedia.com/usermatchredir?s=186046&cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__
  • https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=YvYMeptZyA.1HFbuQyqMsAAA%26479
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=YvYMeptZyA.1HFbuQyqMsAAA%26479
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.198.189.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-189-0.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:00 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l14APHYPzS%2BXTfuPw%2FMx1iEXdwpOQ17oIIXtwKrfykugYVAAn3P4s3vIVLYi1cvqRoOW3GHZs0euKPimTFDeBWHCGNoVzFm15dM4sdZL4nRkb8NLc34QGlYs4sJvERw0glEwHYR0"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=YvYMeptZyA.1HFbuQyqMsAAA%26479
cache-control
no-cache
cf-ray
7397c5aa2cdba1de-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
v1
match.sharethrough.com/sync/ Frame EA90
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://sync-tm.everesttech.net/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A
  • https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=YvYMeQAF1xc1xgA0
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=YvYMeQAF1xc1xgA0
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.198.189.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-189-0.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:00 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1660292221.530537,VS0,VE0
x-served-by
cache-yul12833-YUL
x-cache
HIT
location
https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=YvYMeQAF1xc1xgA0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
v1
match.sharethrough.com/sync/ Frame EA90
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=b88f2951-bac5-41e7-bff4-9adb35ec6b09&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=b88f2951-bac5-41e7-bff4-9adb35ec6b09&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.198.189.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-189-0.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:00 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=b88f2951-bac5-41e7-bff4-9adb35ec6b09&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame EA90
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=4838819436260598658
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=4838819436260598658
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.198.189.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-189-0.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:00 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
fd485bfc-55e2-438d-8836-b0b1cc269ace
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=4838819436260598658
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7DC8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAUtS0zSL0dGNue_Trz6X7A&google_cver=1
43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAUtS0zSL0dGNue_Trz6X7A&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEJvK6wEYv43-zwEwAQ&v=APEucNUkkp0Oyl1SMAe365k-jrf8dO1f3XlCJ4cekUDr0U-EmDNhEThUafN7l0L_7y7VVW_UW_vWaXX-_3xG43Tja89YM33fKw
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
7397c5abebf7a235-YYZ
pragma
no-cache
date
Fri, 12 Aug 2022 08:17:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eftEFR9ym%2BYGRxCsp%2BAJFjeO4E7KgUsJJom8jIInDQmP%2BbNa7evkGpUTku9RnhMTtn%2FiDewPZzv54%2F2CJTUk5WfPCtXk%2BartC5S6isoOp1CMqBHGfB3G2nVK8dYHIonBAfjOHSGhxALM3A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAUtS0zSL0dGNue_Trz6X7A&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7DC8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvYMeptZyA.1HFbuQyqMsAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAUtS0zSL0dGNue_Trz6X7A&google_cver=1&google_hm=2
43 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAUtS0zSL0dGNue_Trz6X7A&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEJvK6wEYv43-zwEwAQ&v=APEucNUkkp0Oyl1SMAe365k-jrf8dO1f3XlCJ4cekUDr0U-EmDNhEThUafN7l0L_7y7VVW_UW_vWaXX-_3xG43Tja89YM33fKw
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
7397c5abf83bf97d-YYZ
pragma
no-cache
date
Fri, 12 Aug 2022 08:17:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HOb58utIaY6ir%2FtBMEThhdSe66EzN0RpmIupX85EAeewKgAVAtRRt1MH6jEHXo%2BxBltOmNQFVZDJUTboJUVlGjhwToiR%2FFPiclVZ0M2fGWoxIGLb4wXX1lbV9X2BDfU9jOH53m%2FaQK5wg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAUtS0zSL0dGNue_Trz6X7A&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 7DC8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJQdP2L75sQUYWi5nM4RxJ8&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJQdP2L75sQUYWi5nM4RxJ8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEJvK6wEYv43-zwEwAQ&v=APEucNUkkp0Oyl1SMAe365k-jrf8dO1f3XlCJ4cekUDr0U-EmDNhEThUafN7l0L_7y7VVW_UW_vWaXX-_3xG43Tja89YM33fKw
Protocol
HTTP/1.1
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
6b110d64-f5d3-4bb8-b519-b8c5f1031b7b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJQdP2L75sQUYWi5nM4RxJ8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7DC8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgzODgxOTQzNjI2MDU5ODY1OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgzODgxOTQzNjI2MDU5ODY1OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEJvK6wEYv43-zwEwAQ&v=APEucNUkkp0Oyl1SMAe365k-jrf8dO1f3XlCJ4cekUDr0U-EmDNhEThUafN7l0L_7y7VVW_UW_vWaXX-_3xG43Tja89YM33fKw
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
803dfd64-2647-4918-8370-1f744bd60889
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgzODgxOTQzNjI2MDU5ODY1OA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 71A2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=3f4262f6-0c7b-4700-a042-2230177506f6&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=3f4262f6-0c7b-4700-a042-2230177506f6&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 12 Aug 2022 08:17:00 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 12 Aug 2022 08:17:00 GMT
Expires
Fri, 12 Aug 2022 08:16:59 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4475 c1dc35a master ord-pixel-x2 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=3f4262f6-0c7b-4700-a042-2230177506f6&gdpr=&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 7F79
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=YvYMeQAF1xc1xgA0&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=YvYMeQAF1xc1xgA0&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 12 Aug 2022 08:17:00 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Fri, 12 Aug 2022 08:17:00 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=YvYMeQAF1xc1xgA0&gdpr=&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yul12833-YUL
x-timer
S1660292220.416188,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 4B17 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV83MmIxM2U2Ni04NjM4LTRiZGMtOTc1YS0yZWVjMGY2ZTEzMjE=&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 08:17:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DA64 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=63025
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 12 Aug 2022 08:17:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 13 Aug 2022 01:47:25 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame DFC4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=b88f2951-bac5-41e7-bff4-9adb35ec6b09
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=b88f2951-bac5-41e7-bff4-9adb35ec6b09
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 12 Aug 2022 08:17:00 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Fri, 12 Aug 2022 08:17:00 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=b88f2951-bac5-41e7-bff4-9adb35ec6b09
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 7DA5
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=emx&i=4838819436260598658brt53611660292219594232ab
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=emx&i=4838819436260598658brt53611660292219594232ab
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 12 Aug 2022 08:17:00 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
0
content-type
text/html
date
Fri, 12 Aug 2022 08:17:00 GMT
location
https://usersync.gumgum.com/usersync?b=emx&i=4838819436260598658brt53611660292219594232ab
usersync
usersync.gumgum.com/ Frame 6411
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=YvYMfcCo5ssAAGs0pLYAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=YvYMfcCo5ssAAGs0pLYAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 12 Aug 2022 08:17:01 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Fri, 12 Aug 2022 08:17:01 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=YvYMfcCo5ssAAGs0pLYAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
2
X-SO-HostName
a-ad40184.dc2p.scaleout.jp
X-SO-IP
149.56.153.179
X-SO-Key
YvYMfcCo5ssAAGs0pLYAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":2,"gdpr":false,"ipv4":"149.56.153.179","key":"YvYMfcCo5ssAAGs0pLYAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40184"}
X-SO-LB-Hostname
a-tgng40007.dc2p.scaleout.jp
X-SO-Upstream-ID
a-ad40184
usersync
usersync.gumgum.com/ Frame 9AF8
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=zyA5VdCCDerQ1QP3TvEu&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=zyA5VdCCDerQ1QP3TvEu&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 12 Aug 2022 08:17:00 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 12 Aug 2022 08:17:00 GMT Fri, 12 Aug 2022 08:17:00 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=zyA5VdCCDerQ1QP3TvEu&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 9C00
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Aug 2022 08:17:00 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 12 Aug 2022 08:17:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
showad.js
ads.pubmatic.com/AdServer/js/ Frame FFAB 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292218648,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=34202
content-encoding
gzip
content-length
13946
content-type
text/html
date
Fri, 12 Aug 2022 08:17:01 GMT
expires
Fri, 12 Aug 2022 17:47:03 GMT
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 0A08 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292218648,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:00 GMT
content-encoding
gzip
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=34203
accept-ranges
bytes
content-type
text/html
content-length
13946
expires
Fri, 12 Aug 2022 17:47:03 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 4B0A 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.protocolo7em7.com.br.hackeandoansiedade.space
URL: https://www.protocolo7em7.com.br.hackeandoansiedade.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
Origin
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 14:49:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62867
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Aug 2022 14:49:13 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame 4B0A 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Doi2RTS11jZIwLUrs31k7x-7JVGDgYiKgBHj2wm8RH6mhDgbZDDh0oAiXqZrKzRltvrT-piAB2wjdoBQDQHITYSuN9ooi7UZDQ1Z66djxGKJfXUk9TIQtIbQTa04-UtbRT7gnfgyyyLdqv79cBao3hmJXyQA&dbm_d=AKAmf-CqdbIwZuK-hIZm3piVAhFNTCIf_9Vq0KJ0Kl_8uowmMrb7uhxV-xzNenmc1d7IU_4yLkd6Fps5Y_SXLVrtVu-DcCl9rGhatpokCpbVWgECE-dsxZ7QXC5qDB6t4fO5gFL-fRw5cootlRYmkTi1giuiY4bdOh-o3X8Jt4qOtGR_y2J75E6xw9O2pSzvFVs-5DcbHJnGylVpozFkM8oWgRSiwn-9GsK3xAcmX7f8lYfJj2GRTq9MG1lummwarP2iHM6Ig0Gxlxbx4B7BZnPoGPIv6tAK3Byf3mVNEuAoq2UQA0mt4L4_K2BuVNi9UHvn2b4xYp5wmaNYSo1lSQEOyQ0LT48hPhPOyHytwCEN3HI3PgVlyikjEYhnyJYhzYOJofxQ_I2chvNsIRRJ31I0AXZgsxT4Yk8HIm6fSlSubXFQNh7Xm-WAEJ8xRhFtwcdpR9FNgMN2MbkTFHvAKkReFnHhBEtkdxygjk_DRR5N-uVv8rC4Ah6KHzWFtEvocx7-RuCR5pVxBRB5fKzDRrh5vkJS3SG4AwiiFH5EjSy3zTTr5VPxJ4WGHe7rJj7vEjxrUnMABNaBy2lvYJUaWg2r58FXk2qSB3xkQD8d5P_e93-1uiC9WUPL_bS14Kr-5Gd0gmbJwL6Y_dBmkNInYPow2JkiMioPn4Ao4wAysxPNbrYJhcQTyc41YsoY1gYb14I-9ylDNQ8IsoQ5ROP2HjlUXShONflEXUv4t7pNFtQooIUPGrx_P3r50N6-ZzE3Vb1d8fkFB-ELQaG1K3TOHgXbd7uF62rCNigiRPxZY7kSS6hYrNyt6srVhrpxXDwHABDar-CNuiN__jflfkf7LyjOqMN-cKbspM6o8hH8x_u-XSbDwdjj-9SjYUKFHeORd-UPaMrXj8dOhSRKIQeAimXVsY88H9NcyHRv69Nq4-njoaApTZOrNGwCGA1WodIqQsnSH7_kyjbI_HYN0UWgAY2osMXF1K2yKJ_gRWcG5jJOz0fjfZHZqpaoGgIzVdXDcbUPPStck3tKuWwLq3lOtrD1aDpxtjdeW88ajSCLK8O_Qk5C2rsuUHa8y02If0JbkPE4d5esqtldlbWrz3gEncCYWKtk6b4W6ED26QuaKHSHo74H_WZfixAcO07006-FQaid2db2eFEp25bgTx-QFIw99WA0CmXBhmXn3RnN0PHaBqnjaE9SLPQy50DnLeRJyi-FDOhDz02BC9ktSwxOPfSmfQ4KC4gST8twf4gci-btwmxxvyhGTmKquvr8MpI4_uudUn6WlEQJr-7zc6DETKttu32dYEYMdF_Cl6P9e7t7aDa5CQAiaJneEm5miRHkG0sRw3Ec0TcUYYoMO5VTv7G9xtqAbaXMEKRwWvX4u3hVHVKb3MuNlH_zb7yv8UQEIT9h05hESY7bAdQkXHyMdEoxPbscBoOEDMRftUn_dOHvIbOwj3vIcfkj9YpJsYQR-2R2lu9mzZERgGVpjCSkn73jUiv6odyE8nL8w3N1zKfK1pHu3d25jjnX7IXYlWqhkPNnLMzJDLc99VprAm_Z7ry1k8rQ6L0Io8udXIVbAU9F4cH_vk7MUKH3m_m1cMOb5SbE2SoKes4oh-RCLiB0EbrANoG2Tr_808UqHqRJbwNVoWIrjqfQJZ5ytLXrqdgDJjyoYQvUyVwXJSyIqJNw6vGSNmLOo1Mtvm1854cUnha7OuIiJtWwlXqIAkkRvsZsndGDq5kT3TG-eVlerqsEtvfIKd58_IG5jLJ2bFBT0mD5njyUjbgV1buyAEvj5mWKc0mE4pLqm41TyHFHj2M_p7_uo4sG9uYcwRuvEvWDK0KJ6w4ae9i8t2uCDjATJY2UtNgtby6ed09pZBkyygK2WudogVQ-HVj6AcW5Wq4RMr7T976ocM3wbdfKf7Vssbjv7GP3fUar-Esi_YoT_X1bDrL0X1d7DgfW6bURNHOrLhCjGuYGulb_mgmAcELqyDN4xUuXzgdE6PobC3O6J_WOxlHDNuKWxji4c2OEqTimo-rSpv0uA2sfWrHzChrAxieBbW5zHekg7tn7OecfeQmYnUBc-2mxRWWQPY4RSmmn810DyVS-igeW7g-TuvTsimZpDdEiob-RN2GNRNfqz89OY0mNSR3sNU2DWBHRKxdAQKJlgyn94A1LuGtEGtLaqEE3v2k0f4u_dsxbG0jgoGJC2otns-KOjo0sLN5FAC2LVKWBRjE2TtAL3N1Q3XwJ46bxNCQcRxrGuqQK40gTV6TYX-dj1KbP3EOdH_PsKO3UyJ7-B7dFgfTyEolcpx_7NNC9CBwW1SRdlHTwx5tlDCUHooFK5vSDyXtnezgXLyO6WqGqz50HryO0HqKwf-Q9caBmUz2cGcyiACQTCRoiA07NDxvApmVzZquHC8iFsv-7fZQTGU9VjiJMS-c1n7KVC86Z9qfEPsKFBruVYTYSk6uMQTF4o9Xnx0pU5jYBg9Lg1bFndSXmmkn13xNaYlcepJg6uFYo9yaZjEEFgYTXtAX-Cugv1MY74kmQXJ_yRJebqn_8PYonUDURyiQycW58fwPtms5h1l4dswZytr30m3xvA1Qcdjgljn_vNueAeliK_2E0-kr1rBbF0zXNFSL6Z5ZKdBShfFq0ft7cfg9UXg_rFDB4k480tPSHkicqiO0HtELM2TyBNcgvaP9Je5DosrmV3qM_sRLLIsAYnazdEw288UvGloy3jw0Mn_7OFX_rc2mxtCxXRtydIVBr_O1qnV8bb0VIcuSDMVhSL6SmsEMiEttmRu8pvWHUxJzRhsyVKb8_45M_89qYQvbb1Z9P6B5OPvnaqAxpooV2Rh8I3h0lhAU_U4iVN8nS6vqpNbLyT6MD3V49jDhSurt7kMnXjdygbyQLsHBROQHR-9KUznDCJrIi1LFZuFCBXOnKx-GyZtYNC2LWeyehKuB_xBSQAgYctKsdmWqW6Z9poxey-tOoz6U-whaNt1kHg0hq_yiV6Jea3B3ZuxfIfqJE3cIUHinQNoFxchGi4XOO4xfzXREBAjXCm6yDRjwULyWaGWbuK4gEUpm7mI9KPCQRg7PfjrQo8Wz58enSkJSqc13D-32wqHAygdA1AoavL-pFMGPsBbeo7dwd-J52jG-ZtforqWVzJC0nZb9-d5T2F5eh4lrrUhZaM4eNR8gdIEaDNO3Ir5dvZw-eULvYI5zhno3d3s7wozRpUVkCxgKb7cgLzLD8XQdbHwRmyoaP_PfUgAuBfD-Z4A_CnVUdBzDpedi3yG2BWFeN8Ic8N3WI3jPJACl3eA6uQEIlxyf_7TA3NjGz28HLzCOs8LBVy4Lpr3b-I0Z_JHuoc6TBw3kxeGemLM6v_mjdyQkMQNGTtoLs5FgIOyGjZ7EUrVqMkFq7CqTUePIYqPLP7TTkkSE6Ssvm_h3Gy37qcHZY3dq8gPg7VzPHLV7tA-FoTfECnZ9oAvPaQIXqUEp05R5IFMKLwDoAD1zPLHx141xC2twdyJaw1e4Fh42jyyRJNDOiFTp2NRHqAaPkkOM5pfRdBwIqszETqRb_01Z4uq-O0IwCHV1T5ieGxfqwpRKDqMVmjzHvy8Rj1rR5tqtX1tWbt8LQRFIL51bFtkdykSA-awN2AMNK7EN7uIBzDUvTxBSRm-M5oRjHRdGWwF_is53NpOIkeKim1K4Rx7wJu8LSOePFCk4NKQS-bdVFYbPu5spFxEJGfGIDwP4CN1R0l-97e_9a_nWOKyOH0voJHF5eqTNtLp0-_lj-rNd-g3nGwQaLpaOHOEWakPrHW5eTHRKBaaVJo4Fw77jm_RB6ISinNlu2VnzaBAmKeRUjJiZ_ETznrGoi4JEXzPOhSU0-32OeDiFNun0lyHwMefafxgBUu3DOeDB_s7W2v7-IeFy7AR4NNFt9j1E5ig9echPBQqw-9ziVQsjr4yz1mq036-a9c5hYxnE1ddCNUsw2rrNqt5px3rIiB94Tnbi1zKQnzkLfD3yi1AOIk0WSe9d_ma-LTFXW9v442Z7AEa06evGeUHL6UquoEN7Wy3JNxTgZPMbCrCrQVH-53t_7nPXjya3HhZ6htzNKJYJhO6CCSRNNT2NVU75Qq7eaU62bEhg9BHuS0H_Xi20SzPpwdv3NzU9UWqGl8BTlTNN9Hy56BbO5yxmKohJlSNkohP_WSyZdnt26eJpwwABrlVi5TTm_kTvpU1YxLXs5_4nGTEGCdJET7tPOFw-YY7GSoqTZJKCHhWgyjmgmrwrM--WHLtd0WlWI_hz5my4wh0X6SWWi0_3OgwAnDg7nWbblCal_iUrxJPOJhVKgFFzV0lFNGAVWoOnzdoWmIFkxCLgs47B2nyb-CbEjWeD06fiAJN_TvBaUPLVlfr7F_E4gYZOIgfG6DWupE0hvWefuuSQRywBak_pXywuCqxuJnTXhGgfXuo2on7y-3PDw4vFs9x1KFwhDzhkq7jtxz2lyIJM8Mn77140v0hvY-YteBoPKFWueLzqfOYmm2wIjPVLDx9oqu6y5A2Spjxh1Aoe_B5JJu4ocAjh-OLR1EfgYVeLn4fzsx2wI6AprGviTbt46QB_1RtDWFOCF0mBSrWWZZZof8_2lhRwDkgkQlwMv3pqIjompTIkVGZP1HsIft3y77PS5wOstt_XMK8EFQdeMEGZh539bnaX1WU7pdxocU7MavhnYQcI3bGbEuo2_cx9iQ177VlxHAAWrvikGwre5VBQY8NkUbbO7EAtjFYREBilN8uiTmpD-f2hOVJqOVVN6PoE7mqcToLWUDg6FqcV-Afd65bh5I7kEfiDgKT3cVhrQniGSlb7SjFtAJwvp2AhDSIBSz22RzG26KmO0blE4FnSy9sU-ESaPcJmeL5Y6PBNnPLL4P-kuPrJ1QFqsCDP0qrg2f8T6cisJ8YbL1XYz1qzguWpccKmmgM7uzIcjlHpSjfIvzgsHOulgWhQdXCHtMPZb-pVCW7OLlDk-DQ&cid=CAASJeRoc3BHNAhaV9wCEdBGdEv8OH9W6SKMaLRSjrik0twwNh-YN_s&xfc=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuqQjxnd810VhjBdCiaHGdHevWWnssQPyL70MpyP1kDQguMBOYRwfB0g64AiZaFRFbqMz_eq-wpKUqHnhAtB3mFcJjtSx5nMcpS-M0_hR6EFY3P2lcNPCihSEdHla9mFgD0VVkp26c2ykZuhjdCRBfQBZTQQA3sbINUABl5BX_Aod0EDXi9KgiMSEA_CXbP3Nm-uLNVD4W4bMgs-SceS4rMiIkwFrhgPuBnP_sAI2XFPNWjFVu87xL_A4Y858cJAAn2NTYmKjbJDxdN8cg2DL54_4-lWulXz2VoE8c61G9MZkWXF_hgVVMxmwk1GBO0xqDy26DNFNnihoqTRhsyznpl9XdO86cTEmypqJvqkys%26sai%3DAMfl-YRGbatXcbyZ46715ZHohhCnLo59ot1NOT-LAHXZgKJbEsSaisHiuG7ic1m21APZr8RTbZaqEr4BBqBYB04jLqvK3NBelrKZLaHzinTJyXnaEgcysh5fKsITCJXGynI%26sig%3DCg0ArKJSzOmpQiDNowP3EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&rfl=2%2Chttps%253A%252F%252Fglamour.globo.com%242%2Chttps%253A%252F%252Fglamour.globo.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
757
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 08:04:23 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame 4B0A 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Doi2RTS11jZIwLUrs31k7x-7JVGDgYiKgBHj2wm8RH6mhDgbZDDh0oAiXqZrKzRltvrT-piAB2wjdoBQDQHITYSuN9ooi7UZDQ1Z66djxGKJfXUk9TIQtIbQTa04-UtbRT7gnfgyyyLdqv79cBao3hmJXyQA&dbm_d=AKAmf-CqdbIwZuK-hIZm3piVAhFNTCIf_9Vq0KJ0Kl_8uowmMrb7uhxV-xzNenmc1d7IU_4yLkd6Fps5Y_SXLVrtVu-DcCl9rGhatpokCpbVWgECE-dsxZ7QXC5qDB6t4fO5gFL-fRw5cootlRYmkTi1giuiY4bdOh-o3X8Jt4qOtGR_y2J75E6xw9O2pSzvFVs-5DcbHJnGylVpozFkM8oWgRSiwn-9GsK3xAcmX7f8lYfJj2GRTq9MG1lummwarP2iHM6Ig0Gxlxbx4B7BZnPoGPIv6tAK3Byf3mVNEuAoq2UQA0mt4L4_K2BuVNi9UHvn2b4xYp5wmaNYSo1lSQEOyQ0LT48hPhPOyHytwCEN3HI3PgVlyikjEYhnyJYhzYOJofxQ_I2chvNsIRRJ31I0AXZgsxT4Yk8HIm6fSlSubXFQNh7Xm-WAEJ8xRhFtwcdpR9FNgMN2MbkTFHvAKkReFnHhBEtkdxygjk_DRR5N-uVv8rC4Ah6KHzWFtEvocx7-RuCR5pVxBRB5fKzDRrh5vkJS3SG4AwiiFH5EjSy3zTTr5VPxJ4WGHe7rJj7vEjxrUnMABNaBy2lvYJUaWg2r58FXk2qSB3xkQD8d5P_e93-1uiC9WUPL_bS14Kr-5Gd0gmbJwL6Y_dBmkNInYPow2JkiMioPn4Ao4wAysxPNbrYJhcQTyc41YsoY1gYb14I-9ylDNQ8IsoQ5ROP2HjlUXShONflEXUv4t7pNFtQooIUPGrx_P3r50N6-ZzE3Vb1d8fkFB-ELQaG1K3TOHgXbd7uF62rCNigiRPxZY7kSS6hYrNyt6srVhrpxXDwHABDar-CNuiN__jflfkf7LyjOqMN-cKbspM6o8hH8x_u-XSbDwdjj-9SjYUKFHeORd-UPaMrXj8dOhSRKIQeAimXVsY88H9NcyHRv69Nq4-njoaApTZOrNGwCGA1WodIqQsnSH7_kyjbI_HYN0UWgAY2osMXF1K2yKJ_gRWcG5jJOz0fjfZHZqpaoGgIzVdXDcbUPPStck3tKuWwLq3lOtrD1aDpxtjdeW88ajSCLK8O_Qk5C2rsuUHa8y02If0JbkPE4d5esqtldlbWrz3gEncCYWKtk6b4W6ED26QuaKHSHo74H_WZfixAcO07006-FQaid2db2eFEp25bgTx-QFIw99WA0CmXBhmXn3RnN0PHaBqnjaE9SLPQy50DnLeRJyi-FDOhDz02BC9ktSwxOPfSmfQ4KC4gST8twf4gci-btwmxxvyhGTmKquvr8MpI4_uudUn6WlEQJr-7zc6DETKttu32dYEYMdF_Cl6P9e7t7aDa5CQAiaJneEm5miRHkG0sRw3Ec0TcUYYoMO5VTv7G9xtqAbaXMEKRwWvX4u3hVHVKb3MuNlH_zb7yv8UQEIT9h05hESY7bAdQkXHyMdEoxPbscBoOEDMRftUn_dOHvIbOwj3vIcfkj9YpJsYQR-2R2lu9mzZERgGVpjCSkn73jUiv6odyE8nL8w3N1zKfK1pHu3d25jjnX7IXYlWqhkPNnLMzJDLc99VprAm_Z7ry1k8rQ6L0Io8udXIVbAU9F4cH_vk7MUKH3m_m1cMOb5SbE2SoKes4oh-RCLiB0EbrANoG2Tr_808UqHqRJbwNVoWIrjqfQJZ5ytLXrqdgDJjyoYQvUyVwXJSyIqJNw6vGSNmLOo1Mtvm1854cUnha7OuIiJtWwlXqIAkkRvsZsndGDq5kT3TG-eVlerqsEtvfIKd58_IG5jLJ2bFBT0mD5njyUjbgV1buyAEvj5mWKc0mE4pLqm41TyHFHj2M_p7_uo4sG9uYcwRuvEvWDK0KJ6w4ae9i8t2uCDjATJY2UtNgtby6ed09pZBkyygK2WudogVQ-HVj6AcW5Wq4RMr7T976ocM3wbdfKf7Vssbjv7GP3fUar-Esi_YoT_X1bDrL0X1d7DgfW6bURNHOrLhCjGuYGulb_mgmAcELqyDN4xUuXzgdE6PobC3O6J_WOxlHDNuKWxji4c2OEqTimo-rSpv0uA2sfWrHzChrAxieBbW5zHekg7tn7OecfeQmYnUBc-2mxRWWQPY4RSmmn810DyVS-igeW7g-TuvTsimZpDdEiob-RN2GNRNfqz89OY0mNSR3sNU2DWBHRKxdAQKJlgyn94A1LuGtEGtLaqEE3v2k0f4u_dsxbG0jgoGJC2otns-KOjo0sLN5FAC2LVKWBRjE2TtAL3N1Q3XwJ46bxNCQcRxrGuqQK40gTV6TYX-dj1KbP3EOdH_PsKO3UyJ7-B7dFgfTyEolcpx_7NNC9CBwW1SRdlHTwx5tlDCUHooFK5vSDyXtnezgXLyO6WqGqz50HryO0HqKwf-Q9caBmUz2cGcyiACQTCRoiA07NDxvApmVzZquHC8iFsv-7fZQTGU9VjiJMS-c1n7KVC86Z9qfEPsKFBruVYTYSk6uMQTF4o9Xnx0pU5jYBg9Lg1bFndSXmmkn13xNaYlcepJg6uFYo9yaZjEEFgYTXtAX-Cugv1MY74kmQXJ_yRJebqn_8PYonUDURyiQycW58fwPtms5h1l4dswZytr30m3xvA1Qcdjgljn_vNueAeliK_2E0-kr1rBbF0zXNFSL6Z5ZKdBShfFq0ft7cfg9UXg_rFDB4k480tPSHkicqiO0HtELM2TyBNcgvaP9Je5DosrmV3qM_sRLLIsAYnazdEw288UvGloy3jw0Mn_7OFX_rc2mxtCxXRtydIVBr_O1qnV8bb0VIcuSDMVhSL6SmsEMiEttmRu8pvWHUxJzRhsyVKb8_45M_89qYQvbb1Z9P6B5OPvnaqAxpooV2Rh8I3h0lhAU_U4iVN8nS6vqpNbLyT6MD3V49jDhSurt7kMnXjdygbyQLsHBROQHR-9KUznDCJrIi1LFZuFCBXOnKx-GyZtYNC2LWeyehKuB_xBSQAgYctKsdmWqW6Z9poxey-tOoz6U-whaNt1kHg0hq_yiV6Jea3B3ZuxfIfqJE3cIUHinQNoFxchGi4XOO4xfzXREBAjXCm6yDRjwULyWaGWbuK4gEUpm7mI9KPCQRg7PfjrQo8Wz58enSkJSqc13D-32wqHAygdA1AoavL-pFMGPsBbeo7dwd-J52jG-ZtforqWVzJC0nZb9-d5T2F5eh4lrrUhZaM4eNR8gdIEaDNO3Ir5dvZw-eULvYI5zhno3d3s7wozRpUVkCxgKb7cgLzLD8XQdbHwRmyoaP_PfUgAuBfD-Z4A_CnVUdBzDpedi3yG2BWFeN8Ic8N3WI3jPJACl3eA6uQEIlxyf_7TA3NjGz28HLzCOs8LBVy4Lpr3b-I0Z_JHuoc6TBw3kxeGemLM6v_mjdyQkMQNGTtoLs5FgIOyGjZ7EUrVqMkFq7CqTUePIYqPLP7TTkkSE6Ssvm_h3Gy37qcHZY3dq8gPg7VzPHLV7tA-FoTfECnZ9oAvPaQIXqUEp05R5IFMKLwDoAD1zPLHx141xC2twdyJaw1e4Fh42jyyRJNDOiFTp2NRHqAaPkkOM5pfRdBwIqszETqRb_01Z4uq-O0IwCHV1T5ieGxfqwpRKDqMVmjzHvy8Rj1rR5tqtX1tWbt8LQRFIL51bFtkdykSA-awN2AMNK7EN7uIBzDUvTxBSRm-M5oRjHRdGWwF_is53NpOIkeKim1K4Rx7wJu8LSOePFCk4NKQS-bdVFYbPu5spFxEJGfGIDwP4CN1R0l-97e_9a_nWOKyOH0voJHF5eqTNtLp0-_lj-rNd-g3nGwQaLpaOHOEWakPrHW5eTHRKBaaVJo4Fw77jm_RB6ISinNlu2VnzaBAmKeRUjJiZ_ETznrGoi4JEXzPOhSU0-32OeDiFNun0lyHwMefafxgBUu3DOeDB_s7W2v7-IeFy7AR4NNFt9j1E5ig9echPBQqw-9ziVQsjr4yz1mq036-a9c5hYxnE1ddCNUsw2rrNqt5px3rIiB94Tnbi1zKQnzkLfD3yi1AOIk0WSe9d_ma-LTFXW9v442Z7AEa06evGeUHL6UquoEN7Wy3JNxTgZPMbCrCrQVH-53t_7nPXjya3HhZ6htzNKJYJhO6CCSRNNT2NVU75Qq7eaU62bEhg9BHuS0H_Xi20SzPpwdv3NzU9UWqGl8BTlTNN9Hy56BbO5yxmKohJlSNkohP_WSyZdnt26eJpwwABrlVi5TTm_kTvpU1YxLXs5_4nGTEGCdJET7tPOFw-YY7GSoqTZJKCHhWgyjmgmrwrM--WHLtd0WlWI_hz5my4wh0X6SWWi0_3OgwAnDg7nWbblCal_iUrxJPOJhVKgFFzV0lFNGAVWoOnzdoWmIFkxCLgs47B2nyb-CbEjWeD06fiAJN_TvBaUPLVlfr7F_E4gYZOIgfG6DWupE0hvWefuuSQRywBak_pXywuCqxuJnTXhGgfXuo2on7y-3PDw4vFs9x1KFwhDzhkq7jtxz2lyIJM8Mn77140v0hvY-YteBoPKFWueLzqfOYmm2wIjPVLDx9oqu6y5A2Spjxh1Aoe_B5JJu4ocAjh-OLR1EfgYVeLn4fzsx2wI6AprGviTbt46QB_1RtDWFOCF0mBSrWWZZZof8_2lhRwDkgkQlwMv3pqIjompTIkVGZP1HsIft3y77PS5wOstt_XMK8EFQdeMEGZh539bnaX1WU7pdxocU7MavhnYQcI3bGbEuo2_cx9iQ177VlxHAAWrvikGwre5VBQY8NkUbbO7EAtjFYREBilN8uiTmpD-f2hOVJqOVVN6PoE7mqcToLWUDg6FqcV-Afd65bh5I7kEfiDgKT3cVhrQniGSlb7SjFtAJwvp2AhDSIBSz22RzG26KmO0blE4FnSy9sU-ESaPcJmeL5Y6PBNnPLL4P-kuPrJ1QFqsCDP0qrg2f8T6cisJ8YbL1XYz1qzguWpccKmmgM7uzIcjlHpSjfIvzgsHOulgWhQdXCHtMPZb-pVCW7OLlDk-DQ&cid=CAASJeRoc3BHNAhaV9wCEdBGdEv8OH9W6SKMaLRSjrik0twwNh-YN_s&xfc=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuqQjxnd810VhjBdCiaHGdHevWWnssQPyL70MpyP1kDQguMBOYRwfB0g64AiZaFRFbqMz_eq-wpKUqHnhAtB3mFcJjtSx5nMcpS-M0_hR6EFY3P2lcNPCihSEdHla9mFgD0VVkp26c2ykZuhjdCRBfQBZTQQA3sbINUABl5BX_Aod0EDXi9KgiMSEA_CXbP3Nm-uLNVD4W4bMgs-SceS4rMiIkwFrhgPuBnP_sAI2XFPNWjFVu87xL_A4Y858cJAAn2NTYmKjbJDxdN8cg2DL54_4-lWulXz2VoE8c61G9MZkWXF_hgVVMxmwk1GBO0xqDy26DNFNnihoqTRhsyznpl9XdO86cTEmypqJvqkys%26sai%3DAMfl-YRGbatXcbyZ46715ZHohhCnLo59ot1NOT-LAHXZgKJbEsSaisHiuG7ic1m21APZr8RTbZaqEr4BBqBYB04jLqvK3NBelrKZLaHzinTJyXnaEgcysh5fKsITCJXGynI%26sig%3DCg0ArKJSzOmpQiDNowP3EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&rfl=2%2Chttps%253A%252F%252Fglamour.globo.com%242%2Chttps%253A%252F%252Fglamour.globo.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
826
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
server
cafe
etag
10563440404697844360
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 08:03:14 GMT
async_usersync
ib.adnxs.com/ Frame 8E12 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=4009&pub_id=1986072&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=4009&pub_id=1986072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
b00709b0-61f6-4513-a3f4-c2b3e840f2a5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7B75 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=4009&pub_id=1986072&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=4009&pub_id=1986072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
b1d84a89-3c26-44b4-be39-ce252e763cf7
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
nym1-ib.adnxs.com/ Frame D4EC 		0
842 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&e=wqT_3QK9DPDtPQYAAAMA1gAFAQj6mNiXBhCAsoDMu7O4vnEY1tmUoq6KibFkKjYJRHzTS-GUzj8RXiBifroEyT8ZAAAAYLgeDUAhxvp054r80j8pTBqjdVQ11z8xAAAA4FG43j8whfrzCjipH0CYOUgCUPTYiLABWMWqlQFgAGjPglZ46s8FgAEBigEDVVNEkgEDQlJMmAGsAqAB2ASoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKApYBdWYoJ2EnLCA1NTY3NDUwLCAxNjYwMjkyMjE4KTt1ZignaScsIDczODUxOTUsIDE2NjAyOTIyMTgpOwEdLGcnLCAxODM4NDE5MUY7ADBzJywgMjc2NDYzNjI2Rh8AMHInLCAzNjkyNDEyMDQ2HwDwi5ICoQQhVzJtVW5BajU5YlVaRVBUWWlMQUJHQUFneGFxVkFUQUVPQUJBQUVpWU9WQ0Ytdk1LV0FCZ3BnWm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUkNvQVFxd0FRQzVBUVVjU1lGWE5kY193UUVGSEVtQlZ6WFhQOGtCQUFBQUFBQUE4RF9aQVFBCQ50UEFfNEFIcjRNSUQ5UUZQdERJX21BSUFvQUlCdFFJBSQAdg0I8Gl3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlCZ0FNQm1BTUJvZ01PQ0xQaWhTTVFDeGdDTFFBQUFBQzZBd2xPV1UweU9qVTNNVExnQTRJdmdBVDg4dDRJaUFUTXJPTUlrQVFCbUFRQndRBTUJAQhNa0UJCQEBGERZQkFEeEIBCw0B4GlBWFFMSmdGaW9EcWd3R3BCWUtRTEdBQ2R4UkFzUVVBQUFEZ3Q4amRQOEVGQUFBQTZJbFc1al9KQhFjDFBBXzAFKA0BBE5rBSgBAfBDOERfZ0JhZWJBdkFGdjRyaUNQZ0YydWZUQW9JR0ExVlRSSWdHQkpBR0FaZ0dBS0VHbXBtWm1abVo3VC1vQmdTeUJpUUoBSA0BAFINCAEBAFoBBQ0BAGgNCCEoPDRCZ28umgKZASFKQmFGanc6JQI0TVdxbFFFZ0FDZ0FNWnEFbRhtZTBfT2dsPV0USkFnaTlKAU8BAQg4RDkdeQBCHXkAQh15BEJwASwJAQRCeAkIAQEQQjRBSWs1cPQ0AjhEOC6yAiQ2YzA2YzY3OS1kMWQzLTQ2NTgtYTU0YS02ZGQxOWU2NmZjNDPYAp9G4ALukF3qAmpodHRwczovL2dsYW1vdXIuZ2xvYm8uY29tL2xpZmVzdHlsZS9ub3RpY2lhLzIwMTkvMTIvbWVsaG9yZXMtZG8tYW5vLW9zLW1lbWVzLW1haXMtZW5ncmFjYWRvcy1kZS0yMDE5LmdodG1sgAMAiAMBkAMAmAMUoAMBqgMAwAOsAsgDANgDkogC4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQOMTQ5LjU2LjE1My4xNzmoBACyBAwIABAAGAAgADAAOAK4BADABM3AuSLIBADSBA43MzIwI05ZTTI6NTcxMtoEAggB4AQA8AT02IiwAfoEEgkAAACg779GQBEAAABgbWVSwIgFAZgFAKAF____________AaoFLTg0OTI0MDk3LTIyNTgtNDUxZS04Njg0LTFiNDA1YzRkOWM0M19BcHBOZXh1c8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBZGUQPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AapJdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgAEAAYACAAMAA4tARAAMgH6s8F0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AcAiggCEACVCAAAgD-YCAE.&s=cbfdd16844d7621156f22980c0545ef16e8b200c&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=600&sid=9033494341770230179&vd=ct~0|rr~0&sv=224&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=22871301&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=604&ww=300&wh=600&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.113 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
6d66f659-ab48-4751-9057-f31e21faaaac
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://config.seedtag.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 9C00 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
843061eb460de0b038e56183343e2f2308875530fb61d3cdbdd47c1604c0557d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:17:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54905
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9453
Expires
Fri, 12 Aug 2022 23:32:05 GMT
moatad.js
z.moatads.com/essencedigitalna20153870852878/ Frame 4B0A 		333 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/essencedigitalna20153870852878/moatad.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.223.57.238 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-57-238.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
130868866de345ebfbe776e814e061b01a5c0ebe470ee569fa7900e447bfc6bf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:00 GMT
content-encoding
gzip
last-modified
Thu, 04 Aug 2022 15:28:24 GMT
server
AmazonS3
x-amz-request-id
5VMV9KY48XG55MGT
etag
"382f75c90c869f73b07a6a71294d71aa"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=25448
accept-ranges
bytes
content-length
113568
x-amz-id-2
IZhRZydaI1z8gldFVvTdue5ma/aHIDeiZ7kT5OGTeda7W84vMLeWwyvn/C8s9rB2LdB3U2V3C6Y=
index.html
s0.2mdn.net/sadbundle/15305731331847383697/ Frame 4295 		96 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15305731331847383697/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93bef447cd2152f3b429d1683054d10c9c8eff4b3e640e7fe7a4b9ffee5729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
319695
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
23839
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 15:28:45 GMT
expires
Tue, 08 Aug 2023 15:28:45 GMT
last-modified
Mon, 25 Jul 2022 22:24:29 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 4B0A 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuhQE7gbRxFusGKRGgZdIVGuQwzjpY3IaUQOv0T4sNOfqZEcertybUb3zZXNDI9V9kl1QcUsqZ0Wc618x8ksCMts7JrUfKZc-ALavynMuffQiH3RJEBHMZQVRRULRq-93wKrIxuNcOa-_CTGAFhX83M4mJijbweY0Izx_DCvKVDkv4wEZk2TXanBeMYabs1QCThJN81vcaPTjLIDBC1n0EHLg4aBEBMOkM3YgJkBqIo544cFh5ciLhUOZu861ev5o3RjpQfSW9bOTheVCLwNKkSUI9g2NWFaxBig2w52Oq-wIXdFAyYHo2T_uQBts_V-RMbQZWEq48ykNppUxtfTVjjBC-FG_J8H8rWuPvvcFjMIQJKm7TI7v9wXKPX0mA9Z6Ydgz2tX8UnQaBXJGb-IMqp6GPyWirKRsIRJNJu8zKvh0kTCjQ8qF2gmSs2SOWBZoKomyvK9438yTgfoGv7Gxao8mbosTTDJ4Hv6NlOS1SZMTfuAro8m_xY12QIVo3ZXTzAQYO4yO5jQOrVcan-Lgl1FDtWDwqTZ8RIk1W7eFHtpaO4Wa6EzAlb37fz9Q_laB1aBGcCH0widoVfOuxNiP2BCbdI1IMeEMj1GzrY0dpGF7qWdSnSxqWMDPQtEvrvB20M_KQXG9rYg0XO2Ceru0KrK_Q9uxWI-IN_QB7kpiy0lZeaux4m5NqIjzsOSpUd4CVnqRMFDmryh_rmYg0wc5G-9ysKTGPHgkYIoYB2jDq2ppDcLzfCPa6reZasWZbD-Co8a3AXQPgv07y4MCd9t-p1UimMqz97-KfFg6i8c5I0kwQoX8cGpOA0QvoKvwr_smUghG6o0qd5gH4srASiauWG_7rS1zQqeg_8Bgmba8us69RJe6APrXKHVo2WLYPy0O2-WJb5zXX6ekcxzpM4xdf1OnOIF3BQaWjTPjadLoQR4slDiel0hb0HQVsSNBjMKGYWaxB7e959aWsYy-6IVY9DCWwXRaM_omfF2-A3osmMxiDq6XJpVOk5va8DnBs8bCmeAcoXkSM9s2ZA3mmWnVCkW7r0K9C8UNIEXu0m4-GncTuox2stx8EbvQx7ie3KJpVmvJI8_5mbx40q4ip49GfYQvvZ-HCMST5NB0_7trI4wjwGZGZIrBFBCU_ej0SfSoiLHpv3HI-ahYk33vIWYx3j2yip-4KQG41gTPDLr3SXk_u0PlYWwgqhVgjBfki69HF-zhoQYF8PiaR2_7P41RLZoiKTpT9SRjz-JiR9LgL5r7j6rhgEPPj2yjUrUR609z--wdQi13JtudccxXPgK7ndMi2st9ltZ5XsfLqlJpY0ihkfw4IJxBlO1Cc_id5Vu2lSXh_cP7CBXXNxf-uGlnGHMjpLZ1I584-J9Of62R4pjpnamlDNiIz5yf3ufxm9kj9VQ1JJunXuebzQCHX5T3BImAye0kMb8ENnuaDII1UcD9dkAhoHDskHC6_ejT4CMwIW_nijgH_4sZKmP2xd7DzR2sC3TwsHfrYpWGA8LXBEi5TGe2xUMREoaN6QzZNlkAq8CbbwGn_YcAp-oAs1HgKS6RSm94JH-084jIaCNflFOgk5IBWCd33LmMgsKqJq1dEFXo5nazfnKr_-_AoK7jiFVa5Bt8-HMlZGH5jMFamf7qP-hjDAiY-RTNdeiLRgxd1YY0iusADn2-TdXX19oGyD4gkV91FtUf5yfvS3yxPIxbznF8vFlla8HuFex6TI1gXzHAU&sai=AMfl-YQ1B5Imv9aH0VPxkfnyG_7v25lePPrkaL_G1i7ZmwXfc4ENqty6VARYrJvgHxtHhro9RCx2_O0bKXDBcLYC3ysNQDrRyrMkrzmXt5n7_87WIg-fF0UwGbuy8I9SSPGE7BOPWcoqh6Ret9gTInchFgq1QfU5oKkJj9ilvuWHDQEMcoC1cuTls2scO35qFVWN3-mgJFopduCtnWkpcvSPWIl4OSu0Yq7CEfHVverdnPpO5rcmFyc12NiS3QRYpgxcsWEk7aHc3d53qTn7PRn4t2DXQbiZoVoGP0myy44pvPUddQCaCk4ia8clirmJHDkWIxc3JnhO9Qiybxshl9njI76975-jU32h9mDaEx6WX0-veujxQfAsDgMHJ3t1GOl8Ihol&sig=Cg0ArKJSzJDgZEqyMtatEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=403&cbvp=1&cstd=400&cisv=r20220810.10685&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.protocolo7em7.com.br.hackeandoansiedade.space
URL: https://www.protocolo7em7.com.br.hackeandoansiedade.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 12 Aug 2022 08:17:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel.gif
tracker.samplicio.us/tracker/59b0c450-db3f-4fe7-8e7c-9024e140eed6/ Frame 4B0A 		35 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracker.samplicio.us/tracker/59b0c450-db3f-4fe7-8e7c-9024e140eed6/pixel.gif?sid=6026018&pid=342179500&crid=175674729&device_id=AMsySZYfiLm9sotMINZr3VzFscAD&cachebuster=2302966501
Requested by
Host: ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
URL: https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.80.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-80-88.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:17:01 GMT
Server
nginx/1.20.0
Connection
keep-alive
Content-Length
35
Strict-Transport-Security
max-age=604800
Content-Type
image/gif
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4B0A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
URL: https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 07:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
89602
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Aug 2023 07:23:38 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DCFE 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
URL: https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
985
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 08:00:35 GMT
etag
48472445140208031
expires
Sat, 13 Aug 2022 08:00:35 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 4B0A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst34PDEm_tTZFbse9m0eoNEO7_0Ug4Osqv_be7QqcQ_vYdi0CgqGuuFYkAqc0JjvNEJT7S9t2AWknY7xiZCmc09LlfyoWBZMw0l8XPT6HfGVmZk-lmZnY1pMWmq1s458zy90HrYShyDH8IUjkCUcdYM10arp5iTGrPf26AcaQP_ZeDWnq3fE81DO2JI88vxQ43cV3Oz3XO0vAvRV2pRsgocWkvMIjeHSocXXI0UihuzA2mjyB_XT_vsVFmTUP1MC1_LgCfOLWi_pGu5qlAo9a5L_cREc2D6ANS-N1KnzdV0p-4oqJ-mOmlYI7slvAP-uFuEgLM4kbxbJH76C81g6NIgnWiDQA6nxLYiMoEvg0JR4ZrOeg&sai=AMfl-YTmhBtZ-9X7cXfhj83P9amx8LV7FrJAtFvVvHwIyMHvbiKb95RhHz2LOeHCMBGBy3Ks-Jug2VNrau7jz0oZF3WIlR-WFDKRiMBdY0kpsSHqhe6MkNOmgPLhAYgw2Ow&sig=Cg0ArKJSzMwItW1Cr6GXEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 08:17:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 12 Aug 2022 08:17:00 GMT
truncated
/ Frame 4B0A 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ed3436e73feb990992cf56bf6ab6ae1702bfe72ee84e02e79ada80d0dbb6f45

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
vevent
nym1-ib.adnxs.com/ Frame DF5C 		0
842 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&e=wqT_3QK8DOg8BgAAAwDWAAUBCPqY2JcGEKfQoMKM0omUCxjW2ZSiroqJsWQqNglEfNNL4ZTOPxFeIGJ-ugTJPxkAAAEC8MIOQCGw3Upq-dXWPyknoImw4enbPzEAAACA61HgPzCB-vMKOKkfQJg5SAJQ_tiIsAFYxaqVAWAAaM-CVnixqQWAAQGKAQNVU0SSAQNCUkyYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigKWAXVmKCdhJywgNTU2NzQ1MCwgMTY2MDI5MjIxOCk7dWYoJ2knLCA3Mzg1MTk1LCAxNjYwMjkyMjE4KTt1ZignZycsIDE4Mzg0MTkxLCAxNjYyHgAwcycsIDI3NjQ2MzYyNkY9ADByJywgMzY5MjQxMjE0Nh8A8IuSAqEEIU1XMXh3UWo1OWJVWkVQN1lpTEFCR0FBZ3hhcVZBVEFFT0FCQUFFaVlPVkNCLXZNS1dBQmdwZ1pvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVJDb0FRcXdBUUM1QVFEV0JCVGw2ZHNfd1FFQTFnUVU1ZW5iUDhrQkFBQUFBQUFBOERfWkFRQQkOdFBBXzRBSHI0TUlEOVFGZDcxWV9tQUlBb0FJQnRRSQUkAHYNCPBpd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQmdBTUJtQU1Cb2dNT0NMUGloU01RQ3hnQ0xRQUFBQUM2QXdsT1dVMHlPalEwTnpYZ0E0SXZnQVQ4OHQ0SWlBVE1yT01Ja0FRQm1BUUJ3UQU1CQEITWtFCQkBARhEWUJBRHhCAQsNAeBpQVg3SXBnRmlvRHFnd0dwQllLUUxHQUNkeFJBc1FVQUFBREFSLW5oUDhFRkFBQUFvT3ZkNmpfSkIRYwxQQV8wBSgNAQROawUoAQHwRjhEX2dCZF9VQXZBRnY0cmlDUGdGMnVmVEFvSUdBMVZUUklnR0JKQUdBWmdHQUtFR21wbVptWm1aN1Qtb0JnU3lCaVFKQUFBEQMAUhEJDEFBQVoBBQ0BAGgNCCEoPDRCZ28umgKZASFNeGJtbEE6JQI0TVdxbFFFZ0FDZ0FNWnEFbRhtZTBfT2dsPV0UVkFnaTlKAU8BAQg4RDkdeQBCHXkAQh15BEJwASwJAQRCeAkIAQEQQjRBSWs1cPS2AThEOC6yAiQ2YzA2YzY3OS1kMWQzLTQ2NTgtYTU0YS02ZGQxOWU2NmZjNDPYAp9G4ALukF3qAmpodHRwczovL2dsYW1vdXIuZ2xvYm8uY29tL2xpZmVzdHlsZS9ub3RpY2lhLzIwMTkvMTIvbWVsaG9yZXMtZG8tYW5vLW9zLW1lbWVzLW1haXMtZW5ncmFjYWRvcy1kZS0yMDE5LmdodG1sgAMAiAMBkAMAmAMUoAMBqgMAwAOsAsgDANgDkogC4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQOMTQ5LjU2LjE1My4xNzmoBACyBAwIABAAGAAgADAAOAK4BADABM3AuSLIBADSBA43MzIwI05ZTTI6NDQ3NdoEAggB4AQA8AT-2IiwAfoEEgkAAACg779GQBEAAABgbWVSwIgFAZgFAKAF____________AaoFLTg3Njc2YTU5LTdlZmQtNDYyNC1iNWM0LTE5YmUzNTg3OTBhMF9BcHBOZXh1c8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBZGUQPoFBAgAEACQBgCYBgC4BgDBBgChgywA8D_QBqkl2gYWChAFEB0BYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOLQEQADIB7GpBdIHDQkROwE4CNoHBgknYOAHAOoHAggA8AcAiggCEACVCAAAgD-YCAE.&s=32424a1ae5ea2aa21bb0065ed8a4a262e144d225&type=nv&nvt=5&jm=1003&px=0&py=0&bw=728&bh=90&sid=9033494341770230179&vd=ct~0|rr~0&sv=224&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=22871297&cid=3&cr=nv&sw=1600&sh=1200&pw=728&ph=94&ww=728&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.113 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:00 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
af1e1ecd-f192-4a7a-ba9d-238396475afd
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://config.seedtag.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
controller
ssl.connextra.com/servlet/ Frame 8AC9 		1 KB
858 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssl.connextra.com/servlet/controller?service=DDM_SB_ACQ_CA_FR_MLBJun2022_728x90&pubhost=config.seedtag.com&apnauc=803934936762951719&tclk=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRHzTS-GUzj9eIGJ-ugTJPwAAAAAAAA5AsN1KavnV1j8noImw4enbPycoSMiQJigL1ixF5FIkYmR6DPZiAAAAAAH9XAGpDwAAmBwAAAIAAAB-LAIWRVUlAAAAAABVU0QAQlJMANgCWgBPgQAAAAABAgUCAAAAAKoANiJsIwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21MxbmlAj59bUZEP7YiLABGMWqlQEgACgAMZqZmZmZme0_OglOWU0yOjQ0NzVAgi9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NzU%3D%2Fbn%3D87217%2Fclickenc%3D&client=Bet99&dspid=3bc1d7fd2e&placement=DDM_APN_SB_ACQ_CA_FR_728x90&bidid=803934936762951719&_cb=1048614941
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/Bet99/selector/client?client=Bet99&placement=DDM_APN_SB_ACQ_CA_FR_728x90&_cb=1048614941&apnauc=803934936762951719&bidid=803934936762951719&dspid=3bc1d7fd2e&tclk=https://nym1-ib.adnxs.com/click?RHzTS-GUzj9eIGJ-ugTJPwAAAAAAAA5AsN1KavnV1j8noImw4enbPycoSMiQJigL1ixF5FIkYmR6DPZiAAAAAAH9XAGpDwAAmBwAAAIAAAB-LAIWRVUlAAAAAABVU0QAQlJMANgCWgBPgQAAAAABAgUCAAAAAKoANiJsIwAAAAA./bcr=AAAAAAAA8D8=/cnd=%21MxbmlAj59bUZEP7YiLABGMWqlQEgACgAMZqZmZmZme0_OglOWU0yOjQ0NzVAgi9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjQ0NzU=/bn=87217/clickenc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.81.133.133 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-81-133-133.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0ccb37a898ee140b90abf8b5fbbef998685b154492b880011870f132b4ee1592

Request headers

Referer
https://ssl.connextra.com/Bet99/selector/client?client=Bet99&placement=DDM_APN_SB_ACQ_CA_FR_728x90&_cb=1048614941&apnauc=803934936762951719&bidid=803934936762951719&dspid=3bc1d7fd2e&tclk=https://nym1-ib.adnxs.com/click?RHzTS-GUzj9eIGJ-ugTJPwAAAAAAAA5AsN1KavnV1j8noImw4enbPycoSMiQJigL1ixF5FIkYmR6DPZiAAAAAAH9XAGpDwAAmBwAAAIAAAB-LAIWRVUlAAAAAABVU0QAQlJMANgCWgBPgQAAAAABAgUCAAAAAKoANiJsIwAAAAA./bcr=AAAAAAAA8D8=/cnd=%21MxbmlAj59bUZEP7YiLABGMWqlQEgACgAMZqZmZmZme0_OglOWU0yOjQ0NzVAgi9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjQ0NzU=/bn=87217/clickenc=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-length
699
content-type
text/html;charset=UTF-8
date
Fri, 12 Aug 2022 08:17:00 GMT
expires
Fri, 12 Aug 2022 08:20:48 GMT
vary
Accept-Encoding
x-served-by
vlp-cxtadsrv05.connextra.net
wl
t.pubmatic.com/ Frame CFBD 		17 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=157163
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.92 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:01 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
controller
ssl.connextra.com/servlet/ Frame CDC0 		1 KB
860 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssl.connextra.com/servlet/controller?service=DDM_SB_ACQ_CA_FR_FootballJun2022_300x600&pubhost=config.seedtag.com&apnauc=8177659082346338560&tclk=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRHzTS-GUzj9eIGJ-ugTJPwAAAGC4Hg1Axvp054r80j9MGqN1VDXXPwAZgLmb4Xxx1ixF5FIkYmR6DPZiAAAAAAX9XAGpDwAAmBwAAAIAAAB0LAIWRVUlAAAAAABVU0QAQlJMACwBWAJPgQAAAAABAgUCAAAAAKoA8iIKngAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21JBaFjwj59bUZEPTYiLABGMWqlQEgACgAMZqZmZmZme0_OglOWU0yOjU3MTJAgi9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjU3MTI%3D%2Fbn%3D92138%2Fclickenc%3D&client=Bet99&dspid=3bc1d7fd2e&placement=DDM_APN_SB_ACQ_CA_FR_300x600&bidid=8177659082346338560&_cb=1703633298
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/Bet99/selector/client?client=Bet99&placement=DDM_APN_SB_ACQ_CA_FR_300x600&_cb=1703633298&apnauc=8177659082346338560&bidid=8177659082346338560&dspid=3bc1d7fd2e&tclk=https://nym1-ib.adnxs.com/click?RHzTS-GUzj9eIGJ-ugTJPwAAAGC4Hg1Axvp054r80j9MGqN1VDXXPwAZgLmb4Xxx1ixF5FIkYmR6DPZiAAAAAAX9XAGpDwAAmBwAAAIAAAB0LAIWRVUlAAAAAABVU0QAQlJMACwBWAJPgQAAAAABAgUCAAAAAKoA8iIKngAAAAA./bcr=AAAAAAAA8D8=/cnd=%21JBaFjwj59bUZEPTYiLABGMWqlQEgACgAMZqZmZmZme0_OglOWU0yOjU3MTJAgi9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjU3MTI=/bn=92138/clickenc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.81.133.133 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-81-133-133.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b8bcad49506b9fea69408f863efc6964c6d70d9dc7f994eade9846b2bc96c652

Request headers

Referer
https://ssl.connextra.com/Bet99/selector/client?client=Bet99&placement=DDM_APN_SB_ACQ_CA_FR_300x600&_cb=1703633298&apnauc=8177659082346338560&bidid=8177659082346338560&dspid=3bc1d7fd2e&tclk=https://nym1-ib.adnxs.com/click?RHzTS-GUzj9eIGJ-ugTJPwAAAGC4Hg1Axvp054r80j9MGqN1VDXXPwAZgLmb4Xxx1ixF5FIkYmR6DPZiAAAAAAX9XAGpDwAAmBwAAAIAAAB0LAIWRVUlAAAAAABVU0QAQlJMACwBWAJPgQAAAAABAgUCAAAAAKoA8iIKngAAAAA./bcr=AAAAAAAA8D8=/cnd=%21JBaFjwj59bUZEPTYiLABGMWqlQEgACgAMZqZmZmZme0_OglOWU0yOjU3MTJAgi9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjU3MTI=/bn=92138/clickenc=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-length
702
content-type
text/html;charset=UTF-8
date
Fri, 12 Aug 2022 08:17:01 GMT
expires
Fri, 12 Aug 2022 08:23:46 GMT
vary
Accept-Encoding
x-served-by
vlp-cxtadsrv03.connextra.net
/
www.facebook.com/tr/ Frame 6CDC 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://glamour.globo.com
Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://glamour.globo.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 08:17:01 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 0A08 		27 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292218648,,&us_privacy=&cb=1660292220413&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fglamour.globo.com%252Flifestyle%252Fnoticia%252F2019%252F12%252Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fglamour.globo.com%252Flifestyle%252Fnoticia%252F2019%252F12%252Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&vwndref=https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F&vc=2&js=1&sec=1&kltstamp=2022-8-12%208:17:0&ranreq=0.024707005484836175&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292218648,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:01 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://glamour.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 4295 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15305731331847383697/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15305731331847383697/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 05:06:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11430
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 13 Aug 2022 05:06:31 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DEF7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022080801&jk=3007064759748925&bg=!RkWlRQHNAAa4hXTbmIU7ACkAdvg8WrVzkiMsyfxZZGJ5EOcb5HVpqR-MBjHk5Jc69ih3mZsIJkttEwIAAANaUgAAAAVoAQeZAvPRNjbOObRgzxotFjIywtJ91oB939VUjLljjr3xvvh0CKCQyw8D0jHlMk0a0Su_eU9L5CS18HMYLrnIge5anYxlJgNPd1tjRKh4N3EaROvBs2FELXBec-RblYYYdV8Vdz8LtU67Y39-oRVO_x2Tk8Y4sjDE_vfYtoaYcs0Etan07qzd7nPtpibKXCLq4JBkGhFN8SpAjfYpbVSlrCOlbRRkc6zt3c7X95ilHFzKUN4jr77HpCpFF8eIqQED3MzF6reClY8VsJ2FAuGB-cSCAcQVGOdxTPj7VJFNfi6qQsrtY9HDzP7XhG5XNgGmg3oP3nSJjCSFFqYYM5KkANkl2Q0hkxlLEixtFVK_pOeDNRqdTiuleifctnIpceAdxa1JeHKGKmoUBMGpcWcGS0uLlOHQyQitqCZ3KDJSaZDU62WWQOyruk3Y4Fk5zMH95QJJsUyssThN8YXU53M3vUeJ_vxxpXO88O8ZIi9cHJwD9mwxD_-YijiQ8VQjr97LtfXJ-RiHfUXF0yeC07QkRCZ60o3q_Aj2jpZlgB784QNgzL29SKBJ2IRmNLjm1zEw3m0yf1YDG0Odg_Nw2gT_1IWQF5gaMol1TLNTkCW4T2Dy_YewPi7M64VB1yGM-MCRfrrXAGP27jgN_D69nzQRd3f2vg1oahlzvA147evAaTOfY3nrAiy8PwsQeqTkhrdc_W_FLftGjD07VS4TkpugwIrn_PdIrejK5xoXJ7l_eO-TqA8N0P1LCRTjvbDXcmhodEnlVG3KM2hV-jvpKD4YEj3Cjjbn-V-CWcgJJ4i69hWOC7EVOCWE0Y8DPxK1XR63XGXC43XjOdEWehuws-zoc73ngyJkgnjhHHJNqM9UTsr5Cs4Lf0b8ZAxv4ti91ySqo4gF7nplGX7ykLz-1laPvvfEVtPi8-JsKP-znUamwi3PlctY6vJ8x9fl-E2Mj6lnGhE98NGhZH-MNpRb4h9Kq5d6LIHJlSdklHJyLki3BtVYrE5WXDtwTw
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
Utils_v9-long.js
ssl.connextra.com/services/ActiveAd/ Frame 8AC9 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.connextra.com/services/ActiveAd/Utils_v9-long.js
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_ACQ_CA_FR_MLBJun2022_728x90&pubhost=config.seedtag.com&apnauc=803934936762951719&tclk=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRHzTS-GUzj9eIGJ-ugTJPwAAAAAAAA5AsN1KavnV1j8noImw4enbPycoSMiQJigL1ixF5FIkYmR6DPZiAAAAAAH9XAGpDwAAmBwAAAIAAAB-LAIWRVUlAAAAAABVU0QAQlJMANgCWgBPgQAAAAABAgUCAAAAAKoANiJsIwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21MxbmlAj59bUZEP7YiLABGMWqlQEgACgAMZqZmZmZme0_OglOWU0yOjQ0NzVAgi9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NzU%3D%2Fbn%3D87217%2Fclickenc%3D&client=Bet99&dspid=3bc1d7fd2e&placement=DDM_APN_SB_ACQ_CA_FR_728x90&bidid=803934936762951719&_cb=1048614941
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.81.133.133 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-81-133-133.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
93e6639c3f07cb77467754907778fc49a74b1194368a93923c824ebec4d78298

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssl.connextra.com/servlet/controller?service=DDM_SB_ACQ_CA_FR_MLBJun2022_728x90&pubhost=config.seedtag.com&apnauc=803934936762951719&tclk=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRHzTS-GUzj9eIGJ-ugTJPwAAAAAAAA5AsN1KavnV1j8noImw4enbPycoSMiQJigL1ixF5FIkYmR6DPZiAAAAAAH9XAGpDwAAmBwAAAIAAAB-LAIWRVUlAAAAAABVU0QAQlJMANgCWgBPgQAAAAABAgUCAAAAAKoANiJsIwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21MxbmlAj59bUZEP7YiLABGMWqlQEgACgAMZqZmZmZme0_OglOWU0yOjQ0NzVAgi9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NzU%3D%2Fbn%3D87217%2Fclickenc%3D&client=Bet99&dspid=3bc1d7fd2e&placement=DDM_APN_SB_ACQ_CA_FR_728x90&bidid=803934936762951719&_cb=1048614941
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:01 GMT
content-encoding
gzip
last-modified
Mon, 07 Jun 2010 11:57:50 GMT
server
AkamaiNetStorage
etag
"159f636ee9f642a0c8c12354adf10d7c:1275911870"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
1742
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame DCFE
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBbGtUls40sgK35ib-L7i_w&google_cver=1&google_push=AehlK4CkM23slm5nZsM2cj-e8oYKRx9s6g3Vg2vaKACC5A8cWuNenOckyyASqdrDYXIl4J1TnQasJkQdmlmGFgpfWsQ33PnCRXg
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDI3NjA3NzI5NjM0NTYwNzc3OQ==&gdpr=0&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEBbGtUls40sgK35ib-L7i_w&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEBbGtUls40sgK35ib-L7i_w&google_cver=1
Requested by
Host: ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
URL: https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Server
2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEBbGtUls40sgK35ib-L7i_w&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
a.tribalfusion.com/ Frame DCFE 		43 B
712 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEMvCsEb3nvmXpkwR6N38b4g&google_cver=1&google_push=AehlK4ByyvO540Xj9N5ZYfWjDEhmA8ll_o44jWCc-oeGD-D5Ui7SZONIz0RIw_0NhJNeTJ73CgICUAPlcPZXyH31Q3gmxc9ZD_g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4ByyvO540Xj9N5ZYfWjDEhmA8ll_o44jWCc-oeGD-D5Ui7SZONIz0RIw_0NhJNeTJ73CgICUAPlcPZXyH31Q3gmxc9ZD_g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
URL: https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:01 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
7397c5adeb36ecfa-YUL
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DCFE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WXZZTWVRQUYxeGMxeGdBMA==&google_gid=CAESEEEPDUE0YKvNkrk7DceXK-U&google_cver=1&google_push=AehlK4Cu0nTXIDEa4dpd46_CDGNLSKTH3K...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WXZZTWVRQUYxeGMxeGdBMA==&google_gid=CAESEEEPDUE0YKvNkrk7DceXK-U&google_cver=1&google_push=AehlK4Cu0nTXIDEa4dpd46_CDGNLSKTH3KB9KS5cEizFF6VphGoj8zbfdHcwmIgL_bc9D6WBInIYWe2XDis_lHVaD6vUkXqdSbU
Requested by
Host: ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
URL: https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:01 GMT
via
1.1 varnish
server
Varnish
x-timer
S1660292221.102068,VS0,VE0
x-served-by
cache-yul12833-YUL
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WXZZTWVRQUYxeGMxeGdBMA==&google_gid=CAESEEEPDUE0YKvNkrk7DceXK-U&google_cver=1&google_push=AehlK4Cu0nTXIDEa4dpd46_CDGNLSKTH3KB9KS5cEizFF6VphGoj8zbfdHcwmIgL_bc9D6WBInIYWe2XDis_lHVaD6vUkXqdSbU
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame DCFE
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESEMxikFl5KxVSVsQuYcfnVLE&google_cver=1&google_push=AehlK4DCjGjzhIfVkh3zCtsRKwanaHzESjJrJB_snCjlgqLGtYaXEFCLrSm7-sdY8167l14eucR8kQ0lgOQt...
  • https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AehlK4DCjGjzhIfVkh3zCtsRKwanaHzESjJrJB_snCjlgqLGtYaXEFCLrSm7-sdY8167l14eucR8kQ0lgOQtkapNBTqJ_DUHlsg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AehlK4DCjGjzhIfVkh3zCtsRKwanaHzESjJrJB_snCjlgqLGtYaXEFCLrSm7-sdY8167l14eucR8kQ0lgOQtkapNBTqJ_DUHlsg
Requested by
Host: ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
URL: https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:01 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AehlK4DCjGjzhIfVkh3zCtsRKwanaHzESjJrJB_snCjlgqLGtYaXEFCLrSm7-sdY8167l14eucR8kQ0lgOQtkapNBTqJ_DUHlsg
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
193
Expires
Tue, 29 May 1984 15:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DCFE
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEDkjrX8MWVJrt13WL_btCag&google_cver=1&google_push=AehlK4DgBaifejKY4m197P1ZEec80xCCD5flJ7w2zoEPdWuHlNTynvx8scC7I70ikEtw2YQardGsnvejWPlrmhDrm8gpaf...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=6piFqA-ETieHKmSOKHSg8g&google_push=AehlK4DgBaifejKY4m197P1ZEec80xCCD5flJ7w2zoEPdWuHlNTynvx8scC7I70ikEtw2YQardGsnvejWPlrmhD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=6piFqA-ETieHKmSOKHSg8g&google_push=AehlK4DgBaifejKY4m197P1ZEec80xCCD5flJ7w2zoEPdWuHlNTynvx8scC7I70ikEtw2YQardGsnvejWPlrmhDrm8gpaf4ppgQ
Requested by
Host: ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
URL: https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=6piFqA-ETieHKmSOKHSg8g&google_push=AehlK4DgBaifejKY4m197P1ZEec80xCCD5flJ7w2zoEPdWuHlNTynvx8scC7I70ikEtw2YQardGsnvejWPlrmhDrm8gpaf4ppgQ
date
Fri, 12 Aug 2022 08:17:01 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame DCFE
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGMe7jIXixlMRyVDiE6hjoA&google_cver=1&google_push=AehlK4BP3OKSP0QMITN1b_Dr5GnahU-0V4F5kgBiQcmmwh5-RFF1enAKtwg8FRSar0HF_jgokthoNy8ueput-8ogaz9a4caxI5g
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDQzNjQxNzkxNTAxNDcwNTIzNzkwOA%3D%3D&google_push=AehlK4BP3OKSP0QMITN1b_Dr5GnahU-0V4F5kgBiQcmmwh5-RFF1enAK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDQzNjQxNzkxNTAxNDcwNTIzNzkwOA%3D%3D&google_push=AehlK4BP3OKSP0QMITN1b_Dr5GnahU-0V4F5kgBiQcmmwh5-RFF1enAKtwg8FRSar0HF_jgokthoNy8ueput-8ogaz9a4caxI5g
Requested by
Host: ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
URL: https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDQzNjQxNzkxNTAxNDcwNTIzNzkwOA%3D%3D&google_push=AehlK4BP3OKSP0QMITN1b_Dr5GnahU-0V4F5kgBiQcmmwh5-RFF1enAKtwg8FRSar0HF_jgokthoNy8ueput-8ogaz9a4caxI5g
date
Fri, 12 Aug 2022 08:17:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame DCFE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIXPZJ4DbysF7IGYq77mJKs&google_cver=1&google_push=AehlK4A7coDNuWSnnLijzJyH8_wkDRytUR0psax7EJ7rCkoRQJMdWCwbtlK2CE8pH5ktizQwUy...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1FVVVjdXg1RTJ1RjFFdTNlLi5aT2lhdDdxMUc1eWJuen5B&google_push=AehlK4A7coDNuWSnnLijzJyH8_wkDRytUR0psax7EJ7rCkoRQJMdWCwbt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1FVVVjdXg1RTJ1RjFFdTNlLi5aT2lhdDdxMUc1eWJuen5B&google_push=AehlK4A7coDNuWSnnLijzJyH8_wkDRytUR0psax7EJ7rCkoRQJMdWCwbtlK2CE8pH5ktizQwUyN0iHapDUZPcUw46WkzJwfdCJFI
Requested by
Host: ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
URL: https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1FVVVjdXg1RTJ1RjFFdTNlLi5aT2lhdDdxMUc1eWJuen5B&google_push=AehlK4A7coDNuWSnnLijzJyH8_wkDRytUR0psax7EJ7rCkoRQJMdWCwbtlK2CE8pH5ktizQwUyN0iHapDUZPcUw46WkzJwfdCJFI
date
Fri, 12 Aug 2022 08:17:01 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame DCFE 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KbQRHH4TVG0stZNMgygy1y5RwbW1RbAkn-_xilvpiaudGWoa2EyN3gKT6G1VXVBL2hOvTfcg
Requested by
Host: ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
URL: https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:01 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
n.js
geo.moatads.com/ Frame 4B0A 		83 B
255 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.moatads.com/n.js?e=35&ol=2466337508&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-orqDNwRTPmOps3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-L5aj2Zz1Kg7M0g%3D%3D&sc=1&os=1-CA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=ESSENCEDIGITALNA1&dMoatBDS=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fglamour.globo.com&lp=https%3A%2F%2Fglamour.globo.com&t=1660292221096&de=978096205301&m=0&ar=1da355aa18f-clean&iw=57c14d0&q=2&cb=0&ym=0&cu=1660292221096&ll=3&lm=2&ln=1&r=0&em=0&en=0&d=28175962%3A6026018%3A342179500%3A175674729&zGSRC=1&zMoatG=ct&zMoatAUCID=-&zMoatJS=-&zMoatDR=-&zMoatGSR=1&ph=&pj=standard&gu=https%3A%2F%2Fglamour.globo.com%2F&id=0&ii=9&bo=globo.com&bd=glamour.globo.com&zMoatOrigSlicer1=6026018&zMoatOrigSlicer2=342179500&gw=essencedigitalna20153870852878&fd=1&it=500&ti=0&ih=2&pe=0%3A1074%3A1074%3A0%3A1124&jk=-1&jm=-1&fs=199703&na=249243454&cs=0&ord=1660292221096&jv=737198987&callback=DOMlessLLDcallback_6822523
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/essencedigitalna20153870852878/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.43.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-43-160.compute-1.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
f7f28cb9acd76bd3a8d434d3d878ef2419fbd5a2d0b5fc0c969bf4555e90e892

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:01 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"69291cf3e1262073dac716dee62be2958acc4ec6"
content-length
83
content-type
text/html; charset=UTF-8
v2
mb.moatads.com/s/ Frame 4B0A 		416 B
590 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/s/v2?url=https%3A%2F%2Fglamour.globo.com%2F&pcode=essencedigitalna20153870852878&ord=1660292221096&jv=36346789&callback=BrandSafetyNadoscallback_6822523
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/essencedigitalna20153870852878/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.134.29.131 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-134-29-131.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
2b1ffb01c3170942977bbbc41bfd3a8a100889c9bb970ff877c1f59a72a33796

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:01 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"14e98e64c93829b20f566a3bddbc42619077be3a"
content-length
416
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ Frame 4B0A 		43 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=ESSENCEDIGITALNA1&dMoatBDS=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fglamour.globo.com&lp=https%3A%2F%2Fglamour.globo.com&t=1660292221096&de=978096205301&m=0&ar=1da355aa18f-clean&iw=57c14d0&q=3&cb=0&ym=0&cu=1660292221096&ll=3&lm=2&ln=1&r=0&em=0&en=0&d=28175962%3A6026018%3A342179500%3A175674729&zGSRC=1&zMoatG=ct&zMoatAUCID=-&zMoatJS=-&zMoatDR=-&zMoatGSR=1&ph=&pj=standard&gu=https%3A%2F%2Fglamour.globo.com%2F&id=0&ii=9&bo=globo.com&bd=glamour.globo.com&zMoatOrigSlicer1=6026018&zMoatOrigSlicer2=342179500&gw=essencedigitalna20153870852878&fd=1&it=500&ti=0&ih=2&pe=0%3A1074%3A1074%3A0%3A1124&jk=-1&jm=-1&fs=199703&na=1339390078&cs=0
Requested by
Host: ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
URL: https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.223.57.238 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-57-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:01 GMT
x-check-cacheable
YES
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
last-modified
Fri, 20 May 2016 15:16:00 GMT
accept-ranges
bytes
content-length
43
expires
Fri, 12 Aug 2022 08:17:01 GMT
Utils_v9-long.js
ssl.connextra.com/services/ActiveAd/ Frame CDC0 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.connextra.com/services/ActiveAd/Utils_v9-long.js
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_ACQ_CA_FR_FootballJun2022_300x600&pubhost=config.seedtag.com&apnauc=8177659082346338560&tclk=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRHzTS-GUzj9eIGJ-ugTJPwAAAGC4Hg1Axvp054r80j9MGqN1VDXXPwAZgLmb4Xxx1ixF5FIkYmR6DPZiAAAAAAX9XAGpDwAAmBwAAAIAAAB0LAIWRVUlAAAAAABVU0QAQlJMACwBWAJPgQAAAAABAgUCAAAAAKoA8iIKngAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21JBaFjwj59bUZEPTYiLABGMWqlQEgACgAMZqZmZmZme0_OglOWU0yOjU3MTJAgi9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjU3MTI%3D%2Fbn%3D92138%2Fclickenc%3D&client=Bet99&dspid=3bc1d7fd2e&placement=DDM_APN_SB_ACQ_CA_FR_300x600&bidid=8177659082346338560&_cb=1703633298
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.81.133.133 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-81-133-133.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
93e6639c3f07cb77467754907778fc49a74b1194368a93923c824ebec4d78298

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssl.connextra.com/servlet/controller?service=DDM_SB_ACQ_CA_FR_FootballJun2022_300x600&pubhost=config.seedtag.com&apnauc=8177659082346338560&tclk=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRHzTS-GUzj9eIGJ-ugTJPwAAAGC4Hg1Axvp054r80j9MGqN1VDXXPwAZgLmb4Xxx1ixF5FIkYmR6DPZiAAAAAAX9XAGpDwAAmBwAAAIAAAB0LAIWRVUlAAAAAABVU0QAQlJMACwBWAJPgQAAAAABAgUCAAAAAKoA8iIKngAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21JBaFjwj59bUZEPTYiLABGMWqlQEgACgAMZqZmZmZme0_OglOWU0yOjU3MTJAgi9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjU3MTI%3D%2Fbn%3D92138%2Fclickenc%3D&client=Bet99&dspid=3bc1d7fd2e&placement=DDM_APN_SB_ACQ_CA_FR_300x600&bidid=8177659082346338560&_cb=1703633298
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:01 GMT
content-encoding
gzip
last-modified
Mon, 07 Jun 2010 11:57:50 GMT
server
AkamaiNetStorage
etag
"159f636ee9f642a0c8c12354adf10d7c:1275911870"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
1742
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E17A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
177927
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:51:34 GMT
expires
Thu, 10 Aug 2023 06:51:34 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 887E 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?iuv9Fg
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
track
aktrack.pubmatic.com/ Frame 0A08 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1660292221&wa=0&vadsId=-1&e=95&vc=2
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:01 GMT
content-length
0
content-type
text/html
pixel.gif
px.moatads.com/ Frame 4B0A 		43 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&dMoatBDS=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2Fsadbundle%2F15305731331847383697%2Findex.html&i=ESSENCEDIGITALNA1&ol=2466337508&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-orqDNwRTPmOps3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-L5aj2Zz1Kg7M0g%3D%3D&sc=1&os=1-CA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fglamour.globo.com%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fglamour.globo.com&lp=https%3A%2F%2Fglamour.globo.com&t=1660292221096&de=978096205301&cu=1660292221096&m=92&ar=1da355aa18f-clean&iw=57c14d0&cb=0&ym=0&ll=3&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A1074%3A1074%3A0%3A1124&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=60&cd=0&ah=60&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=28175962%3A6026018%3A342179500%3A175674729&bo=globo.com&bd=glamour.globo.com&gw=essencedigitalna20153870852878&zMoatOrigSlicer1=6026018&zMoatOrigSlicer2=342179500&zMoatG=ct&zMoatAUCID=-&zMoatJS=3%3A-&zMoatDR=-&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&oq=0&ot=0&ti=0&ih=2&jk=-1&jm=-1&tc=0&fs=199703&na=1499325018&cs=0
Requested by
Host: ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
URL: https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.223.57.238 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-57-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:01 GMT
x-check-cacheable
YES
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
last-modified
Fri, 20 May 2016 15:16:00 GMT
accept-ranges
bytes
content-length
43
expires
Fri, 12 Aug 2022 08:17:01 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4B0A 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuhQE7gbRxFusGKRGgZdIVGuQwzjpY3IaUQOv0T4sNOfqZEcertybUb3zZXNDI9V9kl1QcUsqZ0Wc618x8ksCMts7JrUfKZc-ALavynMuffQiH3RJEBHMZQVRRULRq-93wKrIxuNcOa-_CTGAFhX83M4mJijbweY0Izx_DCvKVDkv4wEZk2TXanBeMYabs1QCThJN81vcaPTjLIDBC1n0EHLg4aBEBMOkM3YgJkBqIo544cFh5ciLhUOZu861ev5o3RjpQfSW9bOTheVCLwNKkSUI9g2NWFaxBig2w52Oq-wIXdFAyYHo2T_uQBts_V-RMbQZWEq48ykNppUxtfTVjjBC-FG_J8H8rWuPvvcFjMIQJKm7TI7v9wXKPX0mA9Z6Ydgz2tX8UnQaBXJGb-IMqp6GPyWirKRsIRJNJu8zKvh0kTCjQ8qF2gmSs2SOWBZoKomyvK9438yTgfoGv7Gxao8mbosTTDJ4Hv6NlOS1SZMTfuAro8m_xY12QIVo3ZXTzAQYO4yO5jQOrVcan-Lgl1FDtWDwqTZ8RIk1W7eFHtpaO4Wa6EzAlb37fz9Q_laB1aBGcCH0widoVfOuxNiP2BCbdI1IMeEMj1GzrY0dpGF7qWdSnSxqWMDPQtEvrvB20M_KQXG9rYg0XO2Ceru0KrK_Q9uxWI-IN_QB7kpiy0lZeaux4m5NqIjzsOSpUd4CVnqRMFDmryh_rmYg0wc5G-9ysKTGPHgkYIoYB2jDq2ppDcLzfCPa6reZasWZbD-Co8a3AXQPgv07y4MCd9t-p1UimMqz97-KfFg6i8c5I0kwQoX8cGpOA0QvoKvwr_smUghG6o0qd5gH4srASiauWG_7rS1zQqeg_8Bgmba8us69RJe6APrXKHVo2WLYPy0O2-WJb5zXX6ekcxzpM4xdf1OnOIF3BQaWjTPjadLoQR4slDiel0hb0HQVsSNBjMKGYWaxB7e959aWsYy-6IVY9DCWwXRaM_omfF2-A3osmMxiDq6XJpVOk5va8DnBs8bCmeAcoXkSM9s2ZA3mmWnVCkW7r0K9C8UNIEXu0m4-GncTuox2stx8EbvQx7ie3KJpVmvJI8_5mbx40q4ip49GfYQvvZ-HCMST5NB0_7trI4wjwGZGZIrBFBCU_ej0SfSoiLHpv3HI-ahYk33vIWYx3j2yip-4KQG41gTPDLr3SXk_u0PlYWwgqhVgjBfki69HF-zhoQYF8PiaR2_7P41RLZoiKTpT9SRjz-JiR9LgL5r7j6rhgEPPj2yjUrUR609z--wdQi13JtudccxXPgK7ndMi2st9ltZ5XsfLqlJpY0ihkfw4IJxBlO1Cc_id5Vu2lSXh_cP7CBXXNxf-uGlnGHMjpLZ1I584-J9Of62R4pjpnamlDNiIz5yf3ufxm9kj9VQ1JJunXuebzQCHX5T3BImAye0kMb8ENnuaDII1UcD9dkAhoHDskHC6_ejT4CMwIW_nijgH_4sZKmP2xd7DzR2sC3TwsHfrYpWGA8LXBEi5TGe2xUMREoaN6QzZNlkAq8CbbwGn_YcAp-oAs1HgKS6RSm94JH-084jIaCNflFOgk5IBWCd33LmMgsKqJq1dEFXo5nazfnKr_-_AoK7jiFVa5Bt8-HMlZGH5jMFamf7qP-hjDAiY-RTNdeiLRgxd1YY0iusADn2-TdXX19oGyD4gkV91FtUf5yfvS3yxPIxbznF8vFlla8HuFex6TI1gXzHAU&sai=AMfl-YQ1B5Imv9aH0VPxkfnyG_7v25lePPrkaL_G1i7ZmwXfc4ENqty6VARYrJvgHxtHhro9RCx2_O0bKXDBcLYC3ysNQDrRyrMkrzmXt5n7_87WIg-fF0UwGbuy8I9SSPGE7BOPWcoqh6Ret9gTInchFgq1QfU5oKkJj9ilvuWHDQEMcoC1cuTls2scO35qFVWN3-mgJFopduCtnWkpcvSPWIl4OSu0Yq7CEfHVverdnPpO5rcmFyc12NiS3QRYpgxcsWEk7aHc3d53qTn7PRn4t2DXQbiZoVoGP0myy44pvPUddQCaCk4ia8clirmJHDkWIxc3JnhO9Qiybxshl9njI76975-jU32h9mDaEx6WX0-veujxQfAsDgMHJ3t1GOl8Ihol&sig=Cg0ArKJSzJDgZEqyMtatEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=889&vt=11&dtpt=486&dett=3&cstd=400&cisv=r20220810.10685&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.protocolo7em7.com.br.hackeandoansiedade.space
URL: https://www.protocolo7em7.com.br.hackeandoansiedade.space/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 08:17:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
pagead2.googlesyndication.com/bg/ Frame E17A 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 07:45:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
261063
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14139
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 07:45:58 GMT
728x90.jpg
ssl.connextra.com/resources/Bet99/2022/SB_ACQ_CA_FR_MLB_June_2022/ Frame 8AC9 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.connextra.com/resources/Bet99/2022/SB_ACQ_CA_FR_MLB_June_2022/728x90.jpg
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_ACQ_CA_FR_MLBJun2022_728x90&pubhost=config.seedtag.com&apnauc=803934936762951719&tclk=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRHzTS-GUzj9eIGJ-ugTJPwAAAAAAAA5AsN1KavnV1j8noImw4enbPycoSMiQJigL1ixF5FIkYmR6DPZiAAAAAAH9XAGpDwAAmBwAAAIAAAB-LAIWRVUlAAAAAABVU0QAQlJMANgCWgBPgQAAAAABAgUCAAAAAKoANiJsIwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21MxbmlAj59bUZEP7YiLABGMWqlQEgACgAMZqZmZmZme0_OglOWU0yOjQ0NzVAgi9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NzU%3D%2Fbn%3D87217%2Fclickenc%3D&client=Bet99&dspid=3bc1d7fd2e&placement=DDM_APN_SB_ACQ_CA_FR_728x90&bidid=803934936762951719&_cb=1048614941
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.81.133.133 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-81-133-133.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a1a5b73bcfd1957f0a269520f429a9230617766d5ae45ff7694e66a9dffd19aa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssl.connextra.com/servlet/controller?service=DDM_SB_ACQ_CA_FR_MLBJun2022_728x90&pubhost=config.seedtag.com&apnauc=803934936762951719&tclk=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRHzTS-GUzj9eIGJ-ugTJPwAAAAAAAA5AsN1KavnV1j8noImw4enbPycoSMiQJigL1ixF5FIkYmR6DPZiAAAAAAH9XAGpDwAAmBwAAAIAAAB-LAIWRVUlAAAAAABVU0QAQlJMANgCWgBPgQAAAAABAgUCAAAAAKoANiJsIwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21MxbmlAj59bUZEP7YiLABGMWqlQEgACgAMZqZmZmZme0_OglOWU0yOjQ0NzVAgi9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NzU%3D%2Fbn%3D87217%2Fclickenc%3D&client=Bet99&dspid=3bc1d7fd2e&placement=DDM_APN_SB_ACQ_CA_FR_728x90&bidid=803934936762951719&_cb=1048614941
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:01 GMT
last-modified
Wed, 29 Jun 2022 11:00:24 GMT
accept-ranges
bytes
etag
W/"38412-1656500424000"
content-length
38412
content-type
image/jpeg
300x600.jpg
ssl.connextra.com/resources/Bet99/2022/SB_ACQ_CA_FR_Football_June_2022/ Frame CDC0 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.connextra.com/resources/Bet99/2022/SB_ACQ_CA_FR_Football_June_2022/300x600.jpg
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_ACQ_CA_FR_FootballJun2022_300x600&pubhost=config.seedtag.com&apnauc=8177659082346338560&tclk=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRHzTS-GUzj9eIGJ-ugTJPwAAAGC4Hg1Axvp054r80j9MGqN1VDXXPwAZgLmb4Xxx1ixF5FIkYmR6DPZiAAAAAAX9XAGpDwAAmBwAAAIAAAB0LAIWRVUlAAAAAABVU0QAQlJMACwBWAJPgQAAAAABAgUCAAAAAKoA8iIKngAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21JBaFjwj59bUZEPTYiLABGMWqlQEgACgAMZqZmZmZme0_OglOWU0yOjU3MTJAgi9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjU3MTI%3D%2Fbn%3D92138%2Fclickenc%3D&client=Bet99&dspid=3bc1d7fd2e&placement=DDM_APN_SB_ACQ_CA_FR_300x600&bidid=8177659082346338560&_cb=1703633298
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.81.133.133 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-81-133-133.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3b9274dc2444f01c94a9f849c733032d4a599f4979c845acc7ea4d7997e6a05b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssl.connextra.com/servlet/controller?service=DDM_SB_ACQ_CA_FR_FootballJun2022_300x600&pubhost=config.seedtag.com&apnauc=8177659082346338560&tclk=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRHzTS-GUzj9eIGJ-ugTJPwAAAGC4Hg1Axvp054r80j9MGqN1VDXXPwAZgLmb4Xxx1ixF5FIkYmR6DPZiAAAAAAX9XAGpDwAAmBwAAAIAAAB0LAIWRVUlAAAAAABVU0QAQlJMACwBWAJPgQAAAAABAgUCAAAAAKoA8iIKngAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21JBaFjwj59bUZEPTYiLABGMWqlQEgACgAMZqZmZmZme0_OglOWU0yOjU3MTJAgi9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjU3MTI%3D%2Fbn%3D92138%2Fclickenc%3D&client=Bet99&dspid=3bc1d7fd2e&placement=DDM_APN_SB_ACQ_CA_FR_300x600&bidid=8177659082346338560&_cb=1703633298
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:01 GMT
last-modified
Thu, 30 Jun 2022 20:09:58 GMT
accept-ranges
bytes
etag
W/"88159-1656619798000"
content-length
88159
content-type
image/jpeg
pixel.gif
px.moatads.com/ Frame 4B0A 		43 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&dMoatBDS=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ESSENCEDIGITALNA1&ol=2466337508&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-orqDNwRTPmOps3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-L5aj2Zz1Kg7M0g%3D%3D&sc=1&os=1-CA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fglamour.globo.com%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fglamour.globo.com&lp=https%3A%2F%2Fglamour.globo.com&t=1660292221096&de=978096205301&cu=1660292221096&m=232&ar=1da355aa18f-clean&iw=57c14d0&cb=0&ym=0&ll=3&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lh=64&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1074%3A1074%3A0%3A1124&aa=0&ad=78&cn=0&gk=78&gl=0&ik=78&ic=78&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=60&cd=60&ah=60&am=60&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=28175962%3A6026018%3A342179500%3A175674729&bo=globo.com&bd=glamour.globo.com&gw=essencedigitalna20153870852878&zMoatOrigSlicer1=6026018&zMoatOrigSlicer2=342179500&zMoatG=ct&zMoatAUCID=-&zMoatJS=3%3A-&zMoatDR=-&hv=Essence%20Override%202&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jk=-1&jm=-1&tc=0&fs=199703&na=839783233&cs=0
Requested by
Host: ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
URL: https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.223.57.238 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-57-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:01 GMT
x-check-cacheable
YES
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
last-modified
Fri, 20 May 2016 15:16:00 GMT
accept-ranges
bytes
content-length
43
expires
Fri, 12 Aug 2022 08:17:01 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame DA29 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157743&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:00 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
logo.svg
s0.2mdn.net/sadbundle/15305731331847383697/ Frame 4295 		2 KB
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15305731331847383697/logo.svg
Requested by
Host: ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
URL: https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99bf4aa403643a6d41c028e5db29c79c17cbc815b3e10cd5c6b8f90567a03e52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15305731331847383697/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 15:28:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
319696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
731
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 22:24:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Aug 2023 15:28:45 GMT
text2.svg
s0.2mdn.net/sadbundle/15305731331847383697/ Frame 4295 		11 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15305731331847383697/text2.svg
Requested by
Host: ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
URL: https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3e21915d256ad88b574a4a55d4e3f03db395abc33f53f72db1b107fa48d0710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15305731331847383697/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 15:28:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
319696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3319
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 22:24:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Aug 2023 15:28:45 GMT
person3.jpg
s0.2mdn.net/sadbundle/15305731331847383697/ Frame 4295 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15305731331847383697/person3.jpg
Requested by
Host: ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
URL: https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81233e07a2439234d58985b7813fafb70a38615a74ff3a30a0b257430d53a72c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15305731331847383697/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 15:28:45 GMT
x-content-type-options
nosniff
age
319696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11617
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 22:24:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Aug 2023 15:28:45 GMT
person2.jpg
s0.2mdn.net/sadbundle/15305731331847383697/ Frame 4295 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15305731331847383697/person2.jpg
Requested by
Host: ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
URL: https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35d4a5753da02f08511fb82ea56968018ef00dbe1cef4cda8c5243e4761d107d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15305731331847383697/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 15:28:45 GMT
x-content-type-options
nosniff
age
319696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12431
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 22:24:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Aug 2023 15:28:45 GMT
person1.jpg
s0.2mdn.net/sadbundle/15305731331847383697/ Frame 4295 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15305731331847383697/person1.jpg
Requested by
Host: ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
URL: https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecb15f05989bca01e3796b4daa80a42d4bedcb7a7d96a0e9213a20ce3b487864
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15305731331847383697/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 15:28:45 GMT
x-content-type-options
nosniff
age
319696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7788
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 22:24:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Aug 2023 15:28:45 GMT
text1.svg
s0.2mdn.net/sadbundle/15305731331847383697/ Frame 4295 		11 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15305731331847383697/text1.svg
Requested by
Host: ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
URL: https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b13a684f7301477beb9327b6c31e88d962bc15a362a9d9e0576284fe125640c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15305731331847383697/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 15:28:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
319696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3425
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 22:24:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Aug 2023 15:28:45 GMT
url.svg
s0.2mdn.net/sadbundle/15305731331847383697/ Frame 4295 		9 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15305731331847383697/url.svg
Requested by
Host: ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
URL: https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c842f299b023ae0f3a9d2f3b153a19f8534b229a465409da4f83123379a72cda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15305731331847383697/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 15:28:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
319696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2401
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 22:24:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Aug 2023 15:28:45 GMT
i
vid-io-iad.springserve.com/vd/ Frame 688F 		0
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=fe844513&ps_id=357265&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.94.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-94-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:01 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
access-control-allow-methods
GET, OPTIONS
track
aktrack.pubmatic.com/ Frame 688F 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1660292220&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:01 GMT
content-length
0
content-type
text/html
truncated
/ Frame DFF2 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/gif
vpaid_6d8da985.js
vpaid.springserve.com/production/ Frame E770 		506 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_6d8da985.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:b800:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e8003ad291ba3bd8691f5b0754b18daa4f89147dd3f27f204c651cd8d5fbf8f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 16:44:38 GMT
content-encoding
br
last-modified
Thu, 28 Jul 2022 16:39:44 GMT
server
AmazonS3
age
1265544
etag
W/"9026fbc1fc8aafffe9b6d2458d235a3a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9a4c760031a0dcc526cc9dcd0d0940ea.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
MfxIL54Z5rvnEsJHqaed80_ex97POFf9QcSh1pL-N3Yi9Nk6TnkopQ==
async_usersync
ib.adnxs.com/ Frame 8E12 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=4009&pub_id=1986072&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=4009&pub_id=1986072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:01 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
5c0fae2f-e9f4-4bd7-a446-282f4e7f5637
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7B75 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=4009&pub_id=1986072&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=4009&pub_id=1986072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:01 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
951a954b-c80c-4fc1-a376-91b10ed2922c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame E770 		981 B
853 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292218648,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eb96207ee82f0d38342f220cf86b162ecf395dd98cb5c15b6b695f2746d240d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:01 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
607
expires
Fri, 12 Aug 2022 08:17:01 GMT
t
t.lkqd.net/ Frame E327 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:01 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 12 Aug 2022 08:17:01 GMT
server
nginx
src=2507573;dc_pre=CI_U38DuwPkCFZQCcQodzDUDOg;type=moat;cat=namas0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1660292221096
adservice.google.com/ddm/fls/z/ Frame 4B0A
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=2507573;type=moat;cat=namas0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1660292221096?&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
  • https://ad.doubleclick.net/ddm/activity/src=2507573;dc_pre=CI_U38DuwPkCFZQCcQodzDUDOg;type=moat;cat=namas0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1660292221096?&nu=1&ib=0&dc=1&ob=0&...
  • https://adservice.google.com/ddm/fls/z/src=2507573;dc_pre=CI_U38DuwPkCFZQCcQodzDUDOg;type=moat;cat=namas0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1660292221096?&nu=1&ib=0&dc=1&ob=0&o...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/src=2507573;dc_pre=CI_U38DuwPkCFZQCcQodzDUDOg;type=moat;cat=namas0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1660292221096?&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:01 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://adservice.google.com/ddm/fls/z/src=2507573;dc_pre=CI_U38DuwPkCFZQCcQodzDUDOg;type=moat;cat=namas0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1660292221096?&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame AAA5 		158 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292218648,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
081d455bd5ad34e6a70e34cf5222173a504db11c69cff556b99a87f328b06931

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:01 GMT
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 05:53:15 GMT
server
Apache
etag
"277a7-5e42219c4aaee-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38049
gen_204
pagead2.googlesyndication.com/pagead/ Frame E17A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bw7GjfAz2YrWeEp6ZoPMPsNO20AMAAAAAOAHgBAI&bg=!CAulC0_NAAa4hXTbmIU7ACkAdvg8WlsVV1HWqWe0jPLB8-70aEGjjuhmwsPdgOCpDJFFqovMEQfiAQIAAADeUgAAAARoAQeZA0u6_m81pL2oK7uC5uwPWeAKkxO8ISayfXyQFJ1g9Ef1gPGR-ini-wSe74koTIC6KGn-3I-ba7azhkwu-4lWhrqofEoODtI5ib9JCOto3WCgli2KPZwBrRBL_z3yOTtcvB-5VjSdZEjGZ5Hd4yTbG-CVNVX-mDaPAyh9GEGSX3a_wDaBLlXUHBj4FjOMP5Se3nooqXHSQp8Laclky79_2xS-s7759dgzESHHOQACENk52vkT67bu_0GlsGVrpTC4TNpgc6WGcK-AppWF61RjT9rOAM-zqXgxvV27cu9qW6zUIWU0-CsIEEV52b8oIAmie7_1lBKyYGuG1Og8hFz48rvzhVHDqvSpgAOkNGpCQDHg6UCrVcbTy2tK2Csv_fhZcbkjNbVGBnQPvSE3tfMY8Jaov0YZL7zeBAmknR9qE0oIg0sWmWvPgRqW_JQK0kT7goX5VNxlf3esUg_sprTZma8BvAkCDE8SK_FSS5yoJyJ8WyMIBJ6t9MkjhErpDM_uvZQCyXz6aJLbWdaqbHTlwI1JXUfgiQj4gzwKWGzDsbVa7ihI5hXb6Cf8lhP0J8NyErrDEH1bmYLYJECNaF7YvAh__q052EDTUa8Zial0OCSIcsbqJFoxef_d0AJ_DZ4OcdIrmuqd2DOyaLRIos2GeSrcHFgzDTrOD3UwLLsgeYcde8fpOh3Tj9VHKrwQzqsz4QoQWa_lxXTDvH84-dxnTwn5WrjvGgMLnLHiwN2mAJN5f6vik_u7wW_pzOygAMdKOTe9CEXqLgYBGPaqL1B7p8anBOfDzdTzAacNd0jQ1fU5Y4dJynp-NX1sA2LPvx3ZTdOGptyrFA3MhP-WimAUmwkESHeLXE391_IVq0tesnOJ_p26yuyvzM0VL4iDH5BGS23resGfIkTCxi8mPcIZy8TiG_HGB7xUJVkm9OsW6n2KKUmDKmE76tVKM8CpBsUgPw6ro8iEROBKOooobyhap3l9DQlbAhQCn1cS7Zk-vm0qZK0UraPAma5Ui2vZ2_Ydtr4YByheblMWsnWZsjEM-mvOZfTyJZW0iWDNFtJB9-f4fFODepxgmv9Fet3JpjHOqK8BQ1KWg52n0o9IRv3DSUdbsAAGNcdSYKcvnKc
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame D883 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292218648,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=34202
content-encoding
gzip
content-length
13946
content-type
text/html
date
Fri, 12 Aug 2022 08:17:01 GMT
expires
Fri, 12 Aug 2022 17:47:03 GMT
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame AAA5 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292218648,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:01 GMT
content-encoding
gzip
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=34202
accept-ranges
bytes
content-type
text/html
content-length
13946
expires
Fri, 12 Aug 2022 17:47:03 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame D883 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97854740&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
404a0b1b9d89d7ef5a9cde456674d6dca12d83f134b2df0a95bb1a2b4111dbae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:01 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sodar
pagead2.googlesyndication.com/pagead/ Frame CFBD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022080801&jk=3921357706765368&bg=!d3SldDDNAAa4hXTbmIU7ACkAdvg8Wso_g7SvHBERf5evnUxKaREAKd66zbOfeyQDLHTdk-0WtoVrNwIAAAMVUgAAAANoAQcKAGO3ip5BSOcKHfITJxbtyzxYqkr51NDyR6rW20C3KjyggbhkK4pv457d9R8udyC1D4oZXWZ9_gREQU-xx00DBG33hzzwwT8kud3mHPENkWiJVwACedS7H-HoFdrFYg4gLzJ-UtqZAwUDmUjXHCVWFzXsxmhPgxAz-k8Cn0f8WN-2bZ4pwL4mRmVj10BWR26ug5JL3B7O8ghcWpuN1KOM1mZxksSyF6PmaCUlOagWAwBCsO8xZ01lFr9RP7xZxeSefYodhji71C6-gcyJLhVuuJRsmXoz1L8I3R-ToUcvE9taS6dctBkvzRaiGBdkfw6QKSRaDuhQxvicft5sWB7kCeZGdfrMwH_MsFB789AlbeXAs58Gs8MXznD6bgpjoL6CxVL6HG50dHVa3S7Icf_HDt31PjCC0i6XWC1Gu1V6DwddeutnTuOQ5cirZWep20gnRFYIsKGy_G_3rG1X61TTW687zefzCO2jJSZ-PSkacC4HkFPeZjgugHuYNOTRgXiNc5L59l0NrRTwg6wXxLrfNLePaS0BQGbiuZsKpIf4_o859nU0iGyDRbNhrSjaxY_fC3BpiWWQTGDtO1AqtcLUcRlFgv4qRnS4t3rIr5F6fDcuHCtMyTk1WfU5tXvsUDyx31Ou7frQFYgeJOq7r-9cnPv_M1Al-_MQ9171GfqHwBt2oePOMno83WaVSE8Wkc8KuuTwSTl6-dSo6Bgqbv055BLxpcbf_8HR1KnCiNp8Uuh7_0kCCHUjYSiUmCkFHPm4gHRwA9zOjyiy4nFobqBjgc72HqSDxNVq0NAhCm6zQOoxdwv0CZdJ5S6h-M7eHmwTOpae8oZV_w6GgqExyuDmJ3L_tBFNY6nA6wQAGeixSjBDK-mex0rjdvucXr2MsbytG4Pn4_c9m1yPdyir_rs7abd0YDJt7IMGbnfb7XmJtswDIq_QJd1lgeMLV55jJi6FguI4L8f8YXOYpLOsczLvi4MiJDN58WAin6-e1oKdmAXX0dV7Qv7Xce47yvY2Rh9dsEQdM4VCSSVGpS0rkm5j-LtOprja-IwCI7hxKxKvkNLjhr7YaC0i12yA_bILoaEsVwhvjQu-bk9vqMd32bxYfN3vFKjm_G5FSfPOxTd0gsW5I2lHbmYou3CZup8WmLGcraKCQor2qRfWegiiOg
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 4B0A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstorVMw47fruWJYnefk557N3uxwg_N8EfCYK23Jb6JcRyQORQndZISgPORw1lEjz-nBl2tr8GQAIHdpxjBByhFu3PZViDNaNAxCT-Sfq3KuzDv5wM4EHFdG3yYb1PkiaoRhWBBzRE1L_QSr5oI1aVWS1h89CnwihU4Kv1wILOay_SuKeFiiJ6JCo8HzSv0gKXz_Dnng92uXF4aVrnY1tPonddub1g&sai=AMfl-YSakuHFs-MqJNQqYHld-8BH-HZ1jARHvxaret49fNO7M61BzpGvxDQIups2WTAhsyKE3eWC7DFhHLvCIXSMDPSGTLNVPGd9gx8JEVQui6aoPHg0dXd727xYrvEv&sig=Cg0ArKJSzMVcBd84-hMPEAE&cid=CAASJeRoc3BHNAhaV9wCEdBGdEv8OH9W6SKMaLRSjrik0twwNh-YN_s&id=lidar2&mcvt=1000&p=773,892,1023,1192&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220810&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2347996017&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660292219811&rpt=1058&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 6998 		674 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=92097804&p=160925&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
8f91b1618128ca4e1050537bc93b3a2c1e203f4971a30fa1bb96f379219d72ad

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
674
content-type
text/html; charset=UTF-8
AdServerServlet
vid.pubmatic.com/AdServer/ Frame AAA5 		27 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292218648,,&us_privacy=&cb=1660292221637&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fglamour.globo.com%252Flifestyle%252Fnoticia%252F2019%252F12%252Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fglamour.globo.com%252Flifestyle%252Fnoticia%252F2019%252F12%252Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&vwndref=https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F&vc=2&js=1&sec=1&kltstamp=2022-8-12%208:17:2&ranreq=0.410238230986828&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292218648,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:02 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://glamour.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
sync
visitor.omnitagjs.com/visitor/ Frame E47D 		49 B
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=2fe1084ffe44c28350116ec0a0a1c2d1&name=PUBMATIC&visitor=70B1E182-C5A6-4B0E-914D-DCB16A48E702
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
49
content-type
image/gif
date
Fri, 12 Aug 2022 08:17:01 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-usa02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
3
/
io.narrative.io/ Frame 6998
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:70B1E182-C5A6-4B0E-914D-DCB16A48E702
  • https://io.narrative.io/?io.narrative.guid.v2=24d12650-1a17-11ed-afed-0af9eb55f11f&companyId=673&id=pubmatic_id:70B1E182-C5A6-4B0E-914D-DCB16A48E702
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=24d12650-1a17-11ed-afed-0af9eb55f11f&companyId=673&id=pubmatic_id:70B1E182-C5A6-4B0E-914D-DCB16A48E702
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
HTTP/1.1
Server
52.2.65.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-65-122.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:17:02 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=24d12650-1a17-11ed-afed-0af9eb55f11f&companyId=673&id=pubmatic_id:70B1E182-C5A6-4B0E-914D-DCB16A48E702
Date
Fri, 12 Aug 2022 08:17:02 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
qmap
sync.crwdcntrl.net/ Frame 6998 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=70B1E182-C5A6-4B0E-914D-DCB16A48E702&gdpr=0&gdpr_consent=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.231.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-231-13.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:02 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.9.99
content-type
image/gif
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 6998
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=70B1E182-C5A6-4B0E-914D-DCB16A48E702
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=f89f2ecc-d918-4ba9-b6f0-2c45fbe382da%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b88f2951-bac5-41e7-bff4-9adb35ec6b09&ttd_puid=f89f2ecc-d918-4ba9-b6f0-2c45fbe382da%2C
95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b88f2951-bac5-41e7-bff4-9adb35ec6b09&ttd_puid=f89f2ecc-d918-4ba9-b6f0-2c45fbe382da%2C
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H3
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:02 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:02 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b88f2951-bac5-41e7-bff4-9adb35ec6b09&ttd_puid=f89f2ecc-d918-4ba9-b6f0-2c45fbe382da%2C
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
353
d1ba4609
rtb.gumgum.com/getuid/ Frame 6998 		35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.129.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-129-133.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:02 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
track
aktrack.pubmatic.com/ Frame AAA5 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1660292222&wa=0&vadsId=-1&e=95&vc=2
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:02 GMT
content-length
0
content-type
text/html
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fglamour.globo.com%2F&domain=glamour.globo.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=-ggBVnxScEtmWTlRd1h0WXFXM0k0T1ByTDhKekhUYjNuZGxyVFkrTUN1TXZkUE4wVFZkYTJPNGZDNnZFdGZmT3JnUGhZV2JiUUx2MzltNkJoTHVsWjFqRU94M3JpZlNiRkU2cm9Xc015NU5QRlB0N1FsdG1JYU5SNVVSMl...
409 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=-ggBVnxScEtmWTlRd1h0WXFXM0k0T1ByTDhKekhUYjNuZGxyVFkrTUN1TXZkUE4wVFZkYTJPNGZDNnZFdGZmT3JnUGhZV2JiUUx2MzltNkJoTHVsWjFqRU94M3JpZlNiRkU2cm9Xc015NU5QRlB0N1FsdG1JYU5SNVVSMlo0YXVsTWFkR2JvSlVRcG9IOVFxUDJ4VW1NQXpWa20vRGE3T0xoUEtMOHNBQS9DSGtwcWRWeEVwbld2ajJiREVKYlBGNFJSOWI0NUREcmtONXBqS0owSUJzT2RhSUY1WXZkM0IvaU9DZkZsTUVTYURJR0o2MEx6Qlg3MkR5aUtsd2NVK2gxUXoybmJGOSsxcDJMY3NYUVZRZHU3cGNmZz09fA&cppv=2
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
861bd0a114d7ea00805f057a90b6ea6fcd76779dc54f821f3aece13ec1ec503d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:02 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3786
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:01 GMT
location
https://mug.criteo.com/sid?cpp=-ggBVnxScEtmWTlRd1h0WXFXM0k0T1ByTDhKekhUYjNuZGxyVFkrTUN1TXZkUE4wVFZkYTJPNGZDNnZFdGZmT3JnUGhZV2JiUUx2MzltNkJoTHVsWjFqRU94M3JpZlNiRkU2cm9Xc015NU5QRlB0N1FsdG1JYU5SNVVSMlo0YXVsTWFkR2JvSlVRcG9IOVFxUDJ4VW1NQXpWa20vRGE3T0xoUEtMOHNBQS9DSGtwcWRWeEVwbld2ajJiREVKYlBGNFJSOWI0NUREcmtONXBqS0owSUJzT2RhSUY1WXZkM0IvaU9DZkZsTUVTYURJR0o2MEx6Qlg3MkR5aUtsd2NVK2gxUXoybmJGOSsxcDJMY3NYUVZRZHU3cGNmZz09fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1428
content-length
541
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fglamour.globo.com%2F&domain=glamour.globo.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 12 Aug 2022 08:17:01 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1177
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame C88C 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_glamour.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Aug 2022 08:17:02 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pixel.gif
px.moatads.com/ Frame 4B0A 		43 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&dMoatBDS=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ESSENCEDIGITALNA1&ol=2466337508&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-orqDNwRTPmOps3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-L5aj2Zz1Kg7M0g%3D%3D&sc=1&os=1-CA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fglamour.globo.com%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fglamour.globo.com&lp=https%3A%2F%2Fglamour.globo.com&t=1660292221096&de=978096205301&cu=1660292221096&m=1259&ar=1da355aa18f-clean&iw=57c14d0&cb=0&ym=0&ll=3&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=227&lg=1&lh=64&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1074%3A1074%3A1667%3A1124&aa=1&ad=1106&cn=78&gn=1&gk=1106&gl=78&ik=1106&ic=1106&ez=1&co=1106&cp=1043&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1043&cd=60&ah=1043&am=60&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=28175962%3A6026018%3A342179500%3A175674729&bo=globo.com&bd=glamour.globo.com&gw=essencedigitalna20153870852878&zMoatOrigSlicer1=6026018&zMoatOrigSlicer2=342179500&zMoatG=ct&zMoatAUCID=-&zMoatJS=3%3A-&zMoatDR=-&hv=Essence%20Override%202&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jk=-1&jm=1&tc=0&fs=199703&na=949848374&cs=0
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.223.57.238 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-57-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:02 GMT
x-check-cacheable
YES
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
last-modified
Fri, 20 May 2016 15:16:00 GMT
accept-ranges
bytes
content-length
43
expires
Fri, 12 Aug 2022 08:17:02 GMT
pixel.gif
px.moatads.com/ Frame 4B0A 		43 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&dMoatBDS=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ESSENCEDIGITALNA1&ol=2466337508&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-orqDNwRTPmOps3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-L5aj2Zz1Kg7M0g%3D%3D&sc=1&os=1-CA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fglamour.globo.com%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fglamour.globo.com&lp=https%3A%2F%2Fglamour.globo.com&t=1660292221096&de=978096205301&cu=1660292221096&m=1260&ar=1da355aa18f-clean&iw=57c14d0&cb=0&ym=0&ll=3&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=227&lg=1&lh=64&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1074%3A1074%3A1667%3A1124&aa=1&ad=1106&cn=1106&gn=1&gk=1106&gl=1106&ik=1106&ic=1106&ez=1&co=1106&cp=1043&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1043&cd=1043&ah=1043&am=1043&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=28175962%3A6026018%3A342179500%3A175674729&bo=globo.com&bd=glamour.globo.com&gw=essencedigitalna20153870852878&zMoatOrigSlicer1=6026018&zMoatOrigSlicer2=342179500&zMoatG=ct&zMoatAUCID=-&zMoatJS=3%3A-&zMoatDR=-&hv=Essence%20Override%202&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jk=-1&jm=1&tc=0&fs=199703&na=541399655&cs=0
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.223.57.238 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-57-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:02 GMT
x-check-cacheable
YES
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
last-modified
Fri, 20 May 2016 15:16:00 GMT
accept-ranges
bytes
content-length
43
expires
Fri, 12 Aug 2022 08:17:02 GMT
usync.js
eus.rubiconproject.com/ Frame C88C 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
843061eb460de0b038e56183343e2f2308875530fb61d3cdbdd47c1604c0557d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:17:02 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54903
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9453
Expires
Fri, 12 Aug 2022 23:32:05 GMT
pixel.gif
px.moatads.com/ Frame 4B0A 		43 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&dMoatBDS=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ESSENCEDIGITALNA1&ol=2466337508&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-orqDNwRTPmOps3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-L5aj2Zz1Kg7M0g%3D%3D&sc=1&os=1-CA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fglamour.globo.com%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fglamour.globo.com&lp=https%3A%2F%2Fglamour.globo.com&t=1660292221096&de=978096205301&cu=1660292221096&m=1261&ar=1da355aa18f-clean&iw=57c14d0&cb=0&ym=0&ll=3&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=227&lg=1&lh=64&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1074%3A1074%3A1667%3A1124&aa=1&ad=1106&cn=1106&gn=1&gk=1106&gl=1106&ik=1106&ic=1106&ez=1&co=1106&cp=1043&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1043&cd=1043&ah=1043&am=1043&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=28175962%3A6026018%3A342179500%3A175674729&bo=globo.com&bd=glamour.globo.com&gw=essencedigitalna20153870852878&zMoatOrigSlicer1=6026018&zMoatOrigSlicer2=342179500&zMoatG=ct&zMoatAUCID=-&zMoatJS=3%3A-&zMoatDR=-&hv=Essence%20Override%202&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jk=-1&jm=1&tc=0&fs=199703&na=527446746&cs=0
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.223.57.238 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-57-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:02 GMT
x-check-cacheable
YES
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
last-modified
Fri, 20 May 2016 15:16:00 GMT
accept-ranges
bytes
content-length
43
expires
Fri, 12 Aug 2022 08:17:02 GMT
i
vid-io-iad.springserve.com/vd/ Frame E770 		0
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=a6c4ca8a&ps_id=487310&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.94.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-94-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:02 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
access-control-allow-methods
GET, OPTIONS
track
aktrack.pubmatic.com/ Frame E770 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1660292221&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:02 GMT
content-length
0
content-type
text/html
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=-ggBVnxScEtmWTlRd1h0WXFXM0k0T1ByTDhKekhUYjNuZGxyVFkrTUN1TXZkUE4wVFZkYTJPNGZDNnZFdGZmT3JnUGhZV2JiUUx2MzltNkJoTHVsWjFqRU94M3JpZlNiRkU2cm9Xc015NU5QRlB0N1FsdG1JYU5SNVVSMlo0YXVsTWFkR2JvSlVRcG9IOVFxUDJ4VW1NQXpWa20vRGE3T0xoUEtMOHNBQS9DSGtwcWRWeEVwbld2ajJiREVKYlBGNFJSOWI0NUREcmtONXBqS0owSUJzT2RhSUY1WXZkM0IvaU9DZkZsTUVTYURJR0o2MEx6Qlg3MkR5aUtsd2NVK2gxUXoybmJGOSsxcDJMY3NYUVZRZHU3cGNmZz09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 12 Aug 2022 08:17:02 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1140
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
vpaid_6d8da985.js
vpaid.springserve.com/production/ Frame B2B4 		506 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_6d8da985.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:b800:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e8003ad291ba3bd8691f5b0754b18daa4f89147dd3f27f204c651cd8d5fbf8f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 16:44:38 GMT
content-encoding
br
last-modified
Thu, 28 Jul 2022 16:39:44 GMT
server
AmazonS3
age
1265545
etag
W/"9026fbc1fc8aafffe9b6d2458d235a3a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9a4c760031a0dcc526cc9dcd0d0940ea.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
ts-3D28b5-CxO32a6R04R3u7BQob-Oqa6XgrLb_m9vInvOtybrAGgw==
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame B2B4 		981 B
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292218648,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0096cefe0f099c4449f03421d265d31d74bef06bfc5596bc7bd6ec9f968cf189

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:02 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
606
expires
Fri, 12 Aug 2022 08:17:02 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame B898 		158 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292218648,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
081d455bd5ad34e6a70e34cf5222173a504db11c69cff556b99a87f328b06931

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:02 GMT
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 05:53:15 GMT
server
Apache
etag
"277a7-5e42219c4aaee-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38049
showad.js
ads.pubmatic.com/AdServer/js/ Frame 6F52 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292218648,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=34201
content-encoding
gzip
content-length
13946
content-type
text/html
date
Fri, 12 Aug 2022 08:17:02 GMT
expires
Fri, 12 Aug 2022 17:47:03 GMT
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame B898 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292218648,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:02 GMT
content-encoding
gzip
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=34201
accept-ranges
bytes
content-type
text/html
content-length
13946
expires
Fri, 12 Aug 2022 17:47:03 GMT
t
t.lkqd.net/ Frame E327 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:02 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 12 Aug 2022 08:17:02 GMT
server
nginx
PugMaster
image6.pubmatic.com/AdServer/ Frame 6F52 		47 B
226 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=40487971&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
47
content-type
text/html; charset=UTF-8
AdServerServlet
vid.pubmatic.com/AdServer/ Frame B898 		27 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292218648,,&us_privacy=&cb=1660292222658&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fglamour.globo.com%252Flifestyle%252Fnoticia%252F2019%252F12%252Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fglamour.globo.com%252Flifestyle%252Fnoticia%252F2019%252F12%252Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&vwndref=https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F&vc=2&js=1&sec=1&kltstamp=2022-8-12%208:17:3&ranreq=0.046175616607113446&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292218648,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:03 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://glamour.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
csync
sync.spotim.market/ Frame 6788 		0
400 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=448580&extuid=70B1E182-C5A6-4B0E-914D-DCB16A48E702
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
0
Date
Fri, 12 Aug 2022 08:17:02 GMT
Etag
89046e99fc5497cd
Server
Adtelligent
track
aktrack.pubmatic.com/ Frame B898 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1660292223&wa=0&vadsId=-1&e=95&vc=2
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:03 GMT
content-length
0
content-type
text/html
i
vid-io-iad.springserve.com/vd/ Frame B2B4 		0
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=433af6e9&ps_id=357265&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.94.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-94-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:03 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
access-control-allow-methods
GET, OPTIONS
track
aktrack.pubmatic.com/ Frame B2B4 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1660292222&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:03 GMT
content-length
0
content-type
text/html
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 2425 		342 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:17:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1660292223.dop030.dc2.t,1660292223.cds003.dc2.shn,1660292223.cds003.dc2.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
117960
t
t.lkqd.net/ Frame E327 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:03 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 12 Aug 2022 08:17:03 GMT
server
nginx
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 2425 		16 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1660292223768
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:17:04 GMT
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1660292223.dop056.dc2.t,1660292224.cds079.dc2.shn,1660292224.cds079.dc2.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=d1da37587edc87dd7d8c185575c8f6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=e98a0_7130900803883391788&gdpr=0&gdpr_consent=null
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZDFkYTM3NTg3ZWRjODdkZDdkOGMxODU1NzVjOGY2&gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEHctj1uYrJEbTpiR3XMcMT0&google_cver=1&gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=b88f2951-bac5-41e7-bff4-9adb35ec6b09
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/d1da37587edc87dd7d8c185575c8f6?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-CAfy7e5E2oNeODdtOClIQM25PqIO3FNIolxDj4.0~A
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=4838819436260598658
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AADwMk7F7BkAABENckpF8w&gdpr=0
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=EuNKy5Se1OmpQM5&gdpr=0
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=4985186688463408566
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YvYMeQAF1xc1xgA0
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=3f4262f6-0c7b-4700-a042-2230177506f6&gdpr=0&gdpr_consent=
0
0
/
ads.stickyadstv.com/additional-scripts/ Frame 2425 		301 B
815 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:03 GMT
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1660292223845035-259
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 2425 		67 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&schain=1.0%2C1!vidoomy.com%2C61323%2C1%2C14101613518053567781243901311%2C%2C&vav=0b00453297bc4fb3d3175dceaf2bf985&vaviv=af9eaffae233e8d7be556d26d5a6e853&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:03 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1660292223869026-292
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDFkYTM3NTg3ZWRjODdkZDdkOGMxODU1NzVjOGY2&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDFkYTM3NTg3ZWRjODdkZDdkOGMxODU1NzVjOGY2&gdpr=0&gdpr_consent=
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:03 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDFkYTM3NTg3ZWRjODdkZDdkOGMxODU1NzVjOGY2&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1660292223880018-59
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=d1da37587edc87dd7d8c185575c8f6&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=d1da37587edc87dd7d8c185575c8f6&ex=freewheel.tv&gdpr=0&gdpr_consent=
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:04 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
5E2WS5CS6CFWEEJYH4XT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:03 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=d1da37587edc87dd7d8c185575c8f6&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1660292223827080-290
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 12 Aug 2022 08:17:03 GMT
server
nginx
t
t.lkqd.net/ Frame E327 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:04 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
SPug
simage4.pubmatic.com/AdServer/ Frame 6998 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160925&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:03 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ad
v.lkqd.net/ Frame D28C 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1142899&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fglamour.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C61323%2C1%2C&c5=&c6=61323&rnd=2107358&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
7520c0ee9b2f12f0701eb2cc767c778daaff104b66d5ea6065913b225ef732bf

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:04 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1391
vpaid.js
ad.lkqd.net/vpaid/ Frame F087 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:04 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1660292224.cds197.dc2.hn,1660292224.cds069.dc2.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
usync.html
ad.lkqd.net/cookie-sync/ Frame 827D 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Fri, 12 Aug 2022 08:17:04 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1660292224.cds197.dc2.hn,1660292224.cds207.dc2.c
ad
v.lkqd.net/ Frame F087 		43 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1142899&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fglamour.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C61323%2C1%2C&c5=&c6=61323&rnd=2107358&m=&rtv=1&thost=glamour.globo.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
2d3f45e500d9b0dfa11f7006aaacb2ad48dc8702bfda3d5d802589c869440d98

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Aug 2022 08:17:04 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
4170
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1142899&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fglamour.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C61323%2C1%2C&c5=&c6=61323&rnd=2107358&m=&rtv=1&thost=glamour.globo.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Fri, 12 Aug 2022 08:17:04 GMT
server
nginx
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 6391 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C9245318096804868550308045250,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
f1239ba8e439e42a86c4eb576c0a517481579b9fab0437349f5a9abe196ad580

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:04 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1660292224574092-281
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 6391 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C6804868550308045250830113472%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
d66566ed9412889e8edf127c46a211a31be80aa7f44caf19e68a4ec9163b4fdc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:04 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1660292224896005-52
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 6391 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C6804868550308045250839605993%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
c490a021a1c954cb18a044a3f7e237480c3a929bf941ccefbd47682eee7871ab

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:04 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1660292224607062-54
t
t.lkqd.net/ Frame C671 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:04 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 12 Aug 2022 08:17:04 GMT
server
nginx
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 12 Aug 2022 08:17:04 GMT
server
nginx
t
t.lkqd.net/ Frame C671 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:05 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
truncated
/ Frame F087 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/gif
vpaid_6d8da985.js
vpaid.springserve.com/production/ Frame 2D57 		506 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_6d8da985.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:b800:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e8003ad291ba3bd8691f5b0754b18daa4f89147dd3f27f204c651cd8d5fbf8f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 16:44:38 GMT
content-encoding
br
last-modified
Thu, 28 Jul 2022 16:39:44 GMT
server
AmazonS3
age
1265547
etag
W/"9026fbc1fc8aafffe9b6d2458d235a3a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9a4c760031a0dcc526cc9dcd0d0940ea.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
kJZHBAQQIWGdPqOP_ukb76wC47BwT6lKjH-lYCEzUj4tf53olgG72Q==
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 2D57 		981 B
851 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292224644,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
77700681277e1e1ce4c70eb7c4a5916ed0dca9f29187eb28a6f76a90d333f864

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:05 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
605
expires
Fri, 12 Aug 2022 08:17:05 GMT
t
t.lkqd.net/ Frame C671 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:05 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 12 Aug 2022 08:17:05 GMT
server
nginx
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame BF0C 		158 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292224644,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
081d455bd5ad34e6a70e34cf5222173a504db11c69cff556b99a87f328b06931

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:05 GMT
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 05:53:15 GMT
server
Apache
etag
"277a7-5e42219c4aaee-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38049
showad.js
ads.pubmatic.com/AdServer/js/ Frame 2CC3 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292224644,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=34198
content-encoding
gzip
content-length
13946
content-type
text/html
date
Fri, 12 Aug 2022 08:17:05 GMT
expires
Fri, 12 Aug 2022 17:47:03 GMT
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame BF0C 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292224644,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:05 GMT
content-encoding
gzip
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=34198
accept-ranges
bytes
content-type
text/html
content-length
13946
expires
Fri, 12 Aug 2022 17:47:03 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame BF0C 		27 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292224644,,&us_privacy=&cb=1660292225084&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fglamour.globo.com%252Flifestyle%252Fnoticia%252F2019%252F12%252Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fglamour.globo.com%252Flifestyle%252Fnoticia%252F2019%252F12%252Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&vwndref=https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F&vc=2&js=1&sec=1&kltstamp=2022-8-12%208:17:5&ranreq=0.4625560139993399&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292224644,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:05 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://glamour.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
track
aktrack.pubmatic.com/ Frame BF0C 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1660292226&wa=0&vadsId=-1&e=95&vc=2
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:05 GMT
content-length
0
content-type
text/html
i
vid-io-iad.springserve.com/vd/ Frame 2D57 		0
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=3b71e21a&ps_id=357265&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.94.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-94-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:05 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
access-control-allow-methods
GET, OPTIONS
track
aktrack.pubmatic.com/ Frame 2D57 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1660292225&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:05 GMT
content-length
0
content-type
text/html
vpaid_6d8da985.js
vpaid.springserve.com/production/ Frame 4503 		506 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_6d8da985.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:b800:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e8003ad291ba3bd8691f5b0754b18daa4f89147dd3f27f204c651cd8d5fbf8f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 16:44:38 GMT
content-encoding
br
last-modified
Thu, 28 Jul 2022 16:39:44 GMT
server
AmazonS3
age
1265548
etag
W/"9026fbc1fc8aafffe9b6d2458d235a3a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9a4c760031a0dcc526cc9dcd0d0940ea.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
3ko1reaYTOpgDEIDiRocFTLdXQE8HbJPPikSTkpdZH0fpixTANRLNw==
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 4503 		981 B
851 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292224644,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
77700681277e1e1ce4c70eb7c4a5916ed0dca9f29187eb28a6f76a90d333f864

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:05 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
605
expires
Fri, 12 Aug 2022 08:17:05 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame D940 		158 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292224644,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
081d455bd5ad34e6a70e34cf5222173a504db11c69cff556b99a87f328b06931

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:05 GMT
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 05:53:15 GMT
server
Apache
etag
"277a7-5e42219c4aaee-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38049
showad.js
ads.pubmatic.com/AdServer/js/ Frame 0F70 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292224644,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=34198
content-encoding
gzip
content-length
13946
content-type
text/html
date
Fri, 12 Aug 2022 08:17:05 GMT
expires
Fri, 12 Aug 2022 17:47:03 GMT
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame D940 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292224644,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:05 GMT
content-encoding
gzip
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=34198
accept-ranges
bytes
content-type
text/html
content-length
13946
expires
Fri, 12 Aug 2022 17:47:03 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 12 Aug 2022 08:17:06 GMT
server
nginx
t
t.lkqd.net/ Frame C671 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:06 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
glamour
horizon-track.globo.com/event/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://horizon-track.globo.com/event/glamour
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/1aa2241f8aedf804f59cfeb4a5846422.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.211.79.33 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
33.79.211.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryo4528VPE9eUifJhV

Response headers
pixel.gif
px.moatads.com/ Frame 4B0A 		43 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&dMoatBDS=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ESSENCEDIGITALNA1&ol=2466337508&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-orqDNwRTPmOps3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-L5aj2Zz1Kg7M0g%3D%3D&sc=1&os=1-CA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fglamour.globo.com%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fglamour.globo.com&lp=https%3A%2F%2Fglamour.globo.com&t=1660292221096&de=978096205301&cu=1660292221096&m=5185&ar=1da355aa18f-clean&iw=57c14d0&cb=0&ym=0&ll=3&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=227&lg=1&lh=64&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1074%3A1074%3A1667%3A1124&aa=1&ad=5033&cn=1106&gn=1&gk=5033&gl=1106&ik=5033&ic=5033&ez=1&co=1106&cp=1043&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4970&cd=1043&ah=4970&am=1043&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=28175962%3A6026018%3A342179500%3A175674729&bo=globo.com&bd=glamour.globo.com&gw=essencedigitalna20153870852878&zMoatOrigSlicer1=6026018&zMoatOrigSlicer2=342179500&zMoatG=ct&zMoatAUCID=-&zMoatJS=3%3A-&zMoatDR=-&hv=Essence%20Override%202&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jk=-1&jm=1&tc=0&fs=199703&na=243906068&cs=0
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.223.57.238 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-57-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:06 GMT
x-check-cacheable
YES
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
last-modified
Fri, 20 May 2016 15:16:00 GMT
accept-ranges
bytes
content-length
43
expires
Fri, 12 Aug 2022 08:17:06 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame D940 		27 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292224644,,&us_privacy=&cb=1660292225943&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fglamour.globo.com%252Flifestyle%252Fnoticia%252F2019%252F12%252Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fglamour.globo.com%252Flifestyle%252Fnoticia%252F2019%252F12%252Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&vwndref=https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F&vc=2&js=1&sec=1&kltstamp=2022-8-12%208:17:6&ranreq=0.1326304486271488&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292224644,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:06 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://glamour.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
track
aktrack.pubmatic.com/ Frame D940 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1660292227&wa=0&vadsId=-1&e=95&vc=2
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:06 GMT
content-length
0
content-type
text/html
i
vid-io-iad.springserve.com/vd/ Frame 4503 		0
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=33650801&ps_id=357265&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.94.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-94-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:06 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
access-control-allow-methods
GET, OPTIONS
track
aktrack.pubmatic.com/ Frame 4503 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1660292225&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:06 GMT
content-length
0
content-type
text/html
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 7803 		342 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:17:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1660292226.dop084.dc2.shc,1660292226.dop084.dc2.t,1660292226.cds061.dc2.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
117960
t
t.lkqd.net/ Frame C671 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:06 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 12 Aug 2022 08:17:06 GMT
server
nginx
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 7803 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1660292226836
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:17:06 GMT
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1660292226.dop050.dc2.shc,1660292226.dop050.dc2.t,1660292226.cds101.dc2.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://1f2e7.v.fwmrm.net/ad/u?dsp_user_mapping=true&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D849%26gdpr%3d0%26gdpr_consent%3dnull&159=CAESEHctj1uYrJEbTpiR3XMcMT0...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=849&gdpr=0&gdpr_consent=null
  • https://7e1d5.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D993%26userId%3d%23%7buser.id%7d&gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=993&userId=e98a0_7130900803883391788
  • https://dsp.adfarm1.adition.com/cookie/?ssp=12
  • https://ads.stickyadstv.com/user-registering?dataProviderId=202&userId=7130900816780785807
  • https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=4276077296345607779
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=7745397&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=1f908b89-879f-4467-acd7-d70027d2a07e
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=103&gdpr=0&gdpr_conset={gdpr_conset}&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D721%26userId%3D%7BuserId%7D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=721&userId=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341
  • https://freewheel.adhaven.com/bid-engine/cs/b714c175b3fe12d9388dfc1431d76197/v1?rd=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1217%26userId%3D%24UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1217&userId=4c_612ffa93-2cdc-4884-875c-60673a5fb803
  • https://um.simpli.fi/freewheel?
  • https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=8315754224554931B82C11B06ADF48C8
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE
  • https://ads.stickyadstv.com/user-registering?dataProviderId=561&userId=23234c52-1a17-11ed-9465-f3edc820c7ab
  • https://match.deepintent.com/usersync/132?
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1281&userId=di_8e26fc569f664441815e1
0
0
/
ads.stickyadstv.com/additional-scripts/ Frame 7803 		301 B
815 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:06 GMT
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1660292226872015-304
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 7803 		67 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&schain=1.0%2C1!vidoomy.com%2C61323%2C1%2C9245318096804868550308045250%2C%2C&vav=adecaccb3ea80430a89d88bf6da1b9fa&vaviv=2b7a2b3acfb43ab257cdbd817fb10752&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:06 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1660292226843043-177
user-matching
ads.stickyadstv.com/ Frame 7803 		0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDFkYTM3NTg3ZWRjODdkZDdkOGMxODU1NzVjOGY2&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDFkYTM3NTg3ZWRjODdkZDdkOGMxODU1NzVjOGY2&gdpr=0&gdpr_consent=
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:06 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDFkYTM3NTg3ZWRjODdkZDdkOGMxODU1NzVjOGY2&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1660292226889009-141
user-matching
ads.stickyadstv.com/ Frame 7803 		0
0
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=d1da37587edc87dd7d8c185575c8f6&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=d1da37587edc87dd7d8c185575c8f6&ex=freewheel.tv&gdpr=0&gdpr_consent=
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:06 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
99ASDQDE98WQ44S4MWTR
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:06 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=d1da37587edc87dd7d8c185575c8f6&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1660292226873030-265
t
t.lkqd.net/ Frame C671 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:07 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 12 Aug 2022 08:17:06 GMT
server
nginx
ad
v.lkqd.net/ Frame D28C 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1142899&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fglamour.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C61323%2C1%2C&c5=&c6=61323&rnd=833049&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
0487da881470b32a512d1f66527144d39356b2d8f3d9dd817597e3db596765da

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:07 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1396
vpaid.js
ad.lkqd.net/vpaid/ Frame 3F41 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:07 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1660292227.cds197.dc2.hn,1660292227.cds069.dc2.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
usync.html
ad.lkqd.net/cookie-sync/ Frame 5B62 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Fri, 12 Aug 2022 08:17:07 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1660292227.cds197.dc2.hn,1660292227.cds207.dc2.c
ad
v.lkqd.net/ Frame 3F41 		43 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1142899&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fglamour.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C61323%2C1%2C&c5=&c6=61323&rnd=833049&m=&rtv=1&thost=glamour.globo.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e1257430b5f36c1c19867c3cca6917684d7e427aba9a6604f0c3b86ae229c0ba

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Aug 2022 08:17:07 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
4174
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1142899&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fglamour.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C61323%2C1%2C&c5=&c6=61323&rnd=833049&m=&rtv=1&thost=glamour.globo.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Fri, 12 Aug 2022 08:17:07 GMT
server
nginx
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 6391 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C21436400714063078778404123023,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a5c1fba70888805bfcbfcf6e370fbacf72280422c20b216144e7216a6e4fdf7d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:07 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1660292227643060-248
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 6391 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C40630787784041230231124326305%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
c9962c2127c9d935120e0079722987f85a30af724d84884602725b114bd86489

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:07 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1660292227624068-146
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 6391 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C4063078778404123023199925604%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
689f17ba7dbd0e34286e9d9f7c7ba77947ddb9be0e82514031ecd9c886641acc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:07 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1660292227694005-137
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 12 Aug 2022 08:17:07 GMT
server
nginx
t
t.lkqd.net/ Frame 5161 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:07 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
truncated
/ Frame 3F41 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/gif
vpaid_6d8da985.js
vpaid.springserve.com/production/ Frame 4F13 		506 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_6d8da985.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:b800:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e8003ad291ba3bd8691f5b0754b18daa4f89147dd3f27f204c651cd8d5fbf8f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 16:44:38 GMT
content-encoding
br
last-modified
Thu, 28 Jul 2022 16:39:44 GMT
server
AmazonS3
age
1265550
etag
W/"9026fbc1fc8aafffe9b6d2458d235a3a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9a4c760031a0dcc526cc9dcd0d0940ea.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
cOo3uq9aByzIu0QlgifCFwhJzxEhNz0k0INSGfHu-cJFwnVm_Gh9TA==
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 4F13 		981 B
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292227658,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f41971895f92bee414ee52aa1e2d40914a707484cc03c6a325bb1bd4817d09f5

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:07 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
606
expires
Fri, 12 Aug 2022 08:17:07 GMT
t
t.lkqd.net/ Frame 5161 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:07 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 12 Aug 2022 08:17:07 GMT
server
nginx
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 0EDB 		158 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292227658,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
081d455bd5ad34e6a70e34cf5222173a504db11c69cff556b99a87f328b06931

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:07 GMT
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 05:53:15 GMT
server
Apache
etag
"277a7-5e42219c4aaee-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38049
social
us-trc-events.taboola.com/editoraglobo-glamour/log/3/ 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-trc-events.taboola.com/editoraglobo-glamour/log/3/social?route=US:US:V&lti=connect-video-trc-11_ctrl&ri=fa3c7eb4d38d66fa5fd2337feeccad21&sd=v2_2baaefe5c0d02c2630e7a946441c0f1f_1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8_1660292216_1660292216_EKD_SRi-64KJqTAgASgBMCY4iegHQOr1B0iny9kDUK7MB1gAYABo8cHPn4bN__V_cAE&ui=1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8&pi=/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&wi=8695623456658807949&pt=text&vi=1660292216254&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22player-div%22%2C%22nm%22%3A%22video%22%2C%22c%22%3A1%2C%22m%22%3A%22video%22%7D%2C%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml%22%2C%22rref%22%3A%22https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F%22%2C%22sref%22%3A%22https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F%22%2C%22hdl%22%3A%22Melhores%20do%20ano%3A%20os%20memes%20mais%20engra%C3%A7ados%20de%202019%22%2C%22sec%22%3A%22Lifestyle%22%2C%22aut%22%3A%5B%22Reda%C3%A7%C3%A3o%20Glamour%22%5D%2C%22img%22%3A%22https%3A%2F%2Fs2.glbimg.com%2F5RKybay3Hp0rg_rXAqhNaKBPUrw%3D%2F1200x%2Fsmart%2Ffilters%3Acover()%3Astrip_icc()%2Fi.s3.glbimg.com%2Fv1%2FAUTH_ba3db981e6d14e54bb84be31c923b00c%2Finternal_photos%2Fbs%2F2021%2FH%2Fv%2FUxuVO2S9OWQxqj8R4ciQ%2F2019-12-02-melhores-memes-de-2019-11.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=08%3A17%3A07.848&id=5668&llvl=2&cv=20220811-9-RELEASE&
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 12 Aug 2022 08:17:07 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5A42 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292227658,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=34196
content-encoding
gzip
content-length
13946
content-type
text/html
date
Fri, 12 Aug 2022 08:17:07 GMT
expires
Fri, 12 Aug 2022 17:47:03 GMT
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 0EDB 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292227658,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:07 GMT
content-encoding
gzip
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=34196
accept-ranges
bytes
content-type
text/html
content-length
13946
expires
Fri, 12 Aug 2022 17:47:03 GMT
/
ping.seedtag.com/ 		0
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ping.seedtag.com/
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.245ca9ae237c3d8742dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:08 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server
nginx
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 0EDB 		27 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292227658,,&us_privacy=&cb=1660292227853&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fglamour.globo.com%252Flifestyle%252Fnoticia%252F2019%252F12%252Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fglamour.globo.com%252Flifestyle%252Fnoticia%252F2019%252F12%252Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&vwndref=https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F&vc=2&js=1&sec=1&kltstamp=2022-8-12%208:17:8&ranreq=0.17037872579123392&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292227658,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:08 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://glamour.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
track
aktrack.pubmatic.com/ Frame 0EDB 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1660292228&wa=0&vadsId=-1&e=95&vc=2
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:08 GMT
content-length
0
content-type
text/html
i
vid-io-iad.springserve.com/vd/ Frame 4F13 		0
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=b6e2cddc&ps_id=357265&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.94.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-94-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:08 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
access-control-allow-methods
GET, OPTIONS
track
aktrack.pubmatic.com/ Frame 4F13 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1660292227&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:08 GMT
content-length
0
content-type
text/html
vpaid_6d8da985.js
vpaid.springserve.com/production/ Frame C780 		506 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_6d8da985.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:b800:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e8003ad291ba3bd8691f5b0754b18daa4f89147dd3f27f204c651cd8d5fbf8f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 16:44:38 GMT
content-encoding
br
last-modified
Thu, 28 Jul 2022 16:39:44 GMT
server
AmazonS3
age
1265551
etag
W/"9026fbc1fc8aafffe9b6d2458d235a3a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9a4c760031a0dcc526cc9dcd0d0940ea.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
AbIqgAr9-yEL-_T7pj7s_Dkt4w2jGOEdLM-aEnKijP7zaHt3erD1FA==
t
t.lkqd.net/ Frame 5161 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:08 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 12 Aug 2022 08:17:08 GMT
server
nginx
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame C780 		981 B
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292227658,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
27e9617ef6ec23c05da49ba7c260c4253ac76b9f2fa33eb5e05ee1f3b934fbdb

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:08 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
606
expires
Fri, 12 Aug 2022 08:17:08 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 1859 		158 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292227658,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
081d455bd5ad34e6a70e34cf5222173a504db11c69cff556b99a87f328b06931

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:08 GMT
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 05:53:15 GMT
server
Apache
etag
"277a7-5e42219c4aaee-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38049
showad.js
ads.pubmatic.com/AdServer/js/ Frame 91AA 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292227658,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=34195
content-encoding
gzip
content-length
13946
content-type
text/html
date
Fri, 12 Aug 2022 08:17:08 GMT
expires
Fri, 12 Aug 2022 17:47:03 GMT
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 1859 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292227658,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:08 GMT
content-encoding
gzip
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=34195
accept-ranges
bytes
content-type
text/html
content-length
13946
expires
Fri, 12 Aug 2022 17:47:03 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 1859 		27 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292227658,,&us_privacy=&cb=1660292228680&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fglamour.globo.com%252Flifestyle%252Fnoticia%252F2019%252F12%252Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fglamour.globo.com%252Flifestyle%252Fnoticia%252F2019%252F12%252Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&vwndref=https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F&vc=2&js=1&sec=1&kltstamp=2022-8-12%208:17:9&ranreq=0.594589340885932&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292227658,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:09 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://glamour.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
track
aktrack.pubmatic.com/ Frame 1859 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1660292229&wa=0&vadsId=-1&e=95&vc=2
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:09 GMT
content-length
0
content-type
text/html
i
vid-io-iad.springserve.com/vd/ Frame C780 		0
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=9bdba0fb&ps_id=357265&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.94.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-94-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:09 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
access-control-allow-methods
GET, OPTIONS
track
aktrack.pubmatic.com/ Frame C780 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1660292228&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:09 GMT
content-length
0
content-type
text/html
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame FB24 		342 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:17:09 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1660292226.dop084.dc2.shc,1660292226.dop084.dc2.t,1660292229.cds061.dc2.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
117960
t
t.lkqd.net/ Frame 5161 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:09 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 12 Aug 2022 08:17:09 GMT
server
nginx
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame FB24 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1660292229457
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:17:09 GMT
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1660292226.dop050.dc2.shc,1660292226.dop050.dc2.t,1660292229.cds101.dc2.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
sync
x.bidswitch.net/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://umfw.adscience.nl/sync/freewheel&gdpr=0&gdpr_consent=null?
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1265&userId=o89YTUPMOE0M2nj7.sKqCQ--
  • https://sync.1rx.io/usersync2/freewheel?gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F2067%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=3640108681
  • https://sync.1rx.io/usersync3/appnexus/2067/4838819436260598658?zcc=0&sspret=1&rndcb=3640108681
  • https://sync.targeting.unrulymedia.com/csync/RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D457%26userId%3DRX-505d6b14-b8d...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=457&userId=RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005
  • https://x.bidswitch.net/sync?ssp=stickyads&gdpr=0&gdpr_consent=
  • https://ums.acuityplatform.com/bum?tpid=29&uid=9f6c8083-3ab4-40a9-9e61-00d2d73f3398&bidswitch_ssp_id=stickyads
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=685754946922&expires=30&user_group=1&ssp=StickyAds
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=236&user_id=685754946922&expires=30&user_group=1&ssp=StickyAds
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:17:10 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://x.bidswitch.net/sync?dsp_id=236&user_id=685754946922&expires=30&user_group=1&ssp=StickyAds
/
ads.stickyadstv.com/additional-scripts/ Frame FB24 		301 B
815 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:09 GMT
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1660292229409070-245
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame FB24 		67 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&schain=1.0%2C1!vidoomy.com%2C61323%2C1%2C21436400714063078778404123023%2C%2C&vav=82c7cffd3f36794b635519e8d144d8ba&vaviv=33b0d5ebb76d699195d385c69bce0dda&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:09 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1660292229420056-174
user-matching
ads.stickyadstv.com/ Frame FB24 		0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDFkYTM3NTg3ZWRjODdkZDdkOGMxODU1NzVjOGY2&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDFkYTM3NTg3ZWRjODdkZDdkOGMxODU1NzVjOGY2&gdpr=0&gdpr_consent=
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:09 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDFkYTM3NTg3ZWRjODdkZDdkOGMxODU1NzVjOGY2&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1660292229448091-147
user-matching
ads.stickyadstv.com/ Frame FB24 		0
0
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=d1da37587edc87dd7d8c185575c8f6&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=d1da37587edc87dd7d8c185575c8f6&ex=freewheel.tv&gdpr=0&gdpr_consent=
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:09 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
20XM030MR7WP6RPGTSH9
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:09 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=d1da37587edc87dd7d8c185575c8f6&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1660292229496024-273
t
t.lkqd.net/ Frame 5161 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:09 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 12 Aug 2022 08:17:09 GMT
server
nginx
ad
v.lkqd.net/ Frame D28C 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1142899&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fglamour.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C61323%2C1%2C&c5=&c6=61323&rnd=95939570&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
2ad269b4b5e560ad0991f1045faf75aeb6321598f1510aad8169de55f40ff223

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:10 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1399
vpaid.js
ad.lkqd.net/vpaid/ Frame 7185 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:10 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1660292230.cds197.dc2.hn,1660292230.cds069.dc2.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
usync.html
ad.lkqd.net/cookie-sync/ Frame 8C99 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Fri, 12 Aug 2022 08:17:10 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1660292230.cds197.dc2.hn,1660292230.cds207.dc2.c
ad
v.lkqd.net/ Frame 7185 		43 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1142899&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fglamour.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C61323%2C1%2C&c5=&c6=61323&rnd=95939570&m=&rtv=1&thost=glamour.globo.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
1bc6869d74eaf2289120925b200e201013f1b0f1435a4a37a07dcec3bd45700b

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Aug 2022 08:17:10 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
4177
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1142899&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fglamour.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C61323%2C1%2C&c5=&c6=61323&rnd=95939570&m=&rtv=1&thost=glamour.globo.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Fri, 12 Aug 2022 08:17:10 GMT
server
nginx
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 6391 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C17700268688490109980176535758,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
3d2e054fdcdc33d84f190be6eb219bbc98f9feaa498b5b392f97db9468cb41ed

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:10 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1660292230220056-154
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 6391 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C84901099801765357582041538683%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
e0ad99de62e8537700c3a8ffa5e77798b4dba0353affde702a682db93746a5aa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:10 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1660292230260050-125
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 6391 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C84901099801765357581971013829%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
763709732989d3e1d56e633d4e405dd857943eeda367c2b1eca5aa4c3ce43437

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:10 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1660292230282014-145
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 12 Aug 2022 08:17:10 GMT
server
nginx
t
t.lkqd.net/ Frame 1712 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:10 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
truncated
/ Frame 7185 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/gif
vpaid_6d8da985.js
vpaid.springserve.com/production/ Frame ADC5 		506 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_6d8da985.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:b800:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e8003ad291ba3bd8691f5b0754b18daa4f89147dd3f27f204c651cd8d5fbf8f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 16:44:38 GMT
content-encoding
br
last-modified
Thu, 28 Jul 2022 16:39:44 GMT
server
AmazonS3
age
1265553
etag
W/"9026fbc1fc8aafffe9b6d2458d235a3a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9a4c760031a0dcc526cc9dcd0d0940ea.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
eP6D323ZsIIWrjSQaE7GzaIS3C5k4TGKyjAtLPD6u1zIt7R4vNsN1A==
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame ADC5 		981 B
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292230256,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
99671b2b4fcd19fe377090ce039fa7b1c30398d90bf754198e0b77b1a40b0f8d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:10 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
606
expires
Fri, 12 Aug 2022 08:17:10 GMT
t
t.lkqd.net/ Frame 1712 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:10 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 12 Aug 2022 08:17:10 GMT
server
nginx
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 717D 		158 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292230256,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
081d455bd5ad34e6a70e34cf5222173a504db11c69cff556b99a87f328b06931

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:10 GMT
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 05:53:15 GMT
server
Apache
etag
"277a7-5e42219c4aaee-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38049
showad.js
ads.pubmatic.com/AdServer/js/ Frame C98E 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292230256,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=34193
content-encoding
gzip
content-length
13946
content-type
text/html
date
Fri, 12 Aug 2022 08:17:10 GMT
expires
Fri, 12 Aug 2022 17:47:03 GMT
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 717D 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292230256,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:10 GMT
content-encoding
gzip
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=34193
accept-ranges
bytes
content-type
text/html
content-length
13946
expires
Fri, 12 Aug 2022 17:47:03 GMT
996.json
id5-sync.com/g/v2/ Frame CFBD 		451 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/996.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
5595a0ca8a68cc1d6e627ada0ee89585cce775bbafac19b5491c152520325b7a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Aug 2022 08:17:10 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
transfer-encoding
chunked
envelope
api.rlcdn.com/api/identity/ Frame CFBD 		0
0
rid
match.adsrvr.org/track/ Frame CFBD 		108 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
9674211389f95727d858e53f1b9e716d276af5bf96193b59555b2ea4d6e46bc3

Request headers

Referer
https://glamour.globo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Aug 2022 08:17:10 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://glamour.globo.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sun, 11 Sep 2022 08:17:10 GMT
usync.html
eus.rubiconproject.com/ Frame 00FC 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Aug 2022 08:17:11 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pd
us-u.openx.net/w/1.0/ Frame 2774 		681 B
413 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=de65e540-1353-4e70-af8f-72c6944458e2&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
8e2d6b5e53aa4e6941a2f6f31b49e25cafe51325966102532121c2c5c1beaa2a

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
394
content-type
text/html
date
Fri, 12 Aug 2022 08:17:10 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame 9FCF 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.57.44 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Aug 2022 08:17:10 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 16FA 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=63014
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 12 Aug 2022 08:17:11 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 13 Aug 2022 01:47:25 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0F74 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.228 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-228.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 12 Aug 2022 08:17:10 GMT
ETag
"623de86a-cf34"
Expires
Sat, 13 Aug 2022 08:17:12 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 0DD1 		26 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2410EL&prvid=77&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e9211fb205363f44e82b5000c998ab32a72436a3e56c8105ab352e5cb30aa0f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=75022
content-encoding
gzip
content-length
9347
content-type
text/html; charset=UTF-8
date
Fri, 12 Aug 2022 08:17:10 GMT
expires
Sat, 13 Aug 2022 05:07:32 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
709996.gif
id.rlcdn.com/ Frame 2774 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709996.gif
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=de65e540-1353-4e70-af8f-72c6944458e2&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 08:17:10 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sd
us-u.openx.net/w/1.0/ Frame 2774
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=a086202d-d569-435b-8706-1bbbff0d1632&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:cc7af9c12b90d058d68105cfddcc4a9b
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:cc7af9c12b90d058d68105cfddcc4a9b
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=de65e540-1353-4e70-af8f-72c6944458e2&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 12 Aug 2022 08:17:10 GMT
server
Aorta/20220801.70a5aba4
location
https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:cc7af9c12b90d058d68105cfddcc4a9b
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
67b2becdd888
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
dds
rtb.openx.net/sync/ Frame 2774
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=YF6e9C6VxjsX58xNyCYiuQ==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=de65e540-1353-4e70-af8f-72c6944458e2&gdpr=0
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:10 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
ig5bqsdsodo6jqc44kv8ifamivee1os9

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2774
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=3f4262f6-0c7b-4700-a042-2230177506f6
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=536872786&val=3f4262f6-0c7b-4700-a042-2230177506f6
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=de65e540-1353-4e70-af8f-72c6944458e2&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 12 Aug 2022 08:17:10 GMT
Server
MT3 4475 c1dc35a master ord-pixel-x57 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://us-u.openx.net/w/1.0/sd?id=536872786&val=3f4262f6-0c7b-4700-a042-2230177506f6
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 12 Aug 2022 08:17:09 GMT
sd
us-u.openx.net/w/1.0/ Frame 2774
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=1f908b89-879f-4467-acd7-d70027d2a07e
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=1f908b89-879f-4467-acd7-d70027d2a07e
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=de65e540-1353-4e70-af8f-72c6944458e2&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=1f908b89-879f-4467-acd7-d70027d2a07e
Date
Fri, 12 Aug 2022 08:17:10 GMT
X-CI-RTID
a6132362-ad6a-4bdc-86c8-7b5875f983de
Connection
keep-alive
Content-Length
112
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 2774
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=de65e540-1353-4e70-af8f-72c6944458e2&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:10 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
async_usersync
ib.adnxs.com/ Frame 0F74 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:10 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
f32bf392-4ec5-417e-a581-79a7484e4838
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 4990 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fglamour.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
246414f657b1be44a4ab833b15024ce0080e338cd6e33dfcea5ecd7b6c48a535

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7397c5eb98bfa216-YYZ
content-encoding
br
content-type
text/html
date
Fri, 12 Aug 2022 08:17:11 GMT
dropped-udsids
73|46|130|3|196|90|4|190
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=45qhFjzuW8fX3%2FiPW24MoR2nYiDOiq2UDuiVQZtErnWBh80Mh0%2BSvTr9X9zJpK4WMIAxXBN%2B%2FP1FU8fh0fIu%2FlhlO1TwItDLe2El8edG5vUPljbC0INU3hi8NSDcviCJfkswu3gEjIPI7A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 717D 		27 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292230256,,&us_privacy=&cb=1660292230520&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fglamour.globo.com%252Flifestyle%252Fnoticia%252F2019%252F12%252Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fglamour.globo.com%252Flifestyle%252Fnoticia%252F2019%252F12%252Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&vwndref=https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F&vc=2&js=1&sec=1&kltstamp=2022-8-12%208:17:11&ranreq=0.05612388925045786&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292230256,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:11 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://glamour.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
YvYMeptZyA-1HFbuQyqMsAAAAd8AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4990 		43 B
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YvYMeptZyA-1HFbuQyqMsAAAAd8AAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fglamour.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:b371:809f:9514:eb53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:11 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame 4990
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4838819436260598658
43 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4838819436260598658
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fglamour.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
7397c5ec78a5f97d-YYZ
pragma
no-cache
date
Fri, 12 Aug 2022 08:17:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o9TdA2rS73s3GsMWQZJo4KSd3Tomt5Q%2BlHNhbvScVCLyf%2FwBTxKsVDBZiO%2Bntz5u4Xwt%2BWn7HYLXf74j2Tn0GyvJS1zKg%2FoJLU2KbPNkGXMLeVV4mAii3ls0riBLk6ChPEP6v0vFuPSfgg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:11 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
6421ebf3-ccc5-4cf5-85ea-90b8f1030392
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4838819436260598658
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4990
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADwMk7F7BkAABENckpF8w&expiration=1661501831
43 B
910 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADwMk7F7BkAABENckpF8w&expiration=1661501831
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fglamour.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
7397c5ec488ef97d-YYZ
pragma
no-cache
date
Fri, 12 Aug 2022 08:17:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3bY32yR%2FYPLrh2c%2BQUz2hdf3wUBIE%2F5ozzLFUjOb5nq01fTlQh13H85rEwPdQGHVIFJDLz5e0Ph7jsJuQaKTXPhGzBoAgL8cpQSzFWAc6kEMTVYEZ%2BCtTbcQFSq6wybeVyPpPGnLkynnA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADwMk7F7BkAABENckpF8w&expiration=1661501831
Date
Fri, 12 Aug 2022 08:17:11 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
crum
dsum-sec.casalemedia.com/ Frame 4990
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3f4262f6-0c7b-4700-a042-2230177506f6
43 B
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3f4262f6-0c7b-4700-a042-2230177506f6
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fglamour.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
7397c5ec5895f97d-YYZ
pragma
no-cache
date
Fri, 12 Aug 2022 08:17:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3YzoRA9RkT7N7XKHY7MQEBglaU4DEOzAiz3pL4Az9CS2xE%2F1AA7kq2TmpGcG2MvEcvxaRRM1sgfHCbPFKpXxCs1NWMx1PeWtvg%2BsecSurEYjb0df49Qx%2BeZ9Q1QuhznL6nyNCOnTC0G9ww%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Fri, 12 Aug 2022 08:17:11 GMT
Server
MT3 4475 c1dc35a master ord-pixel-x49 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3f4262f6-0c7b-4700-a042-2230177506f6
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 12 Aug 2022 08:17:10 GMT
crum
dsum-sec.casalemedia.com/ Frame 4990
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=04030001_62f60c8713466&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_62f60c8713466
43 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_62f60c8713466
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fglamour.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
7397c5ec689ef97d-YYZ
pragma
no-cache
date
Fri, 12 Aug 2022 08:17:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7J5st7ubu4bY7Rl8PFQNqdKT2p6hjRV%2FztEYDuMyrmP9oSwoipp67h8VmlEg6D6EiJp%2Bag1zNvk%2BmyGE1Ezwq3tmigCABtJph%2FWFZciy82u1l1C%2BTfk3DbfXCamjsCakScwoX10qXimCQg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 12 Aug 2022 08:17:11 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_62f60c8713466
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
crum
dsum-sec.casalemedia.com/ Frame 4990
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8315754224554931B82C11B06ADF48C8
43 B
910 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8315754224554931B82C11B06ADF48C8
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fglamour.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
7397c5ec68a1f97d-YYZ
pragma
no-cache
date
Fri, 12 Aug 2022 08:17:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SccfrTqVlPHYYhFM2swwI%2B4WHrrDPpqUhjMY727vGHbir8%2BbJGFZ9po5DHOePf5nwIVIrW1uS6zKI764cDCvdV8ORXZtYLIgIF2s%2F4Rh5UPZ3Yc2CA1wpanqGUBZFh4OTZN%2Fwhxp71Ur4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 12 Aug 2022 08:17:11 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8315754224554931B82C11B06ADF48C8
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Thu, 11 Aug 2022 08:17:11 GMT
rum
dsum-sec.casalemedia.com/ Frame 4990
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4276077296345607779
43 B
916 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4276077296345607779
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fglamour.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
7397c5ec589bf97d-YYZ
pragma
no-cache
date
Fri, 12 Aug 2022 08:17:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cfrkz9r8q9He%2FLL%2Bz1LjAYY5rahL%2FFl77s86HpVPu1ZR971T%2B8HLx0bnQmt15Z2Wr052v%2FvjYHLVlhZg7srpPVAUO4ze1yACSGGtua%2FpXV%2BjorEpw43Ye%2F6lLHnO0DdtK%2FB%2FlwOt8w8ZBg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4276077296345607779
pragma
no-cache
date
Fri, 12 Aug 2022 08:17:10 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum.casalemedia.com/ Frame 4990
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4838819436260598658
43 B
948 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4838819436260598658
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fglamour.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
7397c5ecad74543d-YYZ
pragma
no-cache
date
Fri, 12 Aug 2022 08:17:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JaEsj4qZGdcsmnCugdPWzUlFv0F4olaAiIWe4%2BX95HfQkVhBpe6hQvCQRsVBnMvIgDoFk0nmcS%2FokymN2mzG5jgeYeWrE%2B4%2BdWj%2BSJI2S4GnWwCXu2goNRpReW35W%2BlDt%2FA7Hag2"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:11 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
2e51ef07-892e-4ccf-9c4c-0b2c0bca22c9
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4838819436260598658
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 4990 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YvYMeptZyA.1HFbuQyqMsAAA%26479
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fglamour.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c4c -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:11 GMT
cf-cache-status
HIT
age
76
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
content-length
43
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
etag
"761e21-2b-546dc3a097100"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7397c5ec9b03ecea-YUL
expires
Fri, 12 Aug 2022 12:17:11 GMT
usync.js
eus.rubiconproject.com/ Frame 00FC 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
843061eb460de0b038e56183343e2f2308875530fb61d3cdbdd47c1604c0557d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:17:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54894
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9453
Expires
Fri, 12 Aug 2022 23:32:05 GMT
track
aktrack.pubmatic.com/ Frame 717D 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1660292231&wa=0&vadsId=-1&e=95&vc=2
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:11 GMT
content-length
0
content-type
text/html
i
vid-io-iad.springserve.com/vd/ Frame ADC5 		0
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=4161ebc4&ps_id=357265&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.94.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-94-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:11 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
access-control-allow-methods
GET, OPTIONS
track
aktrack.pubmatic.com/ Frame ADC5 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1660292230&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:11 GMT
content-length
0
content-type
text/html
vpaid_6d8da985.js
vpaid.springserve.com/production/ Frame 00A6 		506 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_6d8da985.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:b800:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e8003ad291ba3bd8691f5b0754b18daa4f89147dd3f27f204c651cd8d5fbf8f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 16:44:38 GMT
content-encoding
br
last-modified
Thu, 28 Jul 2022 16:39:44 GMT
server
AmazonS3
age
1265554
etag
W/"9026fbc1fc8aafffe9b6d2458d235a3a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9a4c760031a0dcc526cc9dcd0d0940ea.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
tG1agdJhdjXbUgaSq4ZM1IOf0-4S6nwMusm_BIZlEfpMjcZFiEH2Nw==
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 00A6 		981 B
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292230256,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
be58b2f058e8e47932d8150005ea3df3aed2ae830268a31a23501dd47bd8058c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:11 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
606
expires
Fri, 12 Aug 2022 08:17:11 GMT
pixel.gif
px.moatads.com/ Frame 4B0A 		43 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&dMoatBDS=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ESSENCEDIGITALNA1&ol=2466337508&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-orqDNwRTPmOps3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-L5aj2Zz1Kg7M0g%3D%3D&sc=1&os=1-CA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fglamour.globo.com%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fglamour.globo.com&lp=https%3A%2F%2Fglamour.globo.com&t=1660292221096&de=978096205301&cu=1660292221096&m=10289&ar=1da355aa18f-clean&iw=57c14d0&cb=0&ym=0&ll=3&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=227&lg=1&lh=64&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1074%3A1074%3A1667%3A1124&aa=1&ad=10137&cn=5033&gn=1&gk=10137&gl=5033&ik=10137&ic=10137&ez=1&co=1106&cp=1043&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10073&cd=4970&ah=10073&am=4970&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=28175962%3A6026018%3A342179500%3A175674729&bo=globo.com&bd=glamour.globo.com&gw=essencedigitalna20153870852878&zMoatOrigSlicer1=6026018&zMoatOrigSlicer2=342179500&zMoatG=ct&zMoatAUCID=-&zMoatJS=3%3A-&zMoatDR=-&hv=Essence%20Override%202&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jk=-1&jm=1&tc=0&fs=199703&na=2027107761&cs=0
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.223.57.238 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-57-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:11 GMT
x-check-cacheable
YES
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
last-modified
Fri, 20 May 2016 15:16:00 GMT
accept-ranges
bytes
content-length
43
expires
Fri, 12 Aug 2022 08:17:11 GMT
t
t.lkqd.net/ Frame 1712 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:11 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 12 Aug 2022 08:17:11 GMT
server
nginx
dc_oe=ChMItcyOwO7A-QIVngxoCB2wqQ06EAAYACDpquJTQhMI9dTIv-7A-QIVLLOzCh1JRQIY;met=1;&timestamp=1660292231481;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 4B0A 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMItcyOwO7A-QIVngxoCB2wqQ06EAAYACDpquJTQhMI9dTIv-7A-QIVLLOzCh1JRQIY;met=1;&timestamp=1660292231481;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.2 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame 4B0A 		43 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=25&q=2&dMoatBDS=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2Fsadbundle%2F15305731331847383697%2Findex.html&i=ESSENCEDIGITALNA1&ol=2466337508&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-orqDNwRTPmOps3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-L5aj2Zz1Kg7M0g%3D%3D&sc=1&os=1-CA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=7&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fglamour.globo.com%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fglamour.globo.com%2F&lp=https%3A%2F%2Fglamour.globo.com&t=1660292221096&de=978096205301&cu=1660292221096&m=10490&ar=1da355aa18f-clean&iw=57c14d0&cb=0&ym=0&ll=3&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=227&lg=1&lh=64&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1074%3A1074%3A1667%3A1124&aa=1&ad=10338&cn=10137&gn=1&gk=10338&gl=10137&ik=10338&ic=10338&ez=1&co=1106&cp=1043&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10274&cd=10073&ah=10274&am=10073&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=28175962%3A6026018%3A342179500%3A175674729&bo=globo.com&bd=glamour.globo.com&gw=essencedigitalna20153870852878&zMoatOrigSlicer1=6026018&zMoatOrigSlicer2=342179500&zMoatG=ct&zMoatAUCID=-&zMoatJS=3%3A-&zMoatDR=-&hv=Essence%20Override%202&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jk=-1&jm=1&tc=0&fs=199703&na=1096970013&cs=0
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.223.57.238 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-57-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:11 GMT
x-check-cacheable
YES
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
last-modified
Fri, 20 May 2016 15:16:00 GMT
accept-ranges
bytes
content-length
43
expires
Fri, 12 Aug 2022 08:17:11 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame AD22 		158 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292230256,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
081d455bd5ad34e6a70e34cf5222173a504db11c69cff556b99a87f328b06931

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:11 GMT
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 05:53:15 GMT
server
Apache
etag
"277a7-5e42219c4aaee-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38049
showad.js
ads.pubmatic.com/AdServer/js/ Frame 0A8C 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292230256,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=34192
content-encoding
gzip
content-length
13946
content-type
text/html
date
Fri, 12 Aug 2022 08:17:11 GMT
expires
Fri, 12 Aug 2022 17:47:03 GMT
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame AD22 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292230256,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:11 GMT
content-encoding
gzip
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=34192
accept-ranges
bytes
content-type
text/html
content-length
13946
expires
Fri, 12 Aug 2022 17:47:03 GMT
async_usersync
ib.adnxs.com/ Frame 0F74 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:11 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
6e0a083b-e139-49b8-9fbd-6c0ab7d83db1
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame AD22 		27 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292230256,,&us_privacy=&cb=1660292231750&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fglamour.globo.com%252Flifestyle%252Fnoticia%252F2019%252F12%252Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fglamour.globo.com%252Flifestyle%252Fnoticia%252F2019%252F12%252Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&vwndref=https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F&vc=2&js=1&sec=1&kltstamp=2022-8-12%208:17:12&ranreq=0.3303897670367548&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292230256,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:12 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://glamour.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
track
aktrack.pubmatic.com/ Frame AD22 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1660292232&wa=0&vadsId=-1&e=95&vc=2
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:12 GMT
content-length
0
content-type
text/html
i
vid-io-iad.springserve.com/vd/ Frame 00A6 		0
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=79ba6322&ps_id=357265&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.94.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-94-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:12 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
access-control-allow-methods
GET, OPTIONS
track
aktrack.pubmatic.com/ Frame 00A6 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1660292231&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:12 GMT
content-length
0
content-type
text/html
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame B75A 		342 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:17:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1660292226.dop084.dc2.shc,1660292226.dop084.dc2.t,1660292232.cds061.dc2.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
117960
t
t.lkqd.net/ Frame 1712 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:12 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 12 Aug 2022 08:17:12 GMT
server
nginx
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame B75A 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1660292232466
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:17:12 GMT
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1660292226.dop050.dc2.shc,1660292226.dop050.dc2.t,1660292232.cds101.dc2.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
auto-user-sync
ads.stickyadstv.com/ Frame B75A 		0
0
user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://x.bidswitch.net/sync?ssp=stickyads&gdpr=0&gdpr_consent=null
  • https://dt.videohub.tv/ssframework/uid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D122%26user_id%3D%5BUSER_ID%5D%26expires%3D30%26ssp%3Dstickyads%26bsw_param%3D9f6c8083-3ab4-40a9-9e61-00d2d73f3398
  • https://x.bidswitch.net/sync?dsp_id=122&user_id=CI-d93be1b9b1ae0d83c6d6154b02672d72&expires=30&ssp=stickyads&bsw_param=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
  • https://ads.stickyadstv.com/user-registering?dataProviderId=204&userId=9f6c8083-3ab4-40a9-9e61-00d2d73f3398
  • https://sync.extend.tv/freewheel?
  • https://ads.stickyadstv.com/user-registering?dataProviderId=737&userId=b8e98277-baca-4851-97f2-5ef6fc879ef8
  • https://sync.srv.stackadapt.com/sync?nid=169&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1362&userId=s2-c1UJiToJucJinG1V3nJU4mbM
  • https://a.tribalfusion.com/i.match?p=b25&u=d1da37587edc87dd7d8c185575c8f6&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D977%26userId%3D%24TF_...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=977&userId=18072662274873668336
  • https://jelly.mdhv.io/v4/pixie?
  • https://ads.stickyadstv.com/user-registering?dataProviderId=513&userId=735b3534-2f62-4f9e-a32c-a97cfede8ce0
  • https://ssum-sec.casalemedia.com/usermatchredir?s=190775&cb=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1025%26userId%3D_UID_
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=YvYMeptZyA.1HFbuQyqMsAAA%26479
  • https://freewheel-match.dotomi.com/match/bounce/current?networkId=41963&version=1
  • https://freewheel-match.dotomi.com/match/bounce/current?DotomiTest=564028c333ed122b&is_secure=true&networkId=41963&version=1
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1249&userId=AAAGc64h4HhHXgN0vJc0AAAAAAA&expiration=1660378633&is_secure=true
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D&_cvt=t
  • https://ads.stickyadstv.com/user-registering?dataProviderId=609&userId=d6.76e04cdc434e403aa124f7bd7d148a83
0
0
/
ads.stickyadstv.com/additional-scripts/ Frame B75A 		301 B
815 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:12 GMT
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1660292232523044-274
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame B75A 		67 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&schain=1.0%2C1!vidoomy.com%2C61323%2C1%2C17700268688490109980176535758%2C%2C&vav=a26e489ae18df025f63e2aee8abb7df8&vaviv=8496108c9a94ac5900d82dc39cf5bcc4&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:12 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1660292232532007-134
user-matching
ads.stickyadstv.com/ Frame B75A 		0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDFkYTM3NTg3ZWRjODdkZDdkOGMxODU1NzVjOGY2&gdpr=0&gdpr_consent=
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDFkYTM3NTg3ZWRjODdkZDdkOGMxODU1NzVjOGY2&gdpr=0&gdpr_consent=
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:12 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDFkYTM3NTg3ZWRjODdkZDdkOGMxODU1NzVjOGY2&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1660292232594031-245
user-matching
ads.stickyadstv.com/ Frame B75A 		0
0
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=d1da37587edc87dd7d8c185575c8f6&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=d1da37587edc87dd7d8c185575c8f6&ex=freewheel.tv&gdpr=0&gdpr_consent=
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:12 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
P3EKJCZS3ZGAHF0BYZFG
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:12 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=d1da37587edc87dd7d8c185575c8f6&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1660292232597070-121
t
t.lkqd.net/ Frame 1712 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:12 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 12 Aug 2022 08:17:12 GMT
server
nginx
ad
v.lkqd.net/ Frame D28C 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1142899&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fglamour.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C61323%2C1%2C&c5=&c6=61323&rnd=16174837&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
d5b5cd446f924a2393ed36da029ad74d766bbf5d473e77fddf70bc4f225c6324

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:13 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1396
vpaid.js
ad.lkqd.net/vpaid/ Frame 3337 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:13 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1660292233.cds197.dc2.hn,1660292233.cds069.dc2.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
usync.html
ad.lkqd.net/cookie-sync/ Frame F291 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Fri, 12 Aug 2022 08:17:13 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1660292233.cds197.dc2.hn,1660292233.cds207.dc2.c
ad
v.lkqd.net/ Frame 3337 		52 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1142899&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fglamour.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C61323%2C1%2C&c5=&c6=61323&rnd=16174837&m=&rtv=1&thost=glamour.globo.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
ed59af9eb8cf34d8e8656e76ce20ac90d38f3af87f4b634627d38f663ee61435

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Aug 2022 08:17:13 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
4484
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1142899&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fglamour.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C61323%2C1%2C&c5=&c6=61323&rnd=16174837&m=&rtv=1&thost=glamour.globo.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.188 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Fri, 12 Aug 2022 08:17:13 GMT
server
nginx
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 6391 		1010 B
871 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C20733199234315547352714927919%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
690750b14e4427947b30276546f409dde166d3e8cde6a988b3e280d28c58341f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:13 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
625
expires
Fri, 12 Aug 2022 08:17:13 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 6391 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C4315547352714927919435333729%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
618a1645d1947760e5fb08f273c678650a8bc1e6179745dc489e20972304a9a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:13 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1660292233611052-152
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 6391 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C43155473527149279192006448424%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
25f4d2b29f5d1eee4273974cc23de662ed5497dd28f4acbef5d33d99bc6d625c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 08:17:13 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1660292233606000-288
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 12 Aug 2022 08:17:13 GMT
server
nginx
t
t.lkqd.net/ Frame 6400 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:13 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
truncated
/ Frame 3337 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/gif
vpaid_6d8da985.js
vpaid.springserve.com/production/ Frame C6C2 		506 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_6d8da985.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:b800:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e8003ad291ba3bd8691f5b0754b18daa4f89147dd3f27f204c651cd8d5fbf8f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 16:44:38 GMT
content-encoding
br
last-modified
Thu, 28 Jul 2022 16:39:44 GMT
server
AmazonS3
age
1265556
etag
W/"9026fbc1fc8aafffe9b6d2458d235a3a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9a4c760031a0dcc526cc9dcd0d0940ea.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
nNWMG5viX6vKuNnxZw5eT3FUAU_d20rtl9Iw1XD4VzfgnfE5Za6VKw==
t
t.lkqd.net/ Frame 6400 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:13 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 12 Aug 2022 08:17:13 GMT
server
nginx
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame C6C2 		981 B
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292233567,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
afdd4992973ba0f1c1cd9851efa124a1e177edcda2d60e5ac7b5a7fc29bc2c68

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:17:13 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
606
expires
Fri, 12 Aug 2022 08:17:13 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame F07A 		158 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292233567,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
081d455bd5ad34e6a70e34cf5222173a504db11c69cff556b99a87f328b06931

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:13 GMT
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 05:53:15 GMT
server
Apache
etag
"277a7-5e42219c4aaee-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38049
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5766 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292233567,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=34190
content-encoding
gzip
content-length
13946
content-type
text/html
date
Fri, 12 Aug 2022 08:17:13 GMT
expires
Fri, 12 Aug 2022 17:47:03 GMT
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame F07A 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292233567,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.56.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:13 GMT
content-encoding
gzip
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=34190
accept-ranges
bytes
content-type
text/html
content-length
13946
expires
Fri, 12 Aug 2022 17:47:03 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame F07A 		27 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292233567,,&us_privacy=&cb=1660292233808&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fglamour.globo.com%252Flifestyle%252Fnoticia%252F2019%252F12%252Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fglamour.globo.com%252Flifestyle%252Fnoticia%252F2019%252F12%252Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&vwndref=https%3A%2F%2Fwww.protocolo7em7.com.br.hackeandoansiedade.space%2F&vc=2&js=1&sec=1&kltstamp=2022-8-12%208:17:14&ranreq=0.0481909445154205&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292233567,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:14 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://glamour.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
track
aktrack.pubmatic.com/ Frame F07A 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1660292235&wa=0&vadsId=-1&e=95&vc=2
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:14 GMT
content-length
0
content-type
text/html
i
vid-io-iad.springserve.com/vd/ Frame C6C2 		0
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=5f4313af&ps_id=357265&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.94.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-94-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:14 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
access-control-allow-methods
GET, OPTIONS
track
aktrack.pubmatic.com/ Frame C6C2 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1660292233&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:17:14 GMT
content-length
0
content-type
text/html
vpaid_6d8da985.js
vpaid.springserve.com/production/ Frame BD8D 		506 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_6d8da985.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:b800:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e8003ad291ba3bd8691f5b0754b18daa4f89147dd3f27f204c651cd8d5fbf8f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 16:44:38 GMT
content-encoding
br
last-modified
Thu, 28 Jul 2022 16:39:44 GMT
server
AmazonS3
age
1265557
etag
W/"9026fbc1fc8aafffe9b6d2458d235a3a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9a4c760031a0dcc526cc9dcd0d0940ea.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
qfpX5K7nUvGTAe5SqHeyuJixTpiZodwH8ffMa3EkbW6lW1-2pmD_MA==
t
t.lkqd.net/ Frame 6400 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Fri, 12 Aug 2022 08:17:14 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.135 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 12 Aug 2022 08:17:14 GMT
server
nginx
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame BD8D 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
r.nexac.com
URL
https://r.nexac.com/e/getdata.xgi?dt=br&pkey=gpwn29rvapq62&ru=https://beacon.krxd.net/data.gif?_kuid%3DPA2gS8g7%26_kdpid%3D2dd640a6-6ebd-4d4f-af30-af8baa441a0d%26dlxid%3D%3Cna_id%3E%26dlxdata%3D%3Cna_da%3E
Domain
r.nexac.com
URL
https://r.nexac.com/e/getdata.xgi?dt=br&pkey=gpwn29rvapq62&ru=https://beacon.krxd.net/data.gif?_kuid%3DPA2gS_tb%26_kdpid%3D2dd640a6-6ebd-4d4f-af30-af8baa441a0d%26dlxid%3D%3Cna_id%3E%26dlxdata%3D%3Cna_da%3E
Domain
sync.resetdigital.co
URL
https://sync.resetdigital.co:10001/csync/pubmatic
Domain
sync.crwdcntrl.net
URL
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/286/19/1/9.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=3f4262f6-0c7b-4700-a042-2230177506f6&gdpr=0&gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1281&userId=di_8e26fc569f664441815e1
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=609&userId=d6.76e04cdc434e403aa124f7bd7d148a83
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
Domain
vpaid.pubmatic.com
URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1660292233566,,

Verdicts & Comments Add Verdict or Comment

470 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| cdaaas object| HorizonClient object| utag_data function| globalWebdeps object| glb object| settings string| tenantId string| mobileSearchPrefix object| AMP_CONFIG object| AMP_EXP object| AMP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| oidcSettings object| SETTINGS object| bstn boolean| BASTIAN_UBER_HEADLINE object| BASTIAN_INFO function| setImmediate function| clearImmediate object| WM object| ScrollSpy object| globoPage object| regeneratorRuntime object| localStorageCache object| editoraGloboAuthenticationLib function| Bastian object| horizonResources function| comScore object| ns_p object| $jscomp function| __extends object| Horizon object| glb_realtime_map object| pvm object| loadTimes function| convertRecAb function| $ function| jQuery function| HorizonSendEvent function| HorizonSchedulePageLoadEvent object| commentsEl boolean| utag_condload boolean| inQa boolean| isMultiContent boolean| isElectionPage boolean| isVotePage boolean| alreadyRolledOut boolean| isMultiContentRedeGlobo boolean| shouldAppendJs string| profilingJs number| nvgId boolean| nvgAsync object| nvg object| s object| adunit_produto object| produtos_novos object| ad_units object| pbjs object| scriptPreBid object| tag object| prebidData number| FAILSAFE_TIMEOUT number| FAILSAFE_TIMEOUT_LAZY object| headerBiddingSlotsCalled object| desktop_positions_list object| desktop_positions_list_homes undefined| mobile_positions_list object| mobile_positions_list_full object| mobile_positions_list_homes object| ad_positions_full object| tentativasBLL object| userStorage undefined| adunit_autoesporte undefined| url_limpa string| adunit undefined| adunit_umsoplaneta number| fLen string| text string| dtpub object| headerBiddingSlots object| utag function| getJs function| printarPublicidade function| callAdServer function| callPrebid function| whenAvailableCookie function| cadunUserData function| callAdserverLazy function| callPrebidLazy function| printarOutstream function| printarPublicidadesMateria function| printarPublicidadesScroll function| advertisingGlobalLoader function| advertisingGlobalRefresh boolean| __tealium_twc_switch function| Krux function| bannerLazyLoading string| ga_editoria string| ga_editorias_secundarias string| nomeProdutoPiano string| tipoConteudoPiano string| ambienteUtilizadoPiano boolean| conteudoExclusivo object| _taboola object| GlobalIvcNamespace function| ivc string| divId_ajustado object| _gaq object| jQuery18309954235953339627 string| glbid object| nvg13574 function| nvgGetSegment function| ltgc string| prmstr object| prmarr object| tmparr object| nvg_hosts object| naveggReady object| tv4 object| dmp object| cq object| commonSignals function| commonTracker function| sendCommonHit object| Snowplow object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| _comscore function| GloboAB object| globoAB object| COMSCORE function| udm_ function| JsonpService function| Util function| CacheService object| Cadun function| EventService object| GloboIDSDK object| _cdn function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| pbjsChunk object| _pbjsGlobals boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx undefined| _tb_vpmd boolean| _tb_vautop function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter object| _pmk function| TBWidgetFacebook function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| yi object| _pm_mcg number| taboola_view_id object| webpackJsonp boolean| hasPaywall object| tp object| PaywallAnalytics object| tinyCpnt object| dataLayer object| Piano object| responseVariables object| gptadslots object| googletag function| _hasClass function| addClass object| _hjSettings function| hj string| GoogleAnalyticsObject function| ga string| gtagRename function| gtag object| google_tag_data object| gaplugins object| SWG object| swgEntitlements object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal object| ggeac object| google_js_reporting_queue function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _typeof boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion function| ___tp string| nam object| placementData boolean| _tb_vd_pg function| BlockAdBlock object| blockAdBlock undefined| google_measure_js_timing string| nvg_i object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| cX function| cxCCE_callQueueExecute object| cxTest object| WP3 function| Zepto function| __onGCastApiAvailable object| WM_PLAYER_VIDEO_TAG_TEST_AUDIO object| WM_PLAYER_VIDEO_TAG_TEST_MUTE object| Clappr object| vttjs function| WebVTT object| gaData object| cmTag object| PianoESPConfig object| regrasTiny string| _GALimite string| _GAContagem boolean| executouPageview object| glbBannerBottomFixed string| nomeExperienciaBotao string| buttonValorImg string| buttonValorUrl object| glbBannersConsumer number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| ima object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| google object| module$exports$ima$dai$api$StreamEvent object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| _cm_wfCounters object| ox_esp function| lotameIsCompatible function| sync16589_c function| sync16589_d undefined| sync16589_e undefined| sync16589_f undefined| sync16589_g function| sync16589_h object| sync16589_j function| sync16589_k function| sync16589_l object| sync16589_ object| sync16589_la function| sync16589_a function| sync16589_b function| sync16589_i function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_aa function| sync16589_q function| sync16589_r function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_ba function| sync16589_ca function| sync16589_v function| sync16589_da function| sync16589_w function| sync16589_x function| sync16589_y function| sync16589_ea function| sync16589_z function| sync16589_A function| sync16589_B function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_fa function| sync16589_J function| sync16589_K function| sync16589_ga function| sync16589_ha function| sync16589_L function| sync16589_M function| sync16589_ia function| sync16589_ja function| sync16589_ka function| sync16589_N function| sync16589_O function| sync16589_P function| sync16589_Q function| sync16589_R function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_X function| sync16589_Z function| sync16589_Y function| sync16589__ function| sync16589_0 function| sync16589_1 function| sync16589_2 function| sync16589_4 function| sync16589_5 function| sync16589_ma function| sync16589_3 function| sync16589_7 function| sync16589_6 function| sync16589_na function| sync16589_8 function| sync16589_oa function| sync16589_9 function| sync16589_pa function| sync16589_$ function| sync16589_qa object| lotame_sync_16589 object| _seedtagq function| __esp_getUID2Async object| __uid2 undefined| cXJsonpCBl6q74a5xipgy0pxb object| teadsscript object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_126 object| Criteo object| Criteo_identitytag_126 object| teads object| p object| webpackJsonp1660290733983 function| requestAnimationFrame1 function| cancelAnimationFrame1 function| getVPAIDAd boolean| _seedtagLoaded object| _seedtag object| lkqd object| TTTagManager function| TTTagManagerError object| _ttq_tt_seedtag function| fbq function| _fbq

342 Cookies

Domain/Path Name / Value
glamour.globo.com/lifestyle/noticia/2019/12 Name: _gada_ses.34ef
Value: *
glamour.globo.com/lifestyle/noticia/2019/12 Name: _gada_id.34ef
Value: c95393ee-7298-4e26-aae1-df32ba26de54.1660292215.1.1660292215.1660292215.25c74b41-c90d-4932-b4a3-37b1c09a1c45
glamour.globo.com/lifestyle/noticia/2019/12 Name: privAu
Value: 0
id.globo.com/auth/realms/globo.com/ Name: AUTH_SESSION_ID
Value: a7c2f4e5-99ed-4931-a29f-ff60d051da19.mig-rhsso-prod-chmr
id.globo.com/auth/realms/globo.com/ Name: AUTH_SESSION_ID_LEGACY
Value: a7c2f4e5-99ed-4931-a29f-ff60d051da19.mig-rhsso-prod-chmr
.taboola.com/editoraglobo-glamour/ Name: taboola_session_id
Value: v2_2baaefe5c0d02c2630e7a946441c0f1f_1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8_1660292216_1660292216_EKD_SRi-64KJqTAgASgBMCY4iegHQOr1B0iny9kDUK7MB1gAYABo8cHPn4bN__V_cAE
.globo.com/ Name: glb_uid
Value: "5reUx9VZL23G4IGNbqkaLpAMZl5jmkhFGtek2D65eKg="
.scorecardresearch.com/ Name: UID
Value: 1AF43fc1bac29ba62b064c61660292215
id.globo.com/ Name: GCLB
Value: "fd88f79898224faa"
cdn.taboola.com/ Name: abLdr
Value: 16
.globo.com/ Name: GLBEXP
Value: mu3Z4Wv1hfrf6Wb5GRTh5aUlar2WYbsCEuwIyhH4l9w=
.globo.com/ Name: kppid
Value: 801914769712392704
.globo.com/ Name: hsid
Value: 978c8a02-404d-4307-a927-6eb08f077612
.navdmp.com/ Name: nid
Value: 113571d6e3b5c58d556220d33910|0|252
.globo.com/ Name: nav13574
Value: 113571d6e3122eaec847a61f9510|2_225
glamour.globo.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.globo.com/ Name: pbjs_sharedId
Value: cdf74e9b-d4ff-4fb4-a63f-4134b31c453c
glamour.globo.com/ Name: _tb_sess_r
Value: https%3A//www.protocolo7em7.com.br.hackeandoansiedade.space/
.krxd.net/ Name: _kuid_
Value: PA2gS_tb
.doubleclick.net/ Name: IDE
Value: AHWqTUlrWYYZVvzfR_5RYIQ-ugW3cxChYqYjihwZQ09QfReFg0hyFoyhqMBmFhs3zBc
.criteo.com/ Name: uid
Value: b5ec2475-b3b4-4e7c-ae4d-4ce10fdd3825
.adnxs.com/ Name: uuid2
Value: 4838819436260598658
.sitescout.com/ Name: ssi
Value: 3b411936-d003-4cd9-9e67-af68dedd1a6e#1660292216079
.demdex.net/ Name: demdex
Value: 19339563185906183334270441375210937637
.yahoo.com/ Name: A3
Value: d=AQABBHgM9mICEGYJLygie2dmoqfUJ4yhZ88FEgEBAQFd92L_YgAAAAAA_eMAAA&S=AQAAArQBxVVofkvQgR0AWHH4TsE
.rubiconproject.com/ Name: khaos
Value: L6Q748YP-1X-5LKK
.dpm.demdex.net/ Name: dpm
Value: 19339563185906183334270441375210937637
.globo.com/ Name: _pc_randomCookieForPiano
Value: cookieB
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005%22%7D
.globo.com/ Name: _ga_WE4K4RF1F3
Value: GS1.1.1660292216.1.0.1660292216.0
.taboola.com/ Name: t_gid
Value: 1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8
glamour.globo.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8
.globo.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.globo.com/ Name: _ga
Value: GA1.2.437779693.1660292217
.globo.com/ Name: _gid
Value: GA1.2.1700218470.1660292217
.globo.com/ Name: _gat_ga_glamour
Value: 1
.piano.io/ Name: __cf_bm
Value: tM6WHRwlY9AhVUbldVROfxkY096sePJ2O.lYpePtLog-1660292217-0-AX2cgqy/rfK3RdmlF1po1BIEzsDgqi2Dd91w8Brqn0+eF+aC0oEMRzad2RGOB0AQlAJ9nW2P3xsyCduwMKcMmeI=
.globo.com/ Name: __tbc
Value: %7Bkpex%7DD4Mp3C_O_wDiyU3MJTGMpyVraf5kG4V3EZrsWZXFXrE47ORi9OmpYL4tM2zPp7-Z
.globo.com/ Name: cX_P
Value: l6q749brymrcbry4
.globo.com/ Name: __pat
Value: -10800000
.globo.com/ Name: __pvi
Value: %7B%22id%22%3A%22v-l6q749bv6pkhrn5s%22%2C%22domain%22%3A%22.globo.com%22%2C%22time%22%3A1660292217178%7D
.globo.com/ Name: _pctx
Value: %7Bu%7DN4IgDghg5gpgagSxgdwJIBMQC4QBsBsAjgOwAsAnAEYBOxuAHAC6kqkgA0INA9sgM4xqGbHiJkq1AJ4BbagGMaktpwCuA6n2wA7Fblyr1AZUYRGakRC3ctHEHwSMYwnKWIBWfAEY3xAExfifHpfX09SfHIQAF8gA
.globo.com/ Name: xbc
Value: %7Bkpex%7DE0DGYnq4OZTrLJHRAI-PovZlppFkJX8xjWkU7AOmMtbTvMck2CnWmE0yqXzr0noA5IHSG_4wTrdM49JSamY89AJtoCYgB3yJz2oPZYbpNZU7Wu7Dc4-E8-41iCX3quAUg7F47KbZZkI--FVQ1pfxTVc6Zfz3VrueAfKGKcuHMJIO9zVhXso-h33KTdtdxSRtSKAa0x5cOqgpGNQ2T28-XeAyPyuqFkpMiMWmEoORLn8mIOzPgqUVK0HdQad0plR7Oe9bQYw1hMAbGFxqBNpJDgBmDBuc0z2YbhAXhR3VnQ-ICD-BAf6vRR2edtTlDuW0OtZjo--bNBimCTAa-34tV0DnQhGunWwO2V9mrNg_2GO6as3m0LTUf12bzJT1m4NyRQKHvW57QkaHXcsl_CNoskm4K9N8-RM8oGk_MbO23KPdSc8DhnJ3l9ZuQBCavelkOr1NiDkPfWx8kewebxxDH7Lz-A3OJEpMllJkIsNdZk4
glamour.globo.com/ Name: __adblocker
Value: false
.globo.com/ Name: cX_S
Value: l6q749rfl0cbofuk
.globo.com/ Name: _hjSessionUser_2732676
Value: eyJpZCI6IjY5NDUyOWYyLWUzZTgtNWI5OC1iMTI3LWI0M2NiNGVlNzhlYSIsImNyZWF0ZWQiOjE2NjAyOTIyMTcxNDQsImV4aXN0aW5nIjpmYWxzZX0=
.globo.com/ Name: _hjFirstSeen
Value: 1
glamour.globo.com/ Name: _hjIncludedInSessionSample
Value: 0
.globo.com/ Name: _hjSession_2732676
Value: eyJpZCI6IjcwYWY0YmZiLWFkNmEtNGE2Yi04MjdkLTgwN2RiYjcxMjYwOCIsImNyZWF0ZWQiOjE2NjAyOTIyMTcyNjQsImluU2FtcGxlIjpmYWxzZX0=
.globo.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.globo.com/ Name: utag_main
Value: v_id:01829120b1c900ad7d2d9a0dcbe003073006a06b00b08$_sn:1$_ss:0$_st:1660294017269$ses_id:1660292215242%3Bexp-session$_pn:1%3Bexp-session
.globo.com/ Name: lotame_domain_check
Value: globo.com
.openx.net/ Name: i
Value: 6ca42b91-2e94-40e2-ab45-48127f182bfe|1660292217
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 9aa040ed733d8819d451461787c6d572
.globo.com/ Name: _cc_id
Value: 9aa040ed733d8819d451461787c6d572
.globo.com/ Name: panoramaId_expiry
Value: 1660897017689
.globo.com/ Name: panoramaId
Value: 07ef451a530f5ca6f9ea3c08367316d53938436257fa5a9bb7b14dcebfd95ad8
.cxense.com/ Name: gckp
Value: cx:2y0fykcpt4yk81n0a85izumdaf:ayu7auspft2r
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YvYMeQAF1xc1xgA0
.bidswitch.net/ Name: tuuid
Value: 9f6c8083-3ab4-40a9-9e61-00d2d73f3398
.bidswitch.net/ Name: c
Value: 1660292217
.adsrvr.org/ Name: TDID
Value: b88f2951-bac5-41e7-bff4-9adb35ec6b09
.globo.com/ Name: __gads
Value: ID=a17c416f40ba3ab0:T=1660292217:S=ALNI_MZef1q0nhAz143tY1Ia_bnZVcneMQ
.globo.com/ Name: __gpi
Value: UID=000006f10df361b6:T=1660292217:RT=1660292217:S=ALNI_MZkUYPurO4IAqAs4f6Qck3UyLpE8Q
.teads.tv/ Name: tt_viewer
Value: 662316d2-50b9-4c8f-8e17-02d073b6cacc
.bidswitch.net/ Name: tuuid_lu
Value: 1660292218
.globo.com/ Name: cX_G
Value: cx%3A2y0fykcpt4yk81n0a85izumdaf%3Aayu7auspft2r
.openx.net/ Name: univ_id
Value: 537072971|b88f2951-bac5-41e7-bff4-9adb35ec6b09|1660292218123411
.lkqd.net/ Name: lkqdidts
Value: 1660292218
.lkqd.net/ Name: sr103
Value: 1||1660292218
.lkqd.net/ Name: lkqdid
Value: cK_eA7gHoeQ
ads.stickyadstv.com/ Name: UID
Value: d1da37587edc87dd7d8c185575c8f6
ads.stickyadstv.com/ Name: sessionId
Value: a0233dbfe21d63f0af54c51a4c43d39a
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-b36f9cd5-4262-4e82-6e70-98a71b55779c.dMU8DIiDu9kIN5UJF0IAPps6C6IOWLDvTNf%2BeK65Bxg
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3As2-c1UJiToJucJinG1V3nJU4mbM.hgSPB%2BSdqsX%2F6WbpALckG%2BlFAkzt1sd6xMFwePOOCQo
.seedtag.com/ Name: st_uid
Value: 6c06c679-d1d3-4658-a54a-6dd19e66fc43
.seedtag.com/ Name: st_ssp
Value: Y291bnRyeV9uYW1lPUNhbmFkYSZjb3VudHJ5X2lzbzI9Q0EmY291bnRyeV9pc28zPUNBTiZyZWdpb25fbmFtZT1RdWViZWMmcmVnaW9uX2lzbzI9UUMmY2l0eV9uYW1lPU1vbnRyZWFsJmxvbmdpdHVkZT0tNzMuNTg0OCZsYXRpdHVkZT00NS40OTk1JnppcD1IM0c=
s.seedtag.com/ Name: gv
Value: -
.csync.loopme.me/ Name: viewer_token
Value: 779dc6d7-1e55-47c6-b42b-4e6acd827fa5
.vidoomy.com/ Name: vidoomy-uids
Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6IjlmNmM4MDgzLTNhYjQtNDBhOS05ZTYxLTAwZDJkNzNmMzM5OCIsImV4cGlyZXMiOjE2NjI4ODQyMTh9fX0=
.turn.com/ Name: uid
Value: 4276077296345607779
.globo.com/ Name: _pubcid
Value: 176c1745-4f32-4b97-aa69-f3cff6a6997a
.lkqd.net/ Name: sr93
Value: 1|s2-c1UJiToJucJinG1V3nJU4mbM|1660292218
.lkqd.net/ Name: sr54
Value: 1|779dc6d7-1e55-47c6-b42b-4e6acd827fa5|1660292218
.krushmedia.com/ Name: krm_r
Value: 57
.krushmedia.com/ Name: krm_usr
Value: 5042e837-c4e3-489a-a4a5-589d957654b0
.lkqd.net/ Name: sr102
Value: 1|5adfff11-2848-4efa-8e23-450b71d53f6e|1660292218
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
.lkqd.net/ Name: sr6
Value: 1||1660292218
.lkqd.net/ Name: sr25
Value: 1||1660292218
.lkqd.net/ Name: sr45
Value: 1||1660292218
.lkqd.net/ Name: sr55
Value: 1||1660292218
.lkqd.net/ Name: sr86
Value: 1||1660292218
.lkqd.net/ Name: sr97
Value: 1||1660292218
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjS3MDY3Nzc2NLE0NbG0NDOzNBPiM9RNza90dC_OcY5wsnAGAKKiETUlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjS3MDY3Nzc2NLE0NbG0NDOzNBPiM9RNza90dC_OcY5wsnAGAKKiETUlAAAA
.adnxs.com/ Name: icu
Value: ChgIw_N4EAoYASABKAEw-pjYlwY4AUABSAEQ-pjYlwYYAA..
.adhaven.com/ Name: uid
Value: 4c_612ffa93-2cdc-4884-875c-60673a5fb803
.quantserve.com/ Name: mc
Value: 62f60c7a-c1625-df088-a2c69
.bidr.io/ Name: bito
Value: AADwMk7F7BkAABENckpF8w
.bidr.io/ Name: bitoIsSecure
Value: ok
.casalemedia.com/ Name: CMID
Value: YvYMeptZyA.1HFbuQyqMsAAA
.casalemedia.com/ Name: CMPS
Value: 479
.casalemedia.com/ Name: CMPRO
Value: 479
.360yield.com/ Name: tuuid
Value: ea9885a8-0f84-4e27-872a-648e2874a0f2
.360yield.com/ Name: tuuid_lu
Value: 1660292218
.omnitagjs.com/ Name: ayl_visitor
Value: d308ebb0c9a7388ebc3aac5fd6339674
.lkqd.net/ Name: sr94
Value: 1|4276077296345607779|1660292218
.lkqd.net/ Name: sr22
Value: 1|b88f2951-bac5-41e7-bff4-9adb35ec6b09|1660292218
.lkqd.net/ Name: sr59
Value: 1|CAESEH_wnleCn6RqS9LRrUx5SWQ|1660292218
.lkqd.net/ Name: sr90
Value: 1|4c_f59ee970-2706-40c0-8d02-a96a6b530af8|1660292218
.lkqd.net/ Name: sr52
Value: 1|YvYMeQAF1xc1xgA0|1660292218
.lkqd.net/ Name: sr76
Value: 1|gv-Pr4Su3viZrtivhvjE_dL90aGZrNv6gvRBfrwH|1660292218
.lkqd.net/ Name: sr80
Value: 1|AADwMk7F7BkAABENckpF8w|1660292218
.contextweb.com/ Name: V
Value: hMxmzlf716FU
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 9bfea99f179744e0
.sabio.us/ Name: sbid
Value: 7178279213840977713
.spotxchange.com/ Name: audience
Value: 22d04db5-1a17-11ed-9272-185744bf0403
.lkqd.net/ Name: sr53
Value: 1|hMxmzlf716FU|1660292218
.lkqd.net/ Name: sr39
Value: 1|7178279213840977713|1660292218
.33across.com/ Name: 33x_ps
Value: u%3D2294083809199%3As1%3D1660292218875%3Ats%3D1660292218875
.pubmatic.com/ Name: KRTBCOOKIE_1235
Value: 23226-1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8:$UID
.lkqd.net/ Name: sr7
Value: 1|RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005|1660292219
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16100%3b%24o%3d11100
.lkqd.net/ Name: sr85
Value: 1|18072662274873668336|1660292219
.creative-serving.com/ Name: tuuid
Value: 10e60be2-121c-4a78-ad2a-b2bc2b15a74a
.creative-serving.com/ Name: c
Value: 1660292219
.creative-serving.com/ Name: tuuid_lu
Value: 1660292219
.tidaltv.com/ Name: tidal_ttid
Value: f842d39a-2807-4d90-82ff-2b72e6e18d37
.zemanta.com/ Name: zuid
Value: CAj9tp6lCQS85i0jAlFa
.richaudience.com/ Name: pdid
Value: e67ee749-143a-4422-8345-1zz1660292219
glamour.globo.com/ Name: cto_bidid
Value: Ni9AsV9FTTZJVFZyWUxyZFpsSUMlMkYwQUMlMkY4MTNyaHU3dXRCMW43dGU0MjNRNW1leFFpdDZPZnhIbkttWUMwUkJ1UDNBUU9pMyUyQkFFM2U0bEF5WnpLVSUyQmRoZyUyQnY4c3pWUVZFNVgwJTJGYzcyMU9FbjJTOCUzRA
glamour.globo.com/ Name: cto_bundle
Value: osIh419oMmhmMkJYaldCJTJGb28lMkJhNDBmWXdvNHFZSkJvWG1RQVV4WTExQktjalhxTjVOUnp3N2V2UUJUTngwZ0NibFRXVkkzU1VWdkJ1NjJSSnAwQSUyRmJ6MlN4a1hRRSUyRkpzenBlNEJ4Skw3NW50VklGdVpNTzJBUXMlMkZPeTglMkY5OFdsUTNzNXo4aEJmUnVJcVJOUnl3OFYlMkJyN0lwUSUzRCUzRA
.sportradarserving.com/ Name: zuuid
Value: bc77cc45-fdc5-4c9d-aaa4-0c86ddd72db0
.sportradarserving.com/ Name: c
Value: 1660292219
.sportradarserving.com/ Name: zuuid_lu
Value: 1660292219
.tynt.com/ Name: uid
Value: O6sNR2L2DHs+sn6KM4mZag==
.lijit.com/ Name: ljt_reader
Value: FIewiLZHvvFnkDbISHKtAJTx
.smaato.net/ Name: SCM
Value: 6c322cab
.adform.net/ Name: C
Value: 1
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnXwG7YOH4eI0GJ1D-D3I4nQiwIrtyOEFocInC1_9O5GfWmPQpJWr2wuH_8pQC4TM1
.lijit.com/ Name: _ljtrtb_42
Value: 1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1660292219180%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1660292219180%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1660292219180%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1660292219180%7D%2C%7B%22p%22%3A%2222833ea406%22%2C%22f%22%3A1%2C%22ts%22%3A1660292219180%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1660292219180%7D%5D
.smaato.net/ Name: SCMv
Value: 6c322cab
.lkqd.net/ Name: sr23
Value: 1|f842d39a-2807-4d90-82ff-2b72e6e18d37|1660292219
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 70B1E182-C5A6-4B0E-914D-DCB16A48E702
.adform.net/ Name: uid
Value: 4985186688463408566
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1660292219
.lkqd.net/ Name: sr13
Value: 1|779dc6d7-1e55-47c6-b42b-4e6acd827fa5|1660292219
.lkqd.net/ Name: sr109
Value: 1|6c322cab|1660292219
.lkqd.net/ Name: sr12
Value: 1|9f6c8083-3ab4-40a9-9e61-00d2d73f3398|1660292219
.creativecdn.com/ Name: u
Value: zyA5VdCCDerQ1QP3TvEu
.creativecdn.com/ Name: ts
Value: 1660292219
.lkqd.net/ Name: sr43
Value: 1|9f6c8083-3ab4-40a9-9e61-00d2d73f3398|1660292219
.mfadsrvr.com/ Name: tuuid
Value: 63a5f202-c472-42d0-9626-c25841625417
.mfadsrvr.com/ Name: c
Value: 1660292219
.mfadsrvr.com/ Name: tuuid_lu
Value: 1660292219
.richaudience.com/ Name: cmpsync
Value: 1
.aniview.com/ Name: aniC
Value: e0a062c9-8bf8-48ab-bf86-90e0df03fa89
sync.aniview.com/ Name: aniC
Value: e0a062c9-8bf8-48ab-bf86-90e0df03fa89
.3lift.com/ Name: tluid
Value: 4436417915014705237908
.lkqd.net/ Name: sr46
Value: 1|9f6c8083-3ab4-40a9-9e61-00d2d73f3398|1660292219
.smadex.com/ Name: smxtrack
Value: 37bc2ea4-d6de-4028-8041-54e91ec2ac6d
.smadex.com/ Name: smxbds
Value: 1
.quantserve.com/ Name: d
Value: EI0BEgHrJvijCqqJMA
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-s2-c1UJiToJucJinG1V3nJU4mbM
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&c4f024ce-eff2-410f-806a-ba6e4b8c45c7"
.linkedin.com/ Name: lidc
Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2369:u=1:x=1:i=1660292219:t=1660378619:v=2:sig=AQEP8U5v8SvqzTeeldtyvQT5K74avKw4"
.deepintent.com/ Name: CDIUSER
Value: di_8e26fc569f664441815e1
.adgrx.com/ Name: ADGRX_UID
Value: 23234c52-1a17-11ed-9465-f3edc820c7ab
.acuityplatform.com/ Name: auid
Value: 685754946922
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBQSQkDBOEmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUEkJAwThI90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.mfadsrvr.com/ Name: ssh
Value: !taboola,1660292219
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-cd84a901-d0df-4be7-b718-962708b5da28&KRTB&23340-cd84a901-d0df-4be7-b718-962708b5da28
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7135786191051565085P
.owneriq.net/ Name: pmc
Value: 1
.ipredictive.com/ Name: cu
Value: 1f908b89-879f-4467-acd7-d70027d2a07e|1660292219470
.mathtag.com/ Name: uuid
Value: 3f4262f6-0c7b-4700-a042-2230177506f6
.smartadserver.com/ Name: pid
Value: 3845884433550291021
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-685754946922
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-23234c52-1a17-11ed-9465-f3edc820c7ab&KRTB&23275-23234c52-1a17-11ed-9465-f3edc820c7ab
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-b88f2951-bac5-41e7-bff4-9adb35ec6b09&KRTB&22918-b88f2951-bac5-41e7-bff4-9adb35ec6b09&KRTB&23031-b88f2951-bac5-41e7-bff4-9adb35ec6b09
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4985186688463408566&KRTB&23263-4985186688463408566
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 562c12ab-42ac-4d31-9b38-debb46a9cd2d
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:b4cf62f6-0c7b-4900-ab8c-6e8655895a65&KRTB&16736-uid:b4cf62f6-0c7b-4900-ab8c-6e8655895a65&KRTB&23019-uid:b4cf62f6-0c7b-4900-ab8c-6e8655895a65&KRTB&23208-uid:b4cf62f6-0c7b-4900-ab8c-6e8655895a65
.media.net/ Name: visitor-id
Value: 3032938191454716000V10
.blismedia.com/ Name: b
Value: 62F60C7B759769CBB05F7D22BLIS
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4276077296345607779&KRTB&23150-4276077296345607779
.media.net/ Name: data-g
Value: CAESEOy8uLIsPSwzt05dBvjJSjw~~6
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA12dQ9P0Q02zHYPD88sjcpyiow3KQ6ySA7iNTQzMzCyNDIytDQ1NnzFiMoHAFV1OzI9AAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA12dQ9P0Q02zHYPD88sjcpyiow3KQ6ySAYA6hBEah4AAAA
.smartadserver.com/ Name: csync
Value: 107:1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8|124:779dc6d7-1e55-47c6-b42b-4e6acd827fa5
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEHD19s7l5WMz-KQ2stn42hA&KRTB&22987-CAESEHD19s7l5WMz-KQ2stn42hA&KRTB&23025-CAESEHD19s7l5WMz-KQ2stn42hA&KRTB&23386-CAESEHD19s7l5WMz-KQ2stn42hA
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4838819436260598658&KRTB&23339-4838819436260598658&KRTB&23388-4838819436260598658
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-l96el5GPz8CMj8mXk9nVxcfcwJmMjcrCl9Wb7ZIr&KRTB&19420-l96el5GPz8CMj8mXk9nVxcfcwJmMjcrCl9Wb7ZIr&KRTB&22979-l96el5GPz8CMj8mXk9nVxcfcwJmMjcrCl9Wb7ZIr&KRTB&23403-l96el5GPz8CMj8mXk9nVxcfcwJmMjcrCl9Wb7ZIr
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341
.pubmatic.com/ Name: KRTBCOOKIE_286
Value: 5193-Q7135786191051565085&KRTB&22521-Q7135786191051565085
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 9e7f3da7-9383-53e0-8f00-1e45edf6123e
.betweendigital.com/ Name: ss
Value: 1
.emxdgt.com/ Name: uid
Value: 53611660292219594232ab
.adotmob.com/ Name: uid
Value: 0801220407eff893dbec616e
.adotmob.com/ Name: uuid
Value: 0801220407eff893dbec616e
.adotmob.com/ Name: partners
Value: AYL%3A1660292219595
.simpli.fi/ Name: suid
Value: 8315754224554931B82C11B06ADF48C8
.pippio.com/ Name: did
Value: 9Dsxzatnk1XUR5Wc
.pippio.com/ Name: didts
Value: 1660292219
.pippio.com/ Name: nnls
Value:
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YvYMeQAF1xc1xgA0&KRTB&22978-YvYMeQAF1xc1xgA0&KRTB&23194-YvYMeQAF1xc1xgA0&KRTB&23209-YvYMeQAF1xc1xgA0
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-1f908b89-879f-4467-acd7-d70027d2a07e&KRTB&23011-1f908b89-879f-4467-acd7-d70027d2a07e&KRTB&23355-1f908b89-879f-4467-acd7-d70027d2a07e
.mxptint.net/ Name: mxpim
Value: R1B341_F47CC22C_FF438A0D.1.000000000000000062F60C7B
.technoratimedia.com/ Name: tads_uid
Value: 14E007207C1042BAB885E0FAC3A8C6AC
.technoratimedia.com/ Name: tads_uid_cd
Value: 20220812041659-0400
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: tads_uidp_73
Value: AADwMk7F7BkAABENckpF8w
.betweendigital.com/ Name: ut
Value: YvYMewAJqKhMUpN00xgNJBi5BqCPg1hHMmJicA==
.e-volution.ai/ Name: v_usr
Value: 9930cb3e-b9bc-4f8d-ba6b-6a95d8294df3
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AADwMk7F7BkAABENckpF8w
.openx.net/ Name: pd
Value: v2|1660292217.2|iKvMgakWgy.bwuYvPhEgKg2
.adx.opera.com/ Name: UID
Value: de512e07917145d9bbd473b9fcb40bff
.amazon-adsystem.com/ Name: ad-id
Value: A_7aF-qIaUg7pz75BJzUpIs
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005&KRTB&17107-RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005
.adkernel.com/ Name: ADKUID
Value: A8197508655130880941
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:8315754224554931B82C11B06ADF48C8
.id5-sync.com/ Name: id5
Value: 3f1b17c6-dd12-4eb5-9ae7-cb2658732cda#1660292219377#3
.id5-sync.com/ Name: callback
Value: https%3A%2F%2Fsync.richaudience.com%2Fa6c163b098d05a413cd1682e26fae172%2F%3Fuid%3D%7BID5UID%7D
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R1B341_F47CC22C_FF438A0D&KRTB&23092-R1B341_F47CC22C_FF438A0D
.zeotap.com/ Name: zc
Value: 7351786a-e0d8-4f6b-5153-d1ba26190284
.zeotap.com/ Name: zsc
Value: %85%A1%07sI%B4%957%D6%5D%9B%05w%F7%09%0F%CFh%D7_Y%DE%CB%A0r%C2%D7%BFx%DBr%8Fubd%B3%9D%F6%1A%A8%C4d%CB%21%3DA%A9%D3%AFLw0Rp+%D9%E7%1Be%E2%C3%95%F9.%9F%1F%A3%09%AB%21%15%F3%D3%AE%D7%EC%28%E9%8E%29%05z%A9D%2F
.globo.com/ Name: __qca
Value: P0-2048920885-1660292218886
.aniview.com/ Name: 2_C_55
Value: 4838819436260598658
sync.aniview.com/ Name: 2_C_55
Value: 4838819436260598658
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAEenv8SllOlANBxLGhAAAAAAA&KRTB&22713-AAAEenv8SllOlANBxLGhAAAAAAA&KRTB&22715-AAAEenv8SllOlANBxLGhAAAAAAA
.aniview.com/ Name: 2_C_2
Value: 22d04db5-1a17-11ed-9272-185744bf0403
sync.aniview.com/ Name: 2_C_2
Value: 22d04db5-1a17-11ed-9272-185744bf0403
.e-volution.ai/ Name: ADK_EX_193
Value: 1
.e-volution.ai/ Name: ADKUID
Value: A8197508655130880941
.server.cpmstar.com/ Name: USER_ID
Value: %9f%e7%27%c5%1a%ff%c4%1f%9fg%23%fc%96Fc
.pippio.com/ Name: pxrc
Value: CPuY2JcGEgQIAhAAEgYI7OsBEAA=
.spotim.market/ Name: vmuid
Value: 89046e99fc5497cd
.tapad.com/ Name: TapAd_TS
Value: 1660292220004
.tapad.com/ Name: TapAd_DID
Value: f89f2ecc-d918-4ba9-b6f0-2c45fbe382da
.emxdgt.com/ Name: apn_id
Value: 4838819436260598658
.smaato.net/ Name: SCMaps
Value: 6c322cab
.seedtag.com/ Name: st_cs
Value: FNtVlWT3XsaOc+AshHI+s59Nhd/r5MuT3HLxu290WAJaxWNlcesNorlTGPJVtdDGdBwK15hP0B7/HAk1bcaK5Y++6rEuinkcEn7OD07OTG3M3X7sIHGEBv+3Kh6dQ0FKzMUGKcqUSTvqbpBVT5Wo76IV1xClIkPbdSPuhSPeOMmtUrXsAs8HgJvVRt57Qd2k7qUTIodeNEIyvGmyOizVXEpztVk+LZFboqDqUnr9WLc3heQU0wjTUgiBBaEzj7Xo/12MHGt/e948ucjivhZgcHqJkoNxoE72m7pVjrBIOEHT++1A4eV+qKU2aEQUeakpbJV9jETPT80ws81FVtEYAOJrrN9s3J7kBxiAy4TX8LijbV61GPReDyc7CuRI+NNrZOMoXobPdlrS9ciWkEAq16fL+PEcULFJFkRJmYnqYoETXjdfT3I1MJY7OLUfFX533cixCn9MWXwFg6KhbgB9i0jxvjqewN7S4sweai5c42b+pCZKdgYSR6B9yQAR9IdN4fGLsIDUKrQbogls+IoZNgJComVM7M29jyzIv79C/Rs=
.seedtag.com/ Name: st_csd
Value: 1660292220119:1660292220119
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-9f6c8083-3ab4-40a9-9e61-00d2d73f3398
.pubmatic.com/ Name: PugT
Value: 1660292220
.richaudience.com/ Name: avcid-zeo-uid
Value: 7351786a-e0d8-4f6b-5153-d1ba26190284
.richaudience.com/ Name: avcid-yho-uid
Value: y-GGO5hFJE2uHPcDF0tm9CIuHvW1eL_xKfQl1VqTc-~A
.richaudience.com/ Name: avcid-sov-uid
Value: FIewiLZHvvFnkDbISHKtAJTx
.richaudience.com/ Name: avcid-opx-uid
Value: 5da55d22-df2d-4863-aaae-0dc136787b49
.richaudience.com/ Name: avcid-sma-uid
Value: 3845884433550291021
.w55c.net/ Name: wfivefivec
Value: EuNKy5Se1OmpQM5
.spotim.market/ Name: a271858
Value: 4838819436260598658
.linksynergy.com/ Name: rmuid
Value: 37ebf2bc-982a-4bc1-96f1-311c392b6bb1
.linksynergy.com/ Name: icts
Value: 2022-08-12T08:17:00Z
.casalemedia.com/ Name: CMRUM3
Value: 2d62f60c7c05a0&6962f60c7c05a0&f162f60c7c05a0&e662f60c7c2760&da62f60c7c2760&2762f60c7c0b40&2962f60c7c05a0&7b62f60c7c05a0
.casalemedia.com/ Name: CMST
Value: YvYMfGL2DHwA
.rlcdn.com/ Name: rlas3
Value: fsqKKW/yh20EC5opwymZLehDA+Ih0n32dNUnyjWhpJg=
.rlcdn.com/ Name: pxrc
Value: CPuY2JcGEgUI6EcQABIGCLjrARABEgYIkLwrEAA=
.gumgum.com/ Name: vst
Value: u_72b13e66-8638-4bdc-975a-2eec0f6e1321
.w55c.net/ Name: matchpubmatic
Value: 5
.postrelease.com/ Name: visitor
Value: 7d3c15cb-e172-46cd-9df3-b15717929f10
.postrelease.com/ Name: status
Value: 1
.sharethrough.com/ Name: stx_user_id
Value: cda4531b-827a-4e26-8826-4ac73e3d9478
.rubiconproject.com/ Name: audit
Value: 1|14t1MDWxkCI0KP0kOghcKvWEUO5K+sXJDHRCollqtEseECEUBMheipOslAfi692ISRcoMpMzz2tBK03vAHceEPr3WPd2E0YenpU6Ba30WRJdnSoRwMVlFZE7jmj16+GK+fGjVWLbzJSjN0JEdN7yIw==
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:EuNKy5Se1OmpQM5
.globo.com/ Name: _fbp
Value: fb.1.1660292220327.1141209380
.aniview.com/ Name: 2_C_5
Value: L6Q748YP-1X-5LKK
sync.aniview.com/ Name: 2_C_5
Value: L6Q748YP-1X-5LKK
.facebook.com/ Name: fr
Value: 0wR8Klf6iYfENYaDp..Bi9gx8...1.0.Bi9gx8.
.dotomi.com/ Name: DotomiTest
Value: 76a6b92fcea8122b
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%22142%22%3A%2220220812%22%7D
.adgrx.com/ Name: ADGRX_CM_CASALE_BRIDGED
Value: 1
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjIwtzI0tNA1NDbTNTQA0ubGQNpS19DIHAAQf482HQAAAA=="
beacon.lynx.cognitivlabs.com/ Name: ss
Value: mDydGKjEdQLUtWXIcI2632YdB0G2iRQ8oi15kZ158PHejknZlEtb9vD5STCXKWO9XfEdjpzYQii9OU0DBvj8gYGfZ2KSnFdWZnCHf77JDCw%3D
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY2MDI5MjIxOTM5MiwiMyI6MTY2MDI5MjIyMDUwNiwiMzkiOjE2NjAyOTIyMTg3ODQsIjciOjE2NjAyOTIyMTg3ODQsIjc1IjoxNjYwMjkyMjE4Nzg0LCI2NCI6MTY2MDI5MjIyMDUwNn0
.outbrain.com/ Name: obuid
Value: 8f5039f6-098d-4768-be4a-9e2877057ae6
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Il^o.i7m!]tb.8i_iqf!oN/@E'zz<*Z0Q^NCE(/=Q!Ynp[ucs7d>sCc'/n3.6Av4R$r!TD._*PlZ[C[-kX-7H$C6
.aniview.com/ Name: 2_C_72
Value: 3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341
sync.aniview.com/ Name: 2_C_72
Value: 3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.connextra.com/ Name: CxtId
Value: f3b3a71c-fa17-4f8c-9cb5-dc15bc40de72
.connextra.com/ Name: Bet99
Value: A%7Cpostimpression%7C1%7C202208120917%7C7%7CDDM_APN_SB_ACQ_CA_FR_300x600%7CDDM_SB_ACQ_CA_FR_FootballJun2022_300x600%7C%7C%7CX9oIwlrSQeChB6e0mrm_lg
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1fhf|2N.0.AAAEfVOUzjrYxQMp4D20AAAAAAA|3oy.0.3b411936-d003-4cd9-9e67-af68dedd1a6e-62f60c78-4341|4is.0.CAESELQYgmFs68ofCNAgncefWRQ|7bq.0.1|5Ql.0.1b7a3706-5ce3-4dc6-aae6-52acbdcedb68-tuct9ef91f8
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005%22%7D
.casalemedia.com/ Name: CMTS
Value: 129
.go.sonobi.com/ Name: __uis
Value: 68c2bd3f-a362-4eac-be9c-d1e0fe3062fe
.go.sonobi.com/ Name: HAPLB8S
Value: s8598|YvYMc
.spotxchange.com/ Name: sl
Value: eyJnIjpmYWxzZSwicyI6IjI0OTI4NiIsInNwIjo3LCJpIjp0cnVlLCJscCI6NjY1MywiZ2NzIjoiIiwicGwiOltdLCJzaWQiOiIyMmQwNGRmZC0xYTE3LTExZWQtOTI3Mi0xODU3NDRiZjA0MDMiLCJzb2wiOjcsInNsIjowfQ==
.spotim.market/ Name: a488792
Value: y-RydbI5hE2uFDB9iSgTjz3M_1h9BFwOrDNIvwXc0-~A
.spotim.market/ Name: a309017
Value: ${USER_ID}
.analytics.yahoo.com/ Name: IDSYNC
Value: "1982~26jk:192z~26jk:190u~26jk:191c~26jk:196m~26jk:18za~26jk:18yx~26jk"
.spotim.market/ Name: a482928
Value: 86d69b07-3e8c-4cfc-9a1f-40ef9a64da8e
.tribalfusion.com/ Name: ANON_ID
Value: aonxQ0q0I1e9yNy6Qv6QglvWF5NW8WvTi5WEQjUTJ1o8YaR7YB1v2fcTrMIf2UZbVhkkeRJZcmfGMD2C5or1Q4NmhwvZbbNEYAAnfZcfFiL0o01l2uhCvWnrt4wUg1tRXMIytUKb
.samplicio.us/ Name: _ftv
Value: 1c124b1a-e6ee-4309-8050-217cfd1210ab
.pubmatic.com/ Name: PUBMDCID
Value: 2
.pubmatic.com/ Name: pp
Value: 156498
.pubmatic.com/ Name: PMDTSHR
Value: cat:
.fg8dgt.com/ Name: tuuid
Value: 6cb36c40-8c62-4ffe-8686-dfa7226d5fb1
.fg8dgt.com/ Name: c
Value: 1660292221
.fg8dgt.com/ Name: tuuid_lu
Value: 1660292221
.socdm.com/ Name: SOC
Value: YvYMfcCo5ssAAGs0pLYAAAAA
.spotim.market/ Name: a708476
Value: RX-505d6b14-b8dd-4151-861b-7b8be62c9851-005
.pubmatic.com/ Name: DPSync3
Value: 1661472000%3A245_219_221_228_201_197_236_226%7C1660867200%3A164_248%7C1660348800%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1661472000%3A204_3_71_189_238_233_231_165_22_166_55_178_21_7_220_239_176_96_48_104_222_234_8_13_5_57_243_240_81_54_56_99%7C1661126400%3A63%7C1660867200%3A223_2_15_38%7C1665446400%3A69%7C1660694400%3A216%7C1661558400%3A35%7C1662854400%3A224
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!5384
io.narrative.io/ Name: io.narrative.guid.v2
Value: 24d12650-1a17-11ed-afed-0af9eb55f11f
.globo.com/ Name: cto_bundle
Value: y2A_EV92MnFuYktsQXUlMkZ5QUlmUThPTWZsUFNYUEZ1SlRUM2E0ckdPT2xTWTNMUjhKcXRkejl3T0xEMlppQ0htUVBFVUUzaWNEU044Yk92TzdrZklWelFqOWd3S1ZzcE9EUHdkRWEzbkNpdmsxTHpHQnVzd1hMeWhFZ1d0YlB2JTJGcURSanlUUWhRM3lWNmx1emMlMkJWelMwJTJCc2FEZyUzRCUzRA
.glamour.globo.com/ Name: cto_bundle
Value: y2A_EV92MnFuYktsQXUlMkZ5QUlmUThPTWZsUFNYUEZ1SlRUM2E0ckdPT2xTWTNMUjhKcXRkejl3T0xEMlppQ0htUVBFVUUzaWNEU044Yk92TzdrZklWelFqOWd3S1ZzcE9EUHdkRWEzbkNpdmsxTHpHQnVzd1hMeWhFZ1d0YlB2JTJGcURSanlUUWhRM3lWNmx1emMlMkJWelMwJTJCc2FEZyUzRCUzRA
.globo.com/ Name: cto_bidid
Value: o5zjuF9kOHowMkZiTDE0NGlMakRuQWxsUlBlbkNWN0xvZmtLNiUyRlR4UTFZVHVsTWxSSWFONXhGOUtGN0VFcEZvVkM5dmVEZkRPZ0w3R2NTb21tTjRseHRsYXpKT3VWWEpraHElMkZHeHpDcElyWXN6Y1ElM0Q
.glamour.globo.com/ Name: cto_bidid
Value: o5zjuF9kOHowMkZiTDE0NGlMakRuQWxsUlBlbkNWN0xvZmtLNiUyRlR4UTFZVHVsTWxSSWFONXhGOUtGN0VFcEZvVkM5dmVEZkRPZ0w3R2NTb21tTjRseHRsYXpKT3VWWEpraHElMkZHeHpDcElyWXN6Y1ElM0Q
.mediarithmics.com/ Name: mics_vid
Value: 28682834164
.mediarithmics.com/ Name: mics_uaid
Value: web:1:805965f2-3f5e-4c57-b5a8-0bac3808985f
.mediarithmics.com/ Name: mics_lts
Value: 1660292222526
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1660313822755
.id5-sync.com/ Name: 3pi
Value: 464#1660292219574#460518691|2#1660292220081#398330321#4838819436260598658|434#1660292220981#1252579085|18#1660292222979#-1100387654|3#1660292220462#157011532#3f4262f6-0c7b-4700-a042-2230177506f6|136#1660292221624#722191317|108#1660292221463#-965311983|429#1660292220592#-509313901|286#1660292219704#2032577718
.spotim.market/ Name: a448580
Value: 70B1E182-C5A6-4B0E-914D-DCB16A48E702
ads.stickyadstv.com/ Name: uid-bp-30833
Value: 1
ads.stickyadstv.com/ Name: pxId
Value: 7169
.pubmatic.com/ Name: SPugT
Value: 1660292223
.fwmrm.net/ Name: _uid
Value: "e98a0_7130900803883391788"
ads.stickyadstv.com/ Name: uid-bp-36033
Value: e98a0_7130900803883391788
ads.stickyadstv.com/ Name: MRM_UID
Value: e98a0_7130900803883391788
ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEHctj1uYrJEbTpiR3XMcMT0
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCJrrhPihkf46EAUSFwoIcHVibWF0aWMSCwiE9ND5oZH-OhAFEhsKDHNoYXJldGhyb3VnaBILCIKSuISikf46EAUSFAoFdGFwYWQSCwigpbeUopH-OhAFGAEgASgCMgsI7r-P1riR_joQBTgBWglzdGlja3lhZHNgAg..
ads.stickyadstv.com/ Name: uid-bp-892
Value: b88f2951-bac5-41e7-bff4-9adb35ec6b09
ads.stickyadstv.com/ Name: uid-bp-717
Value: y-CAfy7e5E2oNeODdtOClIQM25PqIO3FNIolxDj4.0~A
ads.stickyadstv.com/ Name: uid-bp-951
Value: 4838819436260598658

37 Console Messages

Source Level URL
Text
network error URL: https://fonts.gstatic.com/
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://r.nexac.com/e/getdata.xgi?dt=br&pkey=gpwn29rvapq62&ru=https://beacon.krxd.net/data.gif?_kuid%3DPA2gS8g7%26_kdpid%3D2dd640a6-6ebd-4d4f-af30-af8baa441a0d%26dlxid%3D%3Cna_id%3E%26dlxdata%3D%3Cna_da%3E
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://globo-mab.globo.com/mab/bastian-advwblt-r5:glamour:desktop:multicontent:dinamico/chooseAndIncrement
Message:
Failed to load resource: the server responded with a status of 422 ()
network error URL: https://globo-mab.globo.com/mab/bastian-advwblt-r5:glamour:desktop:multicontent:ep/chooseAndIncrement
Message:
Failed to load resource: the server responded with a status of 422 ()
network error URL: https://r.nexac.com/e/getdata.xgi?dt=br&pkey=gpwn29rvapq62&ru=https://beacon.krxd.net/data.gif?_kuid%3DPA2gS_tb%26_kdpid%3D2dd640a6-6ebd-4d4f-af30-af8baa441a0d%26dlxid%3D%3Cna_id%3E%26dlxdata%3D%3Cna_da%3E
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://horizon-track.globo.com/event/glamour
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://horizon-track.globo.com/event/glamour
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662274873668342
Message:
Failed to load resource: the server responded with a status of 400 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://id5-sync.com/k/264.gif?puid=b88f2951-bac5-41e7-bff4-9adb35ec6b09&ttl=%%TTL%%
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://z.moatads.com/essencedigitalna20153870852878/moatad.js(Line 135)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97854740&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97854740&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97854740&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97854740&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97854740&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97854740&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97854740&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97854740&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97854740&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97854740&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97854740&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97854740&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97854740&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97854740&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/286/19/1/9.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=3f4262f6-0c7b-4700-a042-2230177506f6&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://horizon-track.globo.com/event/glamour
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=1281&userId=di_8e26fc569f664441815e1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript error URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://glamour.globo.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=609&userId=d6.76e04cdc434e403aa124f7bd7d148a83
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

066da66e2e5b10bb8a1c7caabfa9442a.safeframe.googlesyndication.com
15.taboola.com
33across-match.dotomi.com
684d644f34d591461bd1a760bfb63161.safeframe.googlesyndication.com
a.rfihub.com
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
a.vidoomy.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.lkqd.net
ad.turn.com
ade.googlesyndication.com
ads.betweendigital.com
ads.creative-serving.com
ads.pubmatic.com
ads.rubiconproject.com
ads.stickyadstv.com
ads.vidoomy.com
ads.yahoo.com
adservice.google.com
aktrack.pubmatic.com
amazon-tam-match.dotomi.com
ampcid.google.ca
ampcid.google.com
aorta.clickagy.com
ap.lijit.com
api.rlcdn.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bttrack.com
buy.tinypass.com
c.amazon-adsystem.com
c1.adform.net
c2.piano.io
c2shb.pubgw.yahoo.com
cd.navdmp.com
cdn.adnxs.com
cdn.ampproject.org
cdn.cxense.com
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.krxd.net
cdn.navdmp.com
cdn.stickyadstv.com
cdn.taboola.com
cdn.tinypass.com
ce.lijit.com
ced-ns.sascdn.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cm.smadex.com
cms-xch-chicago.33across.com
cms.analytics.yahoo.com
cms.quantserve.com
cocoon.globo.com
comcluster.cxense.com
config.seedtag.com
connect.facebook.net
consumer.krxd.net
contextual.media.net
creativecdn.com
cs.emxdgt.com
cs.krushmedia.com
cs.lkqd.net
cs.media.net
cs.seedtag.com
csync.loopme.me
csync.smartadserver.com
d.adroll.com
d.turn.com
de.tynt.com
dis.criteo.com
dpm.demdex.net
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
ecfdf2cb7f00d96fed3935d6f115aa0c.safeframe.googlesyndication.com
eus.rubiconproject.com
event.clientgear.com
events-ssc.33across.com
experience.tinypass.com
fastlane.rubiconproject.com
fastly.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
gadasource.storage.googleapis.com
geo.moatads.com
glamour.globo.com
globo-ab.globo.com
globo-mab.globo.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hblg.media.net
hbopenbid.pubmatic.com
hcodemedia-d.openx.net
hde.tynt.com
horizon-schemas.globo.com
horizon-track.globo.com
horizon.globo.com
htlb.casalemedia.com
ib.adnxs.com
id.cxense.com
id.globo.com
id.rlcdn.com
id.sharedid.org
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img.imageboss.me
imprnjmp.taboola.com
io.narrative.io
ivccf.ivcbrasil.org.br
jadserve.postrelease.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lg3.media.net
loadm.exelator.com
m.fg8dgt.com
match.360yield.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
mb.moatads.com
media.sabio.us
mug.criteo.com
nxd.adhaven.com
nym1-ib.adnxs.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.glbimg.com
p.rfihub.com
p1cluster.cxense.com
pagead2.googlesyndication.com
ping.seedtag.com
pippio.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
player.aniview.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid.media.net
prod.uidapi.com
pubmatic-match.dotomi.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
px.owneriq.net
qsearch-a.akamaihd.net
r.nexac.com
r.turn.com
recomendacao.globo.com
res-a.akamaihd.net
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rtb2-useast.e-volution.ai
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.glbimg.com
s.seedtag.com
s.spotim.market
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
s2.glbimg.com
s3.amazonaws.com
s3.glbimg.com
sb.scorecardresearch.com
script.hotjar.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
server.cpmstar.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssl.connextra.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.criteo.net
static.hotjar.com
static.infoglobo.com.br
stats.g.doubleclick.net
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aniview.com
sync.crwdcntrl.net
sync.e-volution.ai
sync.extend.tv
sync.ipredictive.com
sync.mathtag.com
sync.navdmp.com
sync.outbrain.com
sync.resetdigital.co
sync.richaudience.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.spotim.market
sync.springserve.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync.tidaltv.com
t.adx.opera.com
t.lkqd.net
t.pubmatic.com
t.seedtag.com
t.teads.tv
tag.navdmp.com
tags.bluekai.com
tags.crwdcntrl.net
tags.rd.linksynergy.com
tags.t.tailtarget.com
tags.tiqcdn.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
tracker.samplicio.us
trc.taboola.com
u.openx.net
um.simpli.fi
umfw.adscience.nl
ums.acuityplatform.com
ups.analytics.yahoo.com
us-match.taboola.com
us-trc-events.taboola.com
us-u.openx.net
us-vid-events.taboola.com
usergate.globo.com
usermatch.krxd.net
usersync.gumgum.com
usr.navdmp.com
v.lkqd.net
vars.hotjar.com
vid-io-iad.springserve.com
vid.pubmatic.com
vidoomy-d.openx.net
vidstat.taboola.com
visitor-usa02.omnitagjs.com
visitor.omnitagjs.com
vpaid.pubmatic.com
vpaid.springserve.com
warp.media.net
widget.perfectmarket.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.npttech.com
www.protocolo7em7.com.br.hackeandoansiedade.space
x.bidswitch.net
z.moatads.com
ads.stickyadstv.com
api.rlcdn.com
r.nexac.com
sync.crwdcntrl.net
sync.resetdigital.co
vpaid.pubmatic.com
104.18.133.145
104.18.18.126
104.18.19.126
104.36.115.109
104.36.115.111
104.81.133.133
107.151.8.242
107.178.246.49
107.178.254.65
107.20.229.204
109.206.161.21
129.159.70.95
13.224.205.195
13.224.214.103
13.224.214.16
13.224.214.51
13.224.214.77
13.224.214.88
13.224.214.92
131.0.25.26
141.226.224.48
141.95.98.64
142.250.64.66
142.250.80.2
142.250.80.70
142.251.40.130
142.251.41.2
145.40.89.32
146.20.128.188
146.20.132.135
146.20.132.198
15.197.193.217
15.235.43.119
151.101.1.44
151.101.130.133
151.101.193.44
151.101.2.133
151.101.66.49
151.139.128.11
162.19.138.117
162.55.233.29
169.197.150.7
173.223.56.228
173.223.56.242
173.223.56.26
173.223.57.118
173.223.57.238
173.223.57.44
173.231.178.85
174.137.133.49
18.211.60.235
18.213.137.21
18.232.9.126
18.235.231.13
184.50.205.90
185.167.164.42
185.184.8.90
186.192.81.117
186.192.90.3
186.192.91.5
186.192.91.9
192.132.33.46
192.35.249.127
195.244.31.10
198.148.27.139
198.24.162.123
199.127.204.147
199.187.193.197
199.187.193.199
199.187.193.204
199.38.167.128
2001:4998:14:800::1000
2001:4de0:ac19::1:b:3a
201.7.177.167
201.7.177.243
202.241.208.54
204.2.255.233
207.198.113.86
209.54.182.161
213.19.162.90
216.200.232.249
23.200.0.188
23.200.0.200
23.208.216.220
23.227.139.243
23.3.125.39
23.41.168.202
23.41.168.23
23.41.169.52
23.66.229.147
23.73.244.44
2600:141b:13:783::2c79
2600:141b:13:7a8::268b
2600:141b:13::17d7:822b
2600:141b:13::17d7:8239
2600:1f18:1c96:4102:b9ab:f4:b89e:5480
2600:1f18:4e9:5a02:b371:809f:9514:eb53
2600:9000:20ed:aa00:6:44e3:f8c0:93a1
2600:9000:20ed:b800:15:6f6c:b180:93a1
2600:9000:20ed:ee00:1b:5138:8a40:93a1
2602:803:c002:200::41
2606:4700:10::6816:1857
2606:4700:10::6816:3456
2606:4700:20::ac43:4876
2606:4700:3030::6815:5476
2606:4700:4400::6812:230b
2606:4700::6810:2a41
2606:4700::6810:5714
2606:4700::6810:cf3
2606:4700::6811:b9b1
2606:4700::6812:c4c
2606:4700::6813:ac6c
2606:ae80:1451:13::2360
2606:ae80:1451:24::730
2607:f8b0:4004:c06::9d
2607:f8b0:4006:806::200e
2607:f8b0:4006:809::2002
2607:f8b0:4006:80d::200a
2607:f8b0:4006:80e::2001
2607:f8b0:4006:80e::2010
2607:f8b0:4006:816::2001
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81f::200a
2607:f8b0:4006:820::200e
2607:f8b0:4006:822::2002
2607:f8b0:4006:822::2008
2607:f8b0:4006:823::2002
2607:f8b0:4006:824::2003
2607:f8b0:4006:824::2006
2620:100:a001::4
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:b08a:1dc5:659b:4055
2620:1ec:21::14
2a02:2638:1::13
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:200::485
3.12.169.211
3.12.251.213
3.134.29.131
3.19.54.139
3.211.146.183
3.218.90.66
3.230.10.142
3.82.84.88
31.220.27.134
34.102.146.192
34.107.148.139
34.107.184.81
34.110.201.227
34.117.239.71
34.120.135.53
34.203.176.63
34.209.30.241
34.229.3.43
34.233.178.173
34.236.83.94
34.96.105.8
34.98.64.218
34.98.67.3
35.172.99.217
35.186.253.211
35.190.60.146
35.198.44.170
35.201.123.184
35.207.24.140
35.211.141.197
35.211.178.172
35.211.233.246
35.211.79.33
35.215.207.122
35.215.230.239
35.244.153.86
35.244.159.8
35.244.182.124
37.157.6.241
44.206.202.218
44.209.207.157
47.252.78.131
51.222.39.187
52.1.244.65
52.2.65.122
52.200.129.133
52.202.195.121
52.216.26.78
52.223.22.214
52.27.120.158
52.29.20.174
52.35.73.181
52.58.70.33
52.70.17.67
52.71.183.251
52.72.110.7
52.86.43.160
52.95.122.74
54.166.248.65
54.198.189.0
54.204.94.170
54.210.123.140
54.221.252.20
54.227.59.83
54.37.36.178
54.39.17.86
54.84.80.88
63.251.28.233
63.251.86.50
63.251.86.51
64.74.236.159
67.202.105.21
67.202.105.31
68.67.160.132
68.67.179.113
68.67.179.155
69.90.254.78
70.42.32.255
74.119.119.139
74.119.119.150
75.126.248.142
76.13.32.147
8.2.110.134
8.28.7.79
8.28.7.81
8.28.7.84
8.28.7.92
8.43.72.97
8.43.72.98
82.145.213.8
96.46.183.20
003fe474efc84a3f88bc64c110744384802f812171556fe82d36ea92ed101d13
005169e1a76ad24ddf9926ea3ceec57d291e91c9b8af19beb9a81d621b2c608a
00885a61f614455a4efbce10ad5ba91ee03f046eee738efbd5e910da2c2cc830
0096cefe0f099c4449f03421d265d31d74bef06bfc5596bc7bd6ec9f968cf189
00a8d121436905044f5829ca36147acc5ea8a2cc8f2a2108cb8e2f7296d2e1ae
02aa6ae7ef651439e9782b49b7b3ae86c88eb6e55b501437d16db2521b3e8de8
02f70f4d57c4052c276b262f5d5b72135ed3238aa4936dd368e3e1534eb6e8fb
03bd05cfb6d0789c54678927cfbd8d3ab3c9b721cee69b3dec80dc9c521149dc
0487da881470b32a512d1f66527144d39356b2d8f3d9dd817597e3db596765da
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d345376987d7bff3531bde3c1672164d2b5280ca9d8207835597d154cf1503
075c3e65454fb849762a9835ed4ff5c11cf3206f04a1562af7f3c5d0e807bfde
0773df1b62b926ff11baafce486c991a745d481e6791b9d07ce6f628b4bdd593
081d455bd5ad34e6a70e34cf5222173a504db11c69cff556b99a87f328b06931
08b86397e087dba0f354e4279d8e957549335a8384cbb11e9381128f23ae40cd
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
094b946adc39ade08f6d927ea066c8fef3ba6ee5c12919873172315ef7428e92
09d2053c4da898ebb8b692bdbea45bc2d24975fa1ba4c4f5d2cd120f27b537ef
0a09d98dc196d31503f01d33905a0be5d70f21000af983ac104e2715d417fc6f
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c22597aa3feb104000e18b6426425e8a6a941663f489739d4e0f2aa7abc1905
0ca2f8f228065ec4d96c340d978b000470a6d91beef8233ea9bb7290f1314d15
0ccb37a898ee140b90abf8b5fbbef998685b154492b880011870f132b4ee1592
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0d3f8f59059882d6474a602604cbd3471a1c188a868751f883fb9f72c7837224
0e1245031e7c42d911fbade5b05d5113fd414b885bca99eb7cb42c04dfd6f9d1
0e2bd4131449fd8506ec0dba7ac918f16c423951c2d1ee526578abf4903bf45f
0ecb9d8096deb636329e7f185ee5b7625f2f060d12d8275944e3c20d1c947264
0f68ea326951d09da6339a6f9913ac90d850786c37144f70635039d3a2aed173
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
112813d060ca6e046a3d7d89db478d5f9793d1f522d4a09ee6171310f4506c6e
11499e232303192686b4bc5d943f89c6310724941446a4539f7595728fb5b68c
11c34dca9439fe4670a8226e2a8e4e364898d2348b1f755f4c1582ec90b60b23
11daf6f1f81c0e60c33e75464791f001280c50524a42dfcb70cedca62bd32f74
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1298edbdd61716cdfd4e5b6ae4d6bbc598282a86c23c5eee134965e052f5d878
130868866de345ebfbe776e814e061b01a5c0ebe470ee569fa7900e447bfc6bf
134127ecdf2b16585f3bba85303cbb0bff025fef6a0bd8bdfcc1ca6e43e0cfac
143690a635c4dfa2f642e553830b45698d9de9b585e88f399ce8e916ab3b50ed
15db152f386fbb66b5610a32b7b5d8662aeab674ce38a2c446cd73d2a250a92f
1724c5cef41157e912641bd88a4db5325b61d630ad1b879c9c71045051aad45a
1810cb889334e2f37e878a2a80852ad1871c455f024726a7daa1fd9ed64c7821
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
192d2eb7078526e7974933da14512e5f5d64902e654d1e4ee5b421abbf169a3b
1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07
19e63d8365777324534181a2ca86959066ca42b0181944be1b81e508634536cf
1ab59d6e63478519b5cfd073162dc5190e45b183e662c26d51ca9291c62fb7be
1b513d5f0c04b60a8498d42222a518eb138443aa820655d4ca3b00848df89788
1bc6869d74eaf2289120925b200e201013f1b0f1435a4a37a07dcec3bd45700b
1d7f6ffcdfd27562629eec3440c52f50b2eb54b76e899a871c41a266c17664fa
1faa2fd126cd52e36b732f0bf88999870ad193b24fa26b777109803ab56df916
227fff75c4236d888dd7f5b7bdb52a1f7128ce90ca02e6e2b4c33a501ea4c89d
231e3afb8ac1d691297cb2ceb6829e229f45f52b0b6f50c2590d62e700736926
246414f657b1be44a4ab833b15024ce0080e338cd6e33dfcea5ecd7b6c48a535
256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719
25f4d2b29f5d1eee4273974cc23de662ed5497dd28f4acbef5d33d99bc6d625c
26cefadb056e058995a271c90dd16952de72e19c6d0c15c18e49dbef7835c284
27e9617ef6ec23c05da49ba7c260c4253ac76b9f2fa33eb5e05ee1f3b934fbdb
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
29a9a4202b2b15490bab16fe4aa01f14635258790531ebbebf82e4feceab7119
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ad269b4b5e560ad0991f1045faf75aeb6321598f1510aad8169de55f40ff223
2b00ce902e9ef9e7031d76c62a72c1cb0054185e6691e9a72757a31cead715a1
2b1ffb01c3170942977bbbc41bfd3a8a100889c9bb970ff877c1f59a72a33796
2bc0d230e02afee1971f61273cc72443a06d1c0fadb96d63cece02834aa4c7cd
2be7234b34cf2aae9acbea78c6d10c4a249bc4ea968d2db8d95df3352555cb55
2c27422a0b3735d52a4c541699b72416882ff32d3c7412b93be275d6803b5bf3
2d3f45e500d9b0dfa11f7006aaacb2ad48dc8702bfda3d5d802589c869440d98
2dd7e9ca358d9a52e8adcfcab0180e50beb4449a987ee747c69e605fa35fbee3
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f805f242affa5de478343055a8e0a2e449b4f7f7e62049626482ee35fd0d029
2faeb72dc6c6dd034ad0fe3a1326105213eb42cc9fdde9560f645ee2dd1c4c2c
304efaacc8eb40941516a8289bc15f40c13f044d4b38e068dd82da51861a4018
3211f0105eedb5873f087c4d715050124d6891cd2746f9e28b78759a80a818ca
322a189a59e4c2bb88503d921a1c3335f2d02c678083ec71e78891b9a9d316f2
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32c59cb27a0cd35cf15d60b56fa55495811af9b5fc8fc99c7d2e086a9e3a59b7
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
34f69bd9deff978fa14f2c9c0253148677309e0a630f8e938967886b734dbbea
350a236162231dd999bdaec121ffa79193036e95d894ca6dd067096488d128a5
359b5c6f41c52a33bf71287201a741e96a390146421c99572e46797d34d1b4bf
35d4a5753da02f08511fb82ea56968018ef00dbe1cef4cda8c5243e4761d107d
367f8e70205821e65c52b00901f038ecc0c4bbf31e260dd3de584a0c123865a1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c
36c9e60ac74544c751a47fdcf9f3e39300f7a2e8778fba52354fb4f654fedd87
377b3c43b8176e2a1681c6bc4882ddee51e33b441574459744a084f09766ea1c
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3945a98e43cd2167bfa9e8385ffa54335b9a393fa66af78f9b9deba11bd87470
3950b61f47b64cf9e4f32374b82c362ddc94f9ba19feb685d15d391f6324c5bc
3967cf031a451f1d50726a9c7d4bfee59e1b4ff70d98807f8fc47838400a5f6f
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3b534eeaf216d2e54730d1c9bb15344f4b78712e6c781d31555585c51651e989
3b9274dc2444f01c94a9f849c733032d4a599f4979c845acc7ea4d7997e6a05b
3ba16955457ec9512e5ff60153175768ea61059c289a3df6de2d67c88af3b67a
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3d2e054fdcdc33d84f190be6eb219bbc98f9feaa498b5b392f97db9468cb41ed
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed3436e73feb990992cf56bf6ab6ae1702bfe72ee84e02e79ada80d0dbb6f45
3f42fd3009b499cc3616f3acb8252cc933c4b04ec2faba8d15eb7b88a8af1fb6
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
404a0b1b9d89d7ef5a9cde456674d6dca12d83f134b2df0a95bb1a2b4111dbae
40c6e73505b42c7e66cca644b0bdeda5b54eba8b125787fd1757d168622dee78
40e4951dffea740356de1c800b47ff35a1fac0756b592a4ff5ea9a316b0119b9
42b991685bd8c58ba662e8ad8fb84c173ffa90fc508f471def5dd1191a4be86d
43977bc41ef9da8273e34586920994a653514ac1801284fbc0e8ded13a5a7247
43c11e1ee5cc09983c97efa3f93ac1a4797712e226c309b9bd14b4dd141ee16c
45e78216d62e7ef2a2c7d0bda526ddfb789444fb8a986b024d059373acb27c16
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
46e4dfa96644020484b012dc7d59fb17991401df9dc28cabe53f5c3b624b310a
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a6b3d1991c4420dbb00831149756c1f8915ea0b1a62f4a54b42a8bd14416f32
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf
4ae8416ed7b3605518ee54f5042658bba6ca059a9acefade4614210894e788c3
4b32f78521845faa59c27c659b65acfba39e9bd0e6b8fba56d4f2d4fbafa87c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5a8df78e43e83e6ca4b7af38833a508483d29e3c5332b7dc19a0ac9b27c692
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4ff1b9b91db584b19d20b4d02af9ff7673add161ce3f9ceae9391b3a84fddab1
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
509ef6cbf39ac9f7498c733a3b4699bfa113ff0ec1950f2d72245a52fc8039b6
50ed7801335123eda3191eb9b9813c3e1e972155447bf2e9d2442b35633400e8
518eb4f81c722adbda4fa0a1d788728a617d011ea0cfab5df71ecb3bd20cadab
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24
5256d55a499ecb71f04dd716cfdf75bf9fe5f863620ec6634e3b43b4e6b11fd8
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580
54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5595a0ca8a68cc1d6e627ada0ee89585cce775bbafac19b5491c152520325b7a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98
59119d769463d6328c2791982090c033babaffd946a3616d3291db1bf6053fd0
591c368f6ef1dbdfe2338750d8fa7c089b68ec93d8f6d728fa921ed602895f8d
5b0a467350d01c56047c47a5b922f3220504001f9a64c765247cbc2cc01dd63e
5ec7977ec6450e7908c35d0962e200834597e8721448444d370e488c84535f1f
5f5215e4227ed76a2060cb35ce90e6da2d5ae98c4502d09a79408f2e4d2dd2f3
5f6d2afa3dd286add8b53779b539dee552eca159e41a4c255829bad31c73a538
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
603db0f6c2713ca7a57c9091bf85634c48fb5cabcb99cb718a8cbfefb0631f7c
60b0f8f7a630b8cf83d4c29ddd3e6e614b119208fe97a96cae6dc6311541671b
61577749b4423c492bfe2f3bfff475e3397fb3738794c289f783be6b03457194
618a1645d1947760e5fb08f273c678650a8bc1e6179745dc489e20972304a9a6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6272093589ae62c375bd91a0e1beb5e9d16162124c95b3598b34991da7fd8f93
62b011dddfa5f0584304df4f970b26af98f0adc6c4d8096cb0d87dd2abf9c787
63a28c51e7c1337423ee8c3fb46729a843e5c22f732430c9ef4df2d2fed9bbaf
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
66396b100745df96cbec5bb2ad4faf6965bc54ee6a8c044e7a19359967f20147
689f17ba7dbd0e34286e9d9f7c7ba77947ddb9be0e82514031ecd9c886641acc
68a4909c6b8a33d5355c1ef06ee9caff0286db5252efedcf509859a82cdc5463
690750b14e4427947b30276546f409dde166d3e8cde6a988b3e280d28c58341f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
701321f31b18b277e6337df335144b13a8fa614515f1e7051c462ddddbe9fca1
703365d6b927fac7d6cd9b549802f77c5ab8dceeac4c835967b8dc30b359c26e
714be95d4c0006752676a90bcdbe9c9c3c8bbce83ad3ac3f1916ed0356457a14
724eafc293cd5fd2c41267fa31a29de4bf0dd79a0dc7262294ea64da51f03d77
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7
738f0c67d41e7321806f262f0f43a68012d04ccf027fcaa71f03fdd3170b71b7
742d62cba6fc55f840fe34fccbd7e4b4dce2f281af618251c4e24490f12e4722
7520c0ee9b2f12f0701eb2cc767c778daaff104b66d5ea6065913b225ef732bf
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
763709732989d3e1d56e633d4e405dd857943eeda367c2b1eca5aa4c3ce43437
763a506cb23c2a4f1bc4ddcdf66ac3a3888105d061a79df024075f1936ca60ed
77700681277e1e1ce4c70eb7c4a5916ed0dca9f29187eb28a6f76a90d333f864
780bab12ced7ead32f27db489d2a8f839fcc7a4ac9934414107513deca85bf85
7898425d5cdbc2eeab116722a0b0aa19e66ba822e915db0fe213d488405d07aa
790c066217c30629d2d24da24c3a45aa5be8937e68c9b30cabec33fcb6af022c
793d855246028f05294fde727ec345e3b9165456e9f89bdedbd72d98cb51ed26
79f86d2926ea7f14875633d1fcc86b1d675d9e5ce76755b545adc3af3f96b292
7a1ac55ec922b57ea9245f79aaf8986d8cda9bf9c253ff188390d2dbe515572c
7b9c12a670d4d321568e422ad01ce64729a3b0c18e3b09b5dfe60eb50ce5b8c0
7bb80cfb55f7e9508d7d16592b33bda61f81f80502894aebc7fe77dc29c8aaf3
7c6bd4c3afadedeb84cf0b47867e871b8e2383f395b4e4c1cfaee16dfce2615b
7c711a263341325d43eca4d7987e71223ed71aeb5173b4486c3280d0867248b2
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7d2f0a1449cd6c28ffb0cba89d697e277ae2d14a789da8315e68c1a10cbb5b1b
7d93bef447cd2152f3b429d1683054d10c9c8eff4b3e640e7fe7a4b9ffee5729
7e4112260244d385a6d8b7e60bd6da0ca6b638ded968352a851c2c44710adf92
7eb96207ee82f0d38342f220cf86b162ecf395dd98cb5c15b6b695f2746d240d
7f1e7751de7211682870afa390d8383cddbf7845eb9d83b700752bc26602a782
7ffe810448cdfee593013dd04b6f975f19ec18e0e748aea8003c99f592d48600
804efc569b2ed1f64500e28e2eac05a57d219bd8077231b7d2bf1d710a26bbef
81233e07a2439234d58985b7813fafb70a38615a74ff3a30a0b257430d53a72c
81735970edbd0997f9d89b77986eb05f0752c72ec40c83c45eabcf5e771672d3
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843061eb460de0b038e56183343e2f2308875530fb61d3cdbdd47c1604c0557d
859bd8430351e5be5d1f9542b47bde1d3dc6b972e1c2cd65cb6adc0a54087ce4
861bd0a114d7ea00805f057a90b6ea6fcd76779dc54f821f3aece13ec1ec503d
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a92e76d18931a457d983f0d0b224a302ee771e38caa1c083cb0f6a8230ed7a5
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b269797084497628d89155d362722044c4a0e1e9477fda2247ceee9f7b9e26b
8be431ce956a9a057e862b7a4fc3a6ae4e3239cef434e656c34bee62074a5180
8deaf2f6487d8023283092a123cfe4c67b0d340dc59d94cf1c8abb57ff9ef2c7
8e2d6b5e53aa4e6941a2f6f31b49e25cafe51325966102532121c2c5c1beaa2a
8e8003ad291ba3bd8691f5b0754b18daa4f89147dd3f27f204c651cd8d5fbf8f
8f70a7b48917ad6de4290cb08c66599256a1cd7b255b97dda65e081a17ef1d9e
8f91b1618128ca4e1050537bc93b3a2c1e203f4971a30fa1bb96f379219d72ad
8fded9bcc3fad8fe5094b81cba2f16b9d07cce0c72d54e738752d01964d31659
9012814f69fe0a6631bf48f441a0bbbae0b90fa762d8caa8ce3b3aca496e1837
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
92242b91deb192dc1c5202e458216198d0625837158581f6cc53d316c78ef5c6
92beaf913adfabfeb48f932e23ccf17abf94fa30f563ff5fcf8bacfa44803f8d
93e6639c3f07cb77467754907778fc49a74b1194368a93923c824ebec4d78298
93f45bd0df53776d65c03af696f72e8857a3049863b07852ba2998ecce3160a3
94b62cbcd95b49b979fd6ad3e041290f25a6f5f66d924d00c8586237f279e672
956bd91287fd5d85b711fd51418e53c6eeb3536134044ce39f67fb20938e160c
9674211389f95727d858e53f1b9e716d276af5bf96193b59555b2ea4d6e46bc3
97b81651ac630805fe9f93b8a9481cc286ddb6240b3964a647371f01bca28641
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
991985a765bb2b998996edefdf292ad2952f7e2e20e9253c6cc49d6f84145f96
993b351bd299e8f6b53dfc734dbb695fb97967e8b1fabb183817fccf3e436bf9
99671b2b4fcd19fe377090ce039fa7b1c30398d90bf754198e0b77b1a40b0f8d
99bf4aa403643a6d41c028e5db29c79c17cbc815b3e10cd5c6b8f90567a03e52
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ad56d87ecff4b9d65d88ff993503b6083e82445f82decbee264eb500faf929f
9bd4ff7240465b5c2581ec1281d3ae758200f39e01df0e180e3b42aacd1c54c6
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
9d4f298b9266e5e548da14a56548eedc87dff49e1fc054dc7fd7b19cf0db55d0
9e145d4238be974c60f1056d98515e6d550f962fcd64cca7f7cf57db1e38fcea
9f07eb1d3485dabe204a944ab51fd4d7b4f2247c58f170714cfb40ff118af06e
9f1508da4c7e232fecfa9d9ca9c8d6d4097d449c91b20d51903af021612c1214
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1a5b73bcfd1957f0a269520f429a9230617766d5ae45ff7694e66a9dffd19aa
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a336595607ff8e8bb0ce3d49613de82ead1e92232a13101a16828ca1dcc97bf9
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a3d802214cdaf6276aa13b5b161820bbc80660cf9429124233334b07a2d7978e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4ec26fd216fb0b0aa77265927e4ea9d85268230361037b17ea696ff7b4eba5e
a51690a59260fd30a04d20955e8e5432f7f05f90c13f04c953789d67548a66b8
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5c1fba70888805bfcbfcf6e370fbacf72280422c20b216144e7216a6e4fdf7d
a5fe53ef8b0d105252fd1147bb2e04052de44404a88f85296009ac4cdb1c6c43
a631724cecac8cf46ece583f5717dce6335c12c4e364c837a9aa376e85b43322
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a791e3423749b4eb5b64a0f6820d326528860f99275d362669d15f6fe6977d9b
a85b4f00a6ee86411335c25efe78776bdf430abffad78030f7d57a2badef9884
a9037edfb627bfd8802749b9afcc888ab9655a0859d4523835ec9263fd231e71
a9b0c4938a0e90427f421041a5beb3e0a47976cb54940446f207f9f44cd93071
a9f542c0d98b1deb323f1f9963046534e7a98b6f9fbaca32cdb8d49f377c1151
ac2b0b24d095a1cbd0b3a8a099a9df8c82013e2901a7a46a0a47c1b50d941e05
ac5a12f395d97c17ecc9826991a8018e6ba113937ef5ac4bb33bb6451cbcaa74
acc6784a95bd4cc5589958d08e9fa305dae4d8892939d111e47a741722de2d8e
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
af44d280920264564147250d0841eebf33288a04c932c182c06ec21600a228c2
af7f7d9dbec7daf5a6f7d58196b10fdaf2f0e97a15a981e5f180cedb9495739a
afdd4992973ba0f1c1cd9851efa124a1e177edcda2d60e5ac7b5a7fc29bc2c68
b0383bcf4238f988f399911ac308b21233b43f07ea58942da7ac32b89ced8c7f
b13a684f7301477beb9327b6c31e88d962bc15a362a9d9e0576284fe125640c1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fbea1e5a850c6e6f51d87f4321ae2af590c9a9ac53f7630ba3b1b071e2fcdc
b3e21915d256ad88b574a4a55d4e3f03db395abc33f53f72db1b107fa48d0710
b730ee413841da70b67f550de8ffce8148c3fd15dacc5274bd0b80bf18a44da7
b864658d15b7c8d4e995e3498902e48651fe99a009f70421aef1555d04b0ba79
b8bcad49506b9fea69408f863efc6964c6d70d9dc7f994eade9846b2bc96c652
b9f6160b7ea7d0645d6201d24919b7289061f8d021e3c245ad5dd7b00ec66ff2
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
badff47be54c7116a014bab6ea632fee2dc666bb624cc7eacc84c3a4440b2e34
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb396c659a45cda460f579b753cf3a53f83eb8198bd344af0a2e2d9030ef910f
bbbc1f644f0272cd52f691244c04a02d53780f4fc2b459e8f8ca7df34209a665
bbc029f1d997ab0fa9fc1499f94fb93f83b350470966b2227c6b761b282e527c
bbd4b697b7f62c2be5cf4bf1820b6e19a8c9e51ed51e18404dabc54e0468cf86
bd88eb7c3e67db69685d5230db27e260be1c43eb2719a231801870445926d406
be58b2f058e8e47932d8150005ea3df3aed2ae830268a31a23501dd47bd8058c
bee583898e62998d194acd316f991c317628af2f6539861b0da82b2d0bb7a197
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c490a021a1c954cb18a044a3f7e237480c3a929bf941ccefbd47682eee7871ab
c5680006a0020c286352de20225a126344eb67756e02ee08ef28f856f5749e83
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c7c63b43903d698f7c8b28360ce19c81b574db3288a8db01a29ac72ffba1327b
c7d577eb3381e7b5b619951df0bba1fb29667597808f61f5b3abf52f2cab703b
c842f299b023ae0f3a9d2f3b153a19f8534b229a465409da4f83123379a72cda
c8d34c8e4efe64cf63fb4ea7497f3386f008deae354cb947635d0544eb551661
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
c9962c2127c9d935120e0079722987f85a30af724d84884602725b114bd86489
c9bfbc2b802937d34983a32a97f9703769f7dc7a9ffebbe99e186aeb5141add1
c9d770b0783fa690c7b7fcf39d13c6942d124e16dca19e0a4c3acc570ef9bc9c
c9ed8bcb9eb4ad4d87c7e659924a2318f18b267dff58bb01fb44b6b448e1b312
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa780d674f5cfd7b4b28a8234c10fe04d9893b7754b4c3f9cd874b78b282d1e
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb4b6da30761816b59b7b0412562666f4d6763dfb4e59631f87820900fa52257
cdfe741e06acc6f308baeb84ef8f48866952d725de44e936e83bc24da308bbb0
cf019a1e03162a3ab267c3dc07d7eb9b1ddb76ce703755c49a7ca9edbd1d87db
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1872ace7c3af8a214bec239d58ad3d4f3e0d5eee7a18bb416aa9cd28fff233d
d247fe6a3bb51adeba758c6cd8ff5263a87656162cb0cdcf4bfedef557c46e83
d342081333ea08ed17938ded78539131f5393b1d6a5155e3cabd86fb4393691f
d3decc75ba01ec53d1204eee13646967c5ec5ae009d0172ff3a06d38e0c8ef44
d40cab4ec6db14c7529e89eaacc0090060628c00d0016897ec357fd7c513753d
d417f2a8969ee12d9da170e14e2adfb981dc5ac544221efbf318a4ff938c54ca
d4403ebd9944483d11101b07509dd5256e8d243ffb5a2d1c1337675085469edc
d4c5d952297366d4e340d33bef112d53749ea1b14f3bc9bbbe9c8dc9d73bb354
d5b5cd446f924a2393ed36da029ad74d766bbf5d473e77fddf70bc4f225c6324
d5bde0e0d1ae23665b9682470e6a4c1446538ed040cec07920d0fd468d43a0cb
d66566ed9412889e8edf127c46a211a31be80aa7f44caf19e68a4ec9163b4fdc
d717975fbc6815f9c86e4c87154a8e2249ec957687ff8477bb649b318c2fdd3a
d81ec8320c09f89946ae433666e68ae8fcad0f4201e7811111ffca2b1a29e875
d862e8493cbcd2912b3a5ec4650a26410f05cb2c3b70889b4a5b34e8319df57c
d88fc3383063831866a05069cd689f4cf9469a87cfd3ce88f53f656d25679007
d89f643272d672cce15b62d408ccfae2cbea9a9eb40a5bdb78077dfa1c890d08
d908435ca225cca8f7d1b52d338cfd84e78d14db4797627df8dd3534196ed61b
d98635d4183431392ba335cfcadf625e77e45b23962d09e6d38a4efbda4a7923
db7a74ec292e5a5cb2004c80b830527d3ff71a8c7d7db6dafe86449053fc444e
dbff361120b68fef0d37e18d9a64530c432f9c7ee025253d1084c8d32fa88f66
dcd5b9a91e8e19b305fbbe3a2feca57e21d63b91dbe5949929b52a38f5435bd2
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de96459afc7ce2a214a50ab53803028a92dcbdde40621408e4638d484e7c344f
dea42e0f179347a75dd9fa41636bd1fa1ae92397bcde89a1389eeb8c0ace0fca
ded0021d3eab742285efc1fbed7eb1685833e8cd2994977d50845871cfd5f6bd
df2817cfb4d03ce94385daa5ef6f90a26b2781d27bd683b088791006b0dad707
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e053354723c0c1a0fbfef78430b37c3079acb14153404ec19d34a6a8d04b8631
e0ad99de62e8537700c3a8ffa5e77798b4dba0353affde702a682db93746a5aa
e1257430b5f36c1c19867c3cca6917684d7e427aba9a6604f0c3b86ae229c0ba
e15a3a9c0b00d87a3cc1c7d3fef4ff96506cf96c8a2219600e22ce53d46dbd72
e15f26e9756818be75c82a0a4098bc9f3a6652aaaaaf427d041abda9f8bea187
e1acaf1b84c7c6a5a7ae96e4b9cce92c540c0c8ebbb0e56f8ff473917e2e9a72
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e6f842ccb9f05ede4f39819492a3c2ef22fd899c3c667da47fd2e8349ea62722
e7025cfbdc9103e36e209a3796e1896855682b13ae4cb4e7114e1474ae1c9dde
e7c9882961051fe8f15077a313665ba24be998f20295f96c76c0998a0e4ce59c
e8a63752f7a4867483d3a66bb10da00f7048e9285b960bbf9e9d57713940dedb
e8ac19d15945d11645cc68623bae41ca14067a00557eb3a849dbb41c38d96a4c
e8bf9ccc765b5576c8b86e1f75a308e112cea4c1ead476dcf94720d10fa6fb0d
e8e49d12d085acc1fd8d7c49c729225d667eb15f10f6b89eebc8798ab3964c25
e8f79ab5c3fdf0b731a1a9fd9e6d8faf2f64846ad301e8ccc55760a09f345384
e9211fb205363f44e82b5000c998ab32a72436a3e56c8105ab352e5cb30aa0f8
e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411
eb578e5229cead21a487f38f0428ce5362cc04b13dfbc686cb380be538c0e79f
ebbec664e3d94cc9ac27c02aa072e11f1601ac52642916074649ef26a7171de8
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecb15f05989bca01e3796b4daa80a42d4bedcb7a7d96a0e9213a20ce3b487864
ed59af9eb8cf34d8e8656e76ce20ac90d38f3af87f4b634627d38f663ee61435
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4086a8cf179f863e997d75540de101848b0b43d85b3c8a75e662cb2e50f533
f00b3475acef664a9005d3a715b6bb852c1ba74e8755ebe6b529345fa3420036
f1239ba8e439e42a86c4eb576c0a517481579b9fab0437349f5a9abe196ad580
f3402616df5b5f133e7f53c505699763f7fe71ea699559ad6e3cd063e221e591
f40f5aae5f579b100046297556b20241064b7df6f453768a2c45448b99faf40d
f41971895f92bee414ee52aa1e2d40914a707484cc03c6a325bb1bd4817d09f5
f4aa60d9f40ce68b6b53b2d873ef986a5a730a4e15d0b3c9521a150a51b96eaf
f54ab1e32dd2faf787fd0c28a5b92b033d19ece20de5f26114e2d13c7f5a5e96
f5b8585e46b09fae99979bd20852b55730201f1b8b8631a41e741f48c63b0827
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6b1dff67df73f0f41f55601b7b331893331bd4c3033c17d419aa027c6347213
f782d6fb6c487e3d38d77d8e3838355a618944325f43ec9111ddbca65d023746
f7f28cb9acd76bd3a8d434d3d878ef2419fbd5a2d0b5fc0c969bf4555e90e892
f8e91447ec736691233003e3eaa72413b1599d485a654f4f2aee3d056bc07a3c
f9a770c6975c04698f18ff91381e83ac9b4a885e1068465216ccd36af33c2e7c
fa4e68a3997c8e77b7465d4cc32e572d5c65ab2077330388d7475434c1ab4748
fb22014695a5f5bdc5c00620f486206901b0eca5086df694b06c501e0b56757d
fbac4ad8670acaf09b2d4ad862bf2d407f99c8ee193c48979faeb8dccd4f6883
fc3e891ad0d8075876d0f7572482f1f249345583b89459f485e59299931bc99d
fda4bd08a32841a53a33d5a25662c40070799de74b323f0bbd767d2dad207ff1
ffd0f87c6f59d74f62d9f169bf5318ab9157ebbb5ce24baff2cea7c97404473d
ffe04091b035ae1bfe76e90d8dcccb0e4eab5b04334576832341d6da0b9fd91d