extra.globo.com Open in urlscan Pro
201.7.177.130 Public Scan

URL: https://g1.globo.com/
Title: g1

URL: https://globoesporte.globo.com/
Title: ge

URL: https://gshow.globo.com/
Title: gshow

URL: https://globoplay.globo.com/
Title: vídeos

URL: https://globosatplay.globo.com/
Title: globosat play

URL: http://assine.globo.com/globocom/index.jsp?origemId=148
Title: ASSINE JÁ

URL: https://login.globo.com/login/1948
Title: globomail free

URL: https://login.globo.com/login/1
Title: globomail pro

URL: https://jornaldigital.extra.globo.com/
Title: Extra Digital

URL: http://acervo.extra.globo.com/
Title: Acervo

URL: https://oglobo.globo.com/
Title: O Globo

URL: https://assinaturaglobo.globo.com/extra/vitrine/padrao?interno_origem=siteextra&interno_midia=botao&interno_campanha=ex_botao_topo_padrao
Title: Assine

URL: https://valorinveste.globo.com/objetivo/hora-de-investir/noticia/2022/02/14/conheca-os-fundos-de-investimentos-e-acoes-queridinhos-dos-ricos-em-janeiro.ghtml
Title: Conheça as ações queridinhas dos ricos em janeiro

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=editoraglobo-extra&utm_medium=referral&utm_content=thumbnails-f:Below%20Homepage%20Thumbnails:
Title: por taboola

URL: https://tradingblvd.com/trending/come-queste-meravigliose-celebrita-sono-senza-trucco-e-parrucco-uno-shock-a-vedersi-tb-2/?utm_source=taboola&utm_medium=editoraglobo-extra&utm_campaign=16062229&utm_term=La+foto+di+Miriana+Trevisan+struccata%2C+conferma+i+pettegolezzi&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fbc3173904e2c7cbbb1b6b6513c672e88.jpg&ts=2022-02-15+00%3A11%3A57&tbv=-XuMQuJSurHTfWJMFvwtnxs1-x2-VqS1eXRHgAhbYmw=&pcl=1&br=1
Title: Trading Blvd

URL: https://lawyersfavorite.com/trending/vi-siete-mai-chiesti-come-stanno-invecchiando-vip-che-avete-sempre-amato-ecco-una-lista-di-loro-scopriamo-come-sono-ora-e-cosa-fanno-vi-lasceranno-bocca-aperta-4/?utm_source=taboola&utm_medium=editoraglobo-extra&utm_campaign=16230419&utm_term=Vedere+come+%C3%A8+diventata+Alessia+Merz+a+47+anni+ti+far%C3%A0+venire+i+brividi&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fc72392fd44d6884aa7f1b1e4c2931661.jpg&ts=2022-02-15+00%3A11%3A57&tbv=Uf4abWxA_aivaNHmUmxsUYmi-m4KTrlQ-QoCYlAJBzo=&pcl=1&br=1
Title: LawyersFavorite

URL: https://psychicmonday.com/trending/stelle-che-sono-invecchiate-maniera-impeccabile-e-che-ancor-oggi-hanno-un-aspetto-incredibile-6?utm_source=taboola&utm_medium=editoraglobo-extra&utm_campaign=16252512&utm_term=Ti+ricordi+Alessia+Merz%3F+Cerca+di+non+sorridere+quando+la+vedi+adesso&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fadc553bf7f60ee2c592d9c1dbe92c64d.jpg&ts=2022-02-15+00%3A11%3A57&tbv=aiiyv9LcMA46nuDVKJfdlBs1-x2-VqS1eXRHgAhbYmw=&pcl=1&br=1
Title: PsychicMonday

URL: https://investmentguru.com/trending/patrimonio-delle-celebrita-che-conosciamo?utm_source=taboola&utm_medium=editoraglobo-extra&utm_campaign=16227407&utm_term=Il+patrimonio+di+Gerry+Scotti+lascia+la+sua+famiglia+in+lacrime&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F63cab74be0dab2ac54607fe22b23f8c3.jpg&ts=2022-02-15+00%3A11%3A57&tbv=8aUXu95jaSmI6EVNdrs8jhs1-x2-VqS1eXRHgAhbYmw=&pcl=1&br=1
Title: Investment Guru

URL: http://facebook.com/JornalExtra
Title: Compartilhar no Facebook

URL: https://twitter.com/JornalExtra
Title: Compartilhar no Twitter

URL: https://web.whatsapp.com/send?phone=5521996441263
Title: Compartilhar no Whatsapp

URL: https://www.instagram.com/jornalextra/
Title: Compartilhar no Instagram

URL: http://m.me/.jornalextra
Title: Compartilhar no Messenger

URL: https://assinaturaglobo.globo.com/extra/vitrine/padrao?interno_origem=siteextra&interno_midia=botao&interno_campanha=ex_botao_capaextra_padrao

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=editoraglobo-extra&utm_medium=referral&utm_content=thumbnails-b:Below%20Page%20|%20Card%201:
Title: por Taboola

URL: https://tradingblvd.com/trending/come-queste-meravigliose-celebrita-sono-senza-trucco-e-parrucco-uno-shock-a-vedersi-tb-2/?utm_source=taboola&utm_medium=editoraglobo-extra&utm_campaign=16062229&utm_term=La+foto+di+Miriana+Trevisan+struccata%2C+conferma+i+pettegolezzi&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fbc3173904e2c7cbbb1b6b6513c672e88.jpg&ts=2022-02-15+00%3A11%3A57&tbv=-XuMQuJSurHTfWJMFvwtn5LLi9oFrmSf54P4EzMhvQg=&pcl=1&br=1
Title: Trading Blvd

URL: https://lawyersfavorite.com/trending/vi-siete-mai-chiesti-come-stanno-invecchiando-vip-che-avete-sempre-amato-ecco-una-lista-di-loro-scopriamo-come-sono-ora-e-cosa-fanno-vi-lasceranno-bocca-aperta-4/?utm_source=taboola&utm_medium=editoraglobo-extra&utm_campaign=16230419&utm_term=Vedere+come+%C3%A8+diventata+Alessia+Merz+a+47+anni+ti+far%C3%A0+venire+i+brividi&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fc72392fd44d6884aa7f1b1e4c2931661.jpg&ts=2022-02-15+00%3A11%3A57&tbv=Uf4abWxA_aivaNHmUmxsUT2aOo3CdIKJsyEzE11UzR8=&pcl=1&br=1
Title: LawyersFavorite

URL: https://psychicmonday.com/trending/stelle-che-sono-invecchiate-maniera-impeccabile-e-che-ancor-oggi-hanno-un-aspetto-incredibile-6?utm_source=taboola&utm_medium=editoraglobo-extra&utm_campaign=16252512&utm_term=Ti+ricordi+Alessia+Merz%3F+Cerca+di+non+sorridere+quando+la+vedi+adesso&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fadc553bf7f60ee2c592d9c1dbe92c64d.jpg&ts=2022-02-15+00%3A11%3A57&tbv=aiiyv9LcMA46nuDVKJfdlJLLi9oFrmSf54P4EzMhvQg=&pcl=1&br=1
Title: PsychicMonday

URL: https://investmentguru.com/trending/patrimonio-delle-celebrita-che-conosciamo?utm_source=taboola&utm_medium=editoraglobo-extra&utm_campaign=16227407&utm_term=Il+patrimonio+di+Gerry+Scotti+lascia+la+sua+famiglia+in+lacrime&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F63cab74be0dab2ac54607fe22b23f8c3.jpg&ts=2022-02-15+00%3A11%3A57&tbv=8aUXu95jaSmI6EVNdrs8jpLLi9oFrmSf54P4EzMhvQg=&pcl=1&br=1
Title: Investment Guru

URL: https://trc.taboola.com/editoraglobo-extra/log/3/click?pi=%2F&ri=f23ab004182727ced3df6e3072c3244b&sd=v2_a0f2e5cdb1b09c7b089388d6dc4ffbfa_d0d7cd74-44af-4e79-ad5a-051eceef7cc0-tuct904754c_1644883916_1644883916_CIi3jgYQmf9JGLD-4tXvLyABKAEwbDin7gpAl5EQSJe82ANQ____________AVgAYABoxqLdxZvAufqLAXAA&ui=d0d7cd74-44af-4e79-ad5a-051eceef7cc0-tuct904754c&it=photo&ii=~~V1~~-3870504840039153358~~Tv6jdlXjFrFCB8RWVHYT1s4Gyb6EndglV_d6MxXTRqfTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RLwISC4XgtxkoEjt4EkVGaEOVwwiTTRmbeR9yJ-FWMtKeEVsWd2ePr7BtDoBvBf-9ypgIKKQiNEuBtQgp7JTyz5NcZRKf_hIGTX9j75vADTlI6zhr_uog6GC70OqLAd6RE&pt=home&li=rbox-h2v&sig=4fb3ef1af51417b132e15ef5f5d7a70c4e54f6a41e57&redir=https%3A%2F%2Finvestmentguru.com%2Ftrending%2Fpatrimonio-delle-celebrita-che-conosciamo%3Futm_source%3Dtaboola%26utm_medium%3Deditoraglobo-extra%26utm_campaign%3D16227407%26utm_term%3DIl%2Bpatrimonio%2Bdi%2BGerry%2BScotti%2Blascia%2Bla%2Bsua%2Bfamiglia%2Bin%2Blacrime%26utm_content%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252F63cab74be0dab2ac54607fe22b23f8c3.jpg%26ts%3D2022-02-15%2B00%253A11%253A57%26tbv%3D8aUXu95jaSmI6EVNdrs8jpLLi9oFrmSf54P4EzMhvQg%3D%26pcl%3D1%26br%3D1&vi=1644883918640&p=omgstudios-brazil-investmentguru-sc&r=97&lti=deflated&ppb=CMQE&cpb=EhIyMDIyMDIwOS01LVJFTEVBU0UY4JfV0wYgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIJd2F0ZXI0MDEwOID-xYQMQKfuCkiXkRBQl7zYA1j___________8BYwjXFhDVHxgjZGMI0gMQ4AYYCGRjCJYUEJwcGBhkYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogBivHmxQGQARw&cta=true
Title: Scopri

URL: https://privacidade.globo.com/privacy-policy/
Title: Política de Privacidade

URL: https://privacidade.globo.com/
Title: Portal da Privacidade

URL: https://infoglobosites2.secure.force.com/extra/
Title: Fale com Extra

URL: https://www.globo.com/privacidade.html
Title: Política de Privacidade

URL: https://edglobomidiakit.com.br/
Title: Anuncie no Site

URL: http://www.vagas.com.br/infoglobo
Title: Trabalhe Conosco

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 129

https://sb.scorecardresearch.com/c2/6035227/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 132

https://sb.scorecardresearch.com/p?c1=2&c2=6035227&ns__t=1644883918673&ns_c=UTF-8&c8=Extra%20-%20Extra%20Online&c7=https%3A%2F%2Fextra.globo.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=6035227&ns__t=1644883918673&ns_c=UTF-8&c8=Extra%20-%20Extra%20Online&c7=https%3A%2F%2Fextra.globo.com%2F&c9=

Request Chain 133

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1644883918678&ns_c=UTF-8&cv=3.5&c8=Extra%20-%20Extra%20Online&c7=https%3A%2F%2Fextra.globo.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1644883918678&ns_c=UTF-8&cv=3.5&c8=Extra%20-%20Extra%20Online&c7=https%3A%2F%2Fextra.globo.com%2F&c9=

Request Chain 211

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=e41ce651-8df3-11ec-ae7a-132476d60106 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e41ce613-8df3-11ec-ae7a-132476d60106&orig=video&us_privacy=1---gdpr=1&

Request Chain 213

https://cms.quantserve.com/pixel/p-FyWrHAMskJyru.gif?idmatch=0&us_privacy=1---&gdpr=1&&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fquantcastrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=p7KmafTm9W28t_Q497K7PKXj8Dq8uaJr8rl-IfTd

Request Chain 217

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=e420b4b9-8df3-11ec-a7ba-1e5bf6c20306 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e420b462-8df3-11ec-a7ba-1e5bf6c20306&orig=video&us_privacy=1---gdpr=1&

Request Chain 221

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=e4218671-8df3-11ec-b829-1a7ccaea0506 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e4218b71-8df3-11ec-a7f9-1ee5b9e10106&orig=video&us_privacy=1---gdpr=1&

Request Chain 224

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=e4218bab-8df3-11ec-a7f9-1ee5b9e10106 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e4218b71-8df3-11ec-a7f9-1ee5b9e10106&orig=video&us_privacy=1---gdpr=1&

Request Chain 226

https://usermatch.krxd.net/um/v2?partner=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3FiZnNyV1E HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESELWMMXNsXwrrqzJQSUbTExA&google_cver=1

Request Chain 227

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3FiZnNyV1E HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESELWMMXNsXwrrqzJQSUbTExA&google_cver=1

Request Chain 228

https://stags.bluekai.com/site/26357?id=OqbfsrWQ&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOqbfsrWQ%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID HTTP 302
https://beacon.krxd.net/usermatch.gif?_kuid=OqbfsrWQ&partner=bluekai&bk_uuid=$_BK_UUID

Request Chain 229

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://gum.criteo.com/sync?s=1&c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=GBhRMnFh8-_gU4LExiYCQjgLklyzLBqi

Request Chain 231

https://dpm.demdex.net/ibs:dpid=66757&&dpuuid=OqbfsrWQ&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=66757&&dpuuid=OqbfsrWQ&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=57808780047675104912170905254055227753

Request Chain 232

https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID HTTP 302
https://beacon.krxd.net/usermatch.gif?adnxs_uid=5297640074662591712

Request Chain 236

https://usermatch.krxd.net/um/v2?partner=sitescout HTTP 302
https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=OqbfsrWQ&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID

Request Chain 237

https://usermatch.krxd.net/um/v2?partner=verizon HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=KRUX&_hosted_id=OqbfsrWQ HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-Wq9sV1ZE2psJM_Png.g1U8rmsp3GsZjW5g--~A

Request Chain 238

https://usermatch.krxd.net/um/v2?partner=navegg HTTP 302
https://sync.navdmp.com/sync?prtid=30&salid=OqbfsrWQ

Request Chain 239

https://sync.1rx.io/usersync/krux/OqbfsrWQ?dspret=1&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync/krux/OqbfsrWQ?zcc=1&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3D%5BRX_UUID%5D&cb=1644883918706 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-8bb6f815-b49b-498d-8683-23236d317373-003?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3DRX-8bb6f815-b49b-498d-8683-23236d317373-003 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=RX-8bb6f815-b49b-498d-8683-23236d317373-003

Request Chain 249

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 255

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e4218b71-8df3-11ec-a7f9-1ee5b9e10106&orig=video&us_privacy=1---gdpr=1&

Request Chain 284

https://token.rubiconproject.com/token?pid=26594&gdpr=1&us_privacy=1--- HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZNDEYD0-1R-1G0K&sigv=1&esig=2~dcea0bd13c5874ac67dbfbb1da847b897f68cec6&gdpr=1&us_privacy=1---

Request Chain 285

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEEE4QMDsLw_xEdG2obdjlxM&google_cver=1

Request Chain 286

https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pOREVZRDAtMVItMUcwSw==&gdpr=1&us_privacy=1---

Request Chain 287

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDdjNWFjYmJjZWRjN2U3MmU1MmQyNzgxMGY5MWZjY2ExMGYzZTQ0OQ&gdpr=1&us_privacy=1---

Request Chain 291

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/RPpwGsjgPbI2Gl5El5sgdsn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2390054394047842176

Request Chain 343

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent

Request Chain 346

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=654785591.98025971614062617.3145751 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=654785591.98025971614062617.3145751 HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dvidoomy%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dvidoomy%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=7c31c089-5361-512e-a190-7dfdc39a9232&ssp=vidoomy&expires=30&user_group=1 HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=ea93dafe-48d2-41c5-9bce-5f6bb33d5086

Request Chain 376

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2937059457525651769

Request Chain 381

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3009117051563579705

Request Chain 429

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3009117051563579705

Request Chain 502

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBodwxkvdg-HheaVkrBaJVc&google_cver=1&google_push=AYg5qPJXwyaBy2B6mwVAm1Qc_9Bv72AOCFkDlpxkhtpYzYbU3EB2chz_Us2b4kD8eihQKq1atRlwm1A7jq4gqkyxYKrNh6HPbmbH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJXwyaBy2B6mwVAm1Qc_9Bv72AOCFkDlpxkhtpYzYbU3EB2chz_Us2b4kD8eihQKq1atRlwm1A7jq4gqkyxYKrNh6HPbmbH

Request Chain 503

https://a.tribalfusion.com/i.match?p=b6&u=CAESEO1jFmfcX5Zb-Ee7kkSIYqA&google_cver=1&google_push=AYg5qPLHTAqq2ztKcgOTGqNbMJxPG8FaiU8ZBGzQCbRaox2C8ahoyAb-9yPryH-yZuIymOY0iuiCavNdxI_uUUCk-sIjm6lfsWQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLHTAqq2ztKcgOTGqNbMJxPG8FaiU8ZBGzQCbRaox2C8ahoyAb-9yPryH-yZuIymOY0iuiCavNdxI_uUUCk-sIjm6lfsWQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEO1jFmfcX5Zb-Ee7kkSIYqA&google_cver=1&google_push=AYg5qPLHTAqq2ztKcgOTGqNbMJxPG8FaiU8ZBGzQCbRaox2C8ahoyAb-9yPryH-yZuIymOY0iuiCavNdxI_uUUCk-sIjm6lfsWQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLHTAqq2ztKcgOTGqNbMJxPG8FaiU8ZBGzQCbRaox2C8ahoyAb-9yPryH-yZuIymOY0iuiCavNdxI_uUUCk-sIjm6lfsWQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 506

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBhXeBEl6jlZnNjLnVLUlV8&google_cver=1&google_push=AYg5qPLxLP2DaaTFdGRo4--1qAz93H_DQWECk7g94F1HPIdcVqzt_p28a-PoZniMrX0izbj8bHtJ7i5ONMQe9jue64JhGAXnyFuf HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLxLP2DaaTFdGRo4--1qAz93H_DQWECk7g94F1HPIdcVqzt_p28a-PoZniMrX0izbj8bHtJ7i5ONMQe9jue64JhGAXnyFuf&google_hm=3HarF-cxRauFMOoPl_0afts

Request Chain 507

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAq2uwVknZP4OJyL8jCVmNg&google_cver=1&google_push=AYg5qPI-WRi7wpCLCwQEInrl2A3scxp69ZkRNW4FAQbyFRKxbSY6Bbd4YniaheI6UGz9ZDTXsCMP6ho35JODWwzygFnCfOJQqjI HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=5c8cb361-38c2-4181-af8b-1f321d484a46&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPI-WRi7wpCLCwQEInrl2A3scxp69ZkRNW4FAQbyFRKxbSY6Bbd4YniaheI6UGz9ZDTXsCMP6ho35JODWwzygFnCfOJQqjI&google_hm=6pPa_kjSQcWbzl9rsz1Qhg==

Request Chain 508

https://onetag-sys.com/sync/i,19/?google_gid=CAESEKZu0l2xmS7OBKVO_o4REPM&google_cver=1&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw

Request Chain 525

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3009117051563579705

Request Chain 559

https://gum.criteo.com/sid/json?origin=publishertag&domain=globo.com&sn=ChromeSyncframe&so=0&topUrl=extra.globo.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=VCL8cXxqRDk4dHFIVDZiUG5vQnhGQ3ZZVjl1K1YyanNDRDk3dy9oUjJLLzlJQ3dqbzlnMk5PVlluQjMzS3BKSCt1L2hlNWxuUVQ3R0c3blRGUnAxNEp0TXYyRDdWYWlLZWRieHhxcXJ0MXErVHluQmhVbGs3cW41QktJQzY0alBMaXM0Zm5Denlqc0t0elFXUE1jMlM2TXVNSjNjcGptMWRMOU9VSjR5T3N3TkdvVnBDa2Z1MXM3WEJJRTByUklyWjBQUnJvQjM3VktTMzNETWtZQklOWllmaXlyUlJqSkp4dVdFb05NSmZJb0V1UFpsMXVvelVPN3o0ZkRETGtybThJclAyZzJaMW5PR25FREZoRnZhZmZ2Q3E2QT09fA&cppv=2

Request Chain 582

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3009117051563579705

Request Chain 618

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3009117051563579705

Request Chain 644

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3009117051563579705

Request Chain 666

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3009117051563579705

Request Chain 686

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a4b2620a-efd1-4400-8839-2fc4704d3e05&gdpr=0&gdpr_consent=

Request Chain 689

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aPxJpzMZSu21SRP1k2K8Hw%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 692

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjhGQzQ5QTctMzMxOS00QUVELUI1NDktMTNGNTkzNjJCQzFG&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 693

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEh6f6SB3hGkTS-xKwW_ogY&google_cver=1

Request Chain 696

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=

Request Chain 697

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5297640074662591712&gdpr=0&gdpr_consent=

679 HTTP transactions
21 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
extra.globo.com/ 80 KB
21 KB 899ms
221ms Document
text/html 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

effd013d5352af7961d7f899d8587483e110ba92d9d18011670af2154b8af30b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9

Response headers

Date: Tue, 15 Feb 2022 00:10:30 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
X-Frame-Options: SAMEORIGIN
Expires: 1644883839827
X-Mod-Pagespeed: Powered By mod_pagespeed
Vary: Origin,Accept-Encoding
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 20332
Content-Type: text/html;charset=UTF-8
cache-control: max-age=10
Age: 83
grace: none
X-Cache: HIT
X-Cache-Hits: 27
Accept-Ranges: bytes
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 107ms
35ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20e444ad9afddbb840d085e8d74dd17b33ff9b4aa2e1810b0bbbdf7931e2f415

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27173
x-xss-protection: 0
server: sffe
etag: "1132 / 693 of 1000 / last-modified: 1644879984"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 15 Feb 2022 00:11:54 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/globo/infoglobo.extra/prod/ 71 KB
18 KB 156ms
31ms Script
application/x-javascript 2.21.140.252
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/infoglobo.extra/prod/utag.js
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.252 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-252.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a578fbc06c61f5ade483e992d56722405b0b4710bb2355a1e106574387c04218

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:54 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 19:38:25 GMT
server: AkamaiNetStorage
etag: "2150f8050c2b8f512a36ff84f706ba52:1643225905.734225"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 18161
expires: Tue, 15 Feb 2022 00:16:54 GMT

GET
H2 200 barra-globocom.min.css
barra.globo.com/gl/ba/oidcprodutos/css/ 22 KB
5 KB 928ms
232ms Stylesheet
text/css 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://barra.globo.com/gl/ba/oidcprodutos/css/barra-globocom.min.css

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

80acaa612f6721bd37904db3abe8bcff9d81d6c632abfffb444eb40b08eb0ab5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 161436870 ra09 20 06
age: 270269
content-length: 5117
x-xss-protection: 1; mode=block
x-request-id: 4662f7a0-3b80-4229-b74a-f656bca414fc
last-modified: Wed, 10 Nov 2021 20:45:45 GMT
x-thanos: 0AB4D019
etag: W/"618c2f79-588d"
vary: Accept-Encoding, Origin
content-type: text/css
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Fri, 18 Feb 2022 21:07:26 GMT

GET
H/1.1 200
OK default.css
exstatic.infoglobo.com.br/skins/17/extra/css/ 222 KB
33 KB 1068ms
213ms Stylesheet
text/css 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://exstatic.infoglobo.com.br/skins/17/extra/css/default.css

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

d6cc3400d8dec229b81917d70b6fa96479c74954507f586e543bc07a046139e0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 10 May 2021 13:03:40 GMT
Content-Encoding: gzip
Age: 24232094
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 33331
Last-Modified: Wed, 05 May 2021 20:02:40 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a05eff14-3788f-5c19aad4a3800"
Vary: Accept-Encoding,Origin
Content-Type: text/css
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 1493796

GET
H/1.1 200
OK home1.css
exstatic.infoglobo.com.br/skins/17/extra/css/ 50 KB
8 KB 1070ms
214ms Stylesheet
text/css 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://exstatic.infoglobo.com.br/skins/17/extra/css/home1.css

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

644ecedff31971d99d2f3c2fe9764cc2c8f384d80c3ce85d338befdc44b7f005

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 17:04:49 GMT
Content-Encoding: gzip
Age: 1235214
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 7860
Last-Modified: Wed, 24 Nov 2021 13:01:00 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a04a4c24-c87d-5d1887313fb00"
Vary: Accept-Encoding,Origin
Content-Type: text/css
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 42463

GET
H/1.1 200
OK home2.css
exstatic.infoglobo.com.br/skins/17/extra/css/ 52 KB
8 KB 1069ms
213ms Stylesheet
text/css 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://exstatic.infoglobo.com.br/skins/17/extra/css/home2.css

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

047f4b80778b50133f76c6292e8f4fc0b22e32ac73279c02569f387de5b2ffd8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 17:05:18 GMT
Content-Encoding: gzip
Age: 1235196
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 7899
Last-Modified: Wed, 24 Nov 2021 13:01:00 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a03def98-d16d-5d1887313fb00"
Vary: Accept-Encoding,Origin
Content-Type: text/css
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 39896

GET
H/1.1 200
OK bannerFixo.css
exstatic.infoglobo.com.br/skins/17/extra/css/ 1 KB
1 KB 1071ms
214ms Stylesheet
text/css 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://exstatic.infoglobo.com.br/skins/17/extra/css/bannerFixo.css

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

1773c5f9c3e6b362bf45f1e5243df9979a14fd353d60e3152c0611caf2539be6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 10 May 2021 13:04:05 GMT
Content-Encoding: gzip
Age: 24232069
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 596
Last-Modified: Wed, 05 May 2021 19:36:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a042209b-568-5c19a506d0680"
Vary: Accept-Encoding,Origin
Content-Type: text/css
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 3562520

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 91 KB
34 KB 100ms
26ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 16:59:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 544315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33593
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Feb 2023 16:59:59 GMT

GET
H/1.1 200
OK autenticacao.js Show response
extra.globo.com/plataforma/js/17/minificados/cadastro/ 5 KB
3 KB 657ms
222ms Script
text/javascript 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://extra.globo.com/plataforma/js/17/minificados/cadastro/autenticacao.js

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

0b57ae004a5c9c85e175d027c7a2f15c2a0fd6dd39bb538fd1230119511544aa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 10 May 2021 13:12:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 24231573
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 1714
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 18 Dec 2020 15:27:58 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: W/"5272-1608305278000-gzip"
Vary: Origin,Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Access-Control-Allow-Credentials: true
X-Cache-Hits: 3886829

GET
H/1.1 200
OK authentication.js Show response
exstatic.infoglobo.com.br/resources/17/js/lib/extra/ 3 KB
2 KB 1288ms
215ms Script
text/javascript 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://exstatic.infoglobo.com.br/resources/17/js/lib/extra/authentication.js

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

0b72ce6cc810d00c166683b78509bf8db43bfb9c029e6e422dba2afaa7f46070

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 10 May 2021 13:37:17 GMT
Content-Encoding: gzip
Age: 24230077
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 1084
Last-Modified: Wed, 05 May 2021 19:36:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a0331b5c-cd5-5c19a506d0680-gzip"
Vary: Origin,Accept-Encoding
Content-Type: text/javascript
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 3580471

GET
H/1.1 200
OK home.js Show response
exstatic.infoglobo.com.br/resources/17/js/ 257 KB
75 KB 1335ms
233ms Script
text/javascript 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://exstatic.infoglobo.com.br/resources/17/js/home.js

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

50f604549569cdbb9d0ef6efe3c80763cf10da13a8057f2019d7294b6316dab7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 10 May 2021 13:14:38 GMT
Content-Encoding: gzip
Age: 24231426
grace: none
Transfer-Encoding: chunked
X-Cache: HIT
Connection: Keep-Alive
Last-Modified: Wed, 05 May 2021 20:02:32 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a011506b-40434-5c19aacd02600-gzip"
Vary: Origin,Accept-Encoding
Content-Type: text/javascript
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 204032

GET
H/1.1 200
OK faleComExtra.min.js Show response
exstatic.infoglobo.com.br/resources/17/js/lib/extra/ 2 KB
1 KB 1494ms
213ms Script
text/javascript 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://exstatic.infoglobo.com.br/resources/17/js/lib/extra/faleComExtra.min.js

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

b8f4d4892c4fed1039c11588538ab82255efbec8edede06819adbaecb2d46260

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 17:04:42 GMT
Content-Encoding: gzip
Age: 1235233
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 649
Last-Modified: Wed, 24 Nov 2021 12:43:26 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a05e03cb-62b-5d18834413780-gzip"
Vary: Origin,Accept-Encoding
Content-Type: text/javascript
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 316070

GET
H/1.1 200
OK infg_id_globoid.js Show response
extra.globo.com/plataforma/js/9876543210/minificados/autenticacao/ 7 KB
3 KB 651ms
218ms Script
text/javascript 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://extra.globo.com/plataforma/js/9876543210/minificados/autenticacao/infg_id_globoid.js

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

20db0c3bf43a575df4a5994bd255ba98995de504caf4e42bf69c4099322c570d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 16 Feb 2021 18:54:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 31382246
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 2567
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 18 Dec 2020 15:27:58 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: W/"7107-1608305278000-gzip"
Vary: Origin,Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Access-Control-Allow-Credentials: true
X-Cache-Hits: 4143976

GET
H/1.1 200
OK advertising.js Show response
exstatic.infoglobo.com.br/resources/17/js/lib/extra/ 8 KB
3 KB 216ms
214ms Script
text/javascript 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://exstatic.infoglobo.com.br/resources/17/js/lib/extra/advertising.js

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

a69ab5b5ab040c2b35c3f72bb7b54ec72ab2ecb6cb8d8958b760c57647a7ab17

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 10 May 2021 13:03:55 GMT
Content-Encoding: gzip
Age: 24232080
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 2089
Last-Modified: Wed, 05 May 2021 19:36:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a041c443-1e00-5c19a506d0680-gzip"
Vary: Origin,Accept-Encoding
Content-Type: text/javascript
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
X-Cache-Hits: 3535483

GET
H2 200 lgpd-lib.min.css
s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/ 11 KB
2 KB 1135ms
662ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/lgpd-lib.min.css
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 2e53bbdf41db08d5017462fe9963a8ee505c7a8ff83756c5217635019a076465

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:54 GMT
content-encoding: gzip
x-openstack-request-id: tx31c9277932c44be3b96ee-00620a9694
last-modified: Wed, 24 Feb 2021 17:18:00 GMT
x-thanos: 0AB54008
vary: Accept-Encoding, Origin
content-type: text/css; charset=utf-8
x-timestamp: 1614187079.15655
cache-control: public, max-age=86400
x-trans-id: tx31c9277932c44be3b96ee-00620a9694
x-request-id: 41953d69-0519-4316-b002-7113b1d3e142

GET
H2 200 lgpd-lib.min.js Show response
s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/ 46 KB
15 KB 907ms
434ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/lgpd-lib.min.js
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 655e8547a0f057f68c1a3bbe78d65bcdaee6bc402814d11e3b6fc1da6e0d9dfc

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:54 GMT
content-encoding: gzip
x-openstack-request-id: tx3deb5a42a1774c3889ba6-00620a9694
last-modified: Wed, 24 Feb 2021 17:18:00 GMT
x-thanos: 0AB54008
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
x-timestamp: 1614187079.14110
cache-control: public, max-age=86400
x-trans-id: tx3deb5a42a1774c3889ba6-00620a9694
x-request-id: cd026b41-070c-4b09-aed1-c81c455cac3f

GET
H2 200 audima-widget.js Show response
audio10.audima.co/ 213 KB
78 KB 86ms
34ms Script
application/javascript 2606:4700:3034::ac43:de16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://audio10.audima.co/audima-widget.js

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:de16 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c835fab53e6d9c9ec7637b860a5a05ae7b604014d87161702477be2ae917134b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11841
cf-polished: origSize=218570
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Fri, 03 Dec 2021 12:58:29 GMT
server: cloudflare
etag: W/"61aa1475-355ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KGBkw%2FRR0EkSuPRJxD0zYfab9K9CpauAydsgZHRB%2F6nCowXafh4VcQ5iQPtICKfQAQb5XmfyxVCLZFv9iYgJi9OaXyMs63KwHqkhUBWoUJULbfXtTfnYbX9uqL%2FXdSe2lGZZdCiy5VQM0KR7WZgVMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 6dda5250f8ec83be-MXP
expires: Tue, 15 Feb 2022 00:54:33 GMT

GET
H/1.1 200
OK onesignal.js Show response
exstatic.infoglobo.com.br/resources/17/js/lib/onesignal/ 624 B
825 B 216ms
213ms Script
text/javascript 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://exstatic.infoglobo.com.br/resources/17/js/lib/onesignal/onesignal.js

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

86498a53a171d82af5396d9b1d876c54fbd6499e2950db68d7063c77818bd84e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 10 May 2021 13:06:25 GMT
Content-Encoding: gzip
Age: 24231920
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 316
Last-Modified: Wed, 05 May 2021 19:36:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a04b2f42-270-5c19a506d0680-gzip"
Vary: Origin,Accept-Encoding
Content-Type: text/javascript
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
X-Cache-Hits: 3501603

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 99ms
34ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700,800,300

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8f8f440e937b4fc6c59e6c142ea67c8e9de41199d4dd6616bc41e29e6be32302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 00:03:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 00:11:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 00:11:54 GMT

GET
H/1.1 200
OK redesocial.css
exstatic.infoglobo.com.br/skins/17/extra/css/ 2 KB
983 B 1066ms
214ms Stylesheet
text/css 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://exstatic.infoglobo.com.br/skins/17/extra/css/redesocial.css

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

8dfa4de3b7dcfc957b41b5633b661a5a2d95725650998b0459028d75cd2b1a81

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 10 May 2021 13:03:53 GMT
Content-Encoding: gzip
Age: 24232081
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 486
Last-Modified: Wed, 05 May 2021 19:36:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a03e17f2-6b7-5c19a506d0680"
Vary: Accept-Encoding,Origin
Content-Type: text/css
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 183937

GET
H/1.1 200
OK box-expub-slider.css
exstatic.infoglobo.com.br/skins/17/extra/css/ 4 KB
2 KB 1095ms
223ms Stylesheet
text/css 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://exstatic.infoglobo.com.br/skins/17/extra/css/box-expub-slider.css

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

bddeda6eed39861de64ef163c6daceb9c9a13f73eec2cc1a7658fa05256fe8a6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 10 May 2021 14:04:34 GMT
Content-Encoding: gzip
Age: 24228441
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 1070
Last-Modified: Wed, 05 May 2021 19:36:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a0530621-e14-5c19a506d0680"
Vary: Accept-Encoding,Origin
Content-Type: text/css
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 2479532

GET
H/1.1 200
OK floatBarHome.min.css
exstatic.infoglobo.com.br/skins/17/extra/css/ 13 KB
3 KB 1281ms
214ms Stylesheet
text/css 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://exstatic.infoglobo.com.br/skins/17/extra/css/floatBarHome.min.css

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

856f9194b41c13219d5356d4bbf9d21ef5f1ba4d6105f71421219ff03e2d3896

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 10 May 2021 13:10:16 GMT
Content-Encoding: gzip
Age: 24231698
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 2411
Last-Modified: Wed, 05 May 2021 19:59:10 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a050bb7a-33f1-5c19aa0c5df80"
Vary: Accept-Encoding,Origin
Content-Type: text/css
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 198553

GET
H/1.1 200
OK lazyload.js Show response
exstatic.infoglobo.com.br/resources/17/js/lib/jquery/ 3 KB
1 KB 1491ms
215ms Script
text/javascript 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://exstatic.infoglobo.com.br/resources/17/js/lib/jquery/lazyload.js

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

87c98a363948b044a8833d283adac6ee4f0f3332795648dcb9c3031311656ab6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 17:04:45 GMT
Content-Encoding: gzip
Age: 1235219
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 845
Last-Modified: Wed, 24 Nov 2021 12:33:48 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a063740f-bc8-5d18811cda300-gzip"
Vary: Origin,Accept-Encoding
Content-Type: text/javascript
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 329871

GET
H/1.1 200
OK whatsapp-image-2022-02-14-at-20.22.03.jpeg.jpg
extra.globo.com/incoming/25394462-750-f16/w162h91-PROP/ 7 KB
7 KB 220ms
217ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/incoming/25394462-750-f16/w162h91-PROP/whatsapp-image-2022-02-14-at-20.22.03.jpeg.jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

18dff4acc86a374e0002ffda0a42af11e6697cb7f740d569710fc3e1d8f002a6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 00:01:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 642
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 6629
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 15 Feb 2022 00:01:04 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "20368b5e-1a67-5d8033aaf8a10-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Access-Control-Allow-Credentials: true
X-Cache-Hits: 164

GET
H/1.1 200
OK blog_coluna_lesbians.jpg
extra.globo.com/incoming/25392709-990-c48/w311h175-PROP/ 16 KB
17 KB 224ms
221ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/incoming/25392709-990-c48/w311h175-PROP/blog_coluna_lesbians.jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

e496ae5b92e84030296f7ba7f50abcb6c8eee50e6d73d57b366c9af7ae24f021

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 14:09:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 36171
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 15927
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 14 Feb 2022 14:00:57 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "2013c76b-3eb3-5d7fad87cc1f2-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Access-Control-Allow-Credentials: true
X-Cache-Hits: 8426

GET
H/1.1 200
OK 89419363_ec-brasilia-bsb-02-09-2020-primeiros-brasileiros-a-pegarem-a-nota-de-r200-no-banco-central-(1).jpg
extra.globo.com/incoming/25394265-751-09e/w162h91-PROP/ 5 KB
6 KB 225ms
221ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/incoming/25394265-751-09e/w162h91-PROP/89419363_ec-brasilia-bsb-02-09-2020-primeiros-brasileiros-a-pegarem-a-nota-de-r200-no-banco-central-(1).jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

7f2242c22ec069442144eb4efb3ad4ce5736c725f029f8e8aba8a9d49997a77b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 22:22:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 6546
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 5267
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 14 Feb 2022 22:22:48 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "c00e9ef1-150d-5d801db3c5a95-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Access-Control-Allow-Credentials: true
X-Cache-Hits: 2247

GET
H/1.1 200
OK 96908355-(1).jpg
extra.globo.com/incoming/25392969-48e-9de/w311h175-PROP/ 11 KB
12 KB 1334ms
222ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/incoming/25392969-48e-9de/w311h175-PROP/96908355-(1).jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

e5977c97e6678cfb902fd20e94ef82277bfca3adf01033e36cc637d87d3508d5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 07:05:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 61557
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 11291
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 14 Feb 2022 07:03:56 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a05d87ff-2cd3-5d7f50519e7e3-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Access-Control-Allow-Credentials: true
X-Cache-Hits: 7905

GET
H/1.1 200
OK emprego.jpg
extra.globo.com/incoming/25357111-b5f-aab/w162h91-PROP/ 8 KB
9 KB 1313ms
222ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/incoming/25357111-b5f-aab/w162h91-PROP/emprego.jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

c4cfc8c173a3c9dd6c3a92d43f0431722fd4b769e55738dcdd62a3cecba77759

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 16:36:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 1582505
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 7840
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg;charset=UTF-8
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Access-Control-Allow-Credentials: true
X-Cache-Hits: 14994

GET
H/1.1 200
OK emprego.jpg
extra.globo.com/incoming/25357111-b5f-aab/w311h175-PROP/ 22 KB
22 KB 217ms
215ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/incoming/25357111-b5f-aab/w311h175-PROP/emprego.jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

9c4d022627823956b931e896ae6a1f5ab473e0baf004d86b0e11f54741f5511c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 15:14:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 1069021
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 22009
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 02 Feb 2022 01:23:18 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "20133e62-567e-5d6fedccd5385-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Access-Control-Allow-Credentials: true
X-Cache-Hits: 2239

GET
H/1.1 200
OK atropelamento-sp.png
extra.globo.com/incoming/25394267-15d-ab5/w162h91-PROP/ 4 KB
5 KB 219ms
217ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/incoming/25394267-15d-ab5/w162h91-PROP/atropelamento-sp.png

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

ddbd714edcd19144a883043713db8f2af50b0da17c7c7146a8116a7032a44e09

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 22:24:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 6450
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 4291
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg;charset=UTF-8
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Access-Control-Allow-Credentials: true
X-Cache-Hits: 2155

GET
H/1.1 200
OK whatsapp-image-2022-02-14-at-14.36.38.jpeg.jpg
extra.globo.com/incoming/25393667-4de-c8d/w311h175-PROP/ 18 KB
19 KB 240ms
234ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/incoming/25393667-4de-c8d/w311h175-PROP/whatsapp-image-2022-02-14-at-14.36.38.jpeg.jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

4f33a2fd92fec2a10581e4df84373cc181b49d4456229fb196759586124eee61

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 17:55:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 22561
grace: none
X-Cache: HIT
Connection: close
Content-Length: 18708
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 14 Feb 2022 17:54:58 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "2028a721-4998-5d7fe1d6c98a3-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
X-Cache-Hits: 632

GET
H/1.1 200
OK whatsapp-image-2022-02-14-at-16.31.23.jpeg.jpg
extra.globo.com/incoming/25393957-782-4b5/w162h91-PROP/ 9 KB
10 KB 243ms
240ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/incoming/25393957-782-4b5/w162h91-PROP/whatsapp-image-2022-02-14-at-16.31.23.jpeg.jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

8b3faec356f0d99f691ad25edb70aef85e0e3be7bfadcd0d8e50e39210e70f30

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 19:50:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 15665
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 8948
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 14 Feb 2022 19:50:44 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "2055868e-2377-5d7ffbb63135c-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Access-Control-Allow-Credentials: true
X-Cache-Hits: 7839

GET
H/1.1 200
OK romont.jpg
extra.globo.com/incoming/25392787-a2c-90d/w311h175-PROP/ 22 KB
23 KB 220ms
218ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/incoming/25392787-a2c-90d/w311h175-PROP/romont.jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

233e921956b99360d6568c241bcb779410984ac60ffef4f77e6e5de1d3ace214

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 07:34:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 59861
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 22244
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 14 Feb 2022 07:25:40 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "183b1c-5770-5d7f552d9381f-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Access-Control-Allow-Credentials: true
X-Cache-Hits: 23596

GET
H/1.1 200
OK larissa1.jpg
extra.globo.com/incoming/25394322-0ca-803/w162h91-PROP/ 7 KB
8 KB 217ms
216ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/incoming/25394322-0ca-803/w162h91-PROP/larissa1.jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

c9c6e1a2c847dc94240d8016c6e3666c353451d0f2fec3d3116da0dbcf865c98

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 22:47:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 5040
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 7535
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg;charset=UTF-8
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Access-Control-Allow-Credentials: true
X-Cache-Hits: 1716

GET
H/1.1 200
OK barbara-e-natalia-bbb22.jpg
extra.globo.com/incoming/25393529-f4e-975/w311h175-PROP/ 22 KB
23 KB 224ms
223ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/incoming/25393529-f4e-975/w311h175-PROP/barbara-e-natalia-bbb22.jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

a09c055e0b2ef8c90559862b13e7d70219249737204f75e55282dc39d460f102

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 16:45:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 26805
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 22242
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 14 Feb 2022 16:42:08 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "2051ff01-577b-5d7fd18f1fd00-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Access-Control-Allow-Credentials: true
X-Cache-Hits: 13144

GET
H/1.1 200
OK luana-piovani-pedro-scooby-4.jpg
extra.globo.com/incoming/24395832-96e-9a9/w162h91-PROP/ 9 KB
10 KB 216ms
214ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/incoming/24395832-96e-9a9/w162h91-PROP/luana-piovani-pedro-scooby-4.jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

5330f2e4ab5ac4e9445610fdd6a0ab2db06ce3bb2a49e342e95287fa60b1063d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 13 Feb 2022 14:06:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 122740
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 9108
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg;charset=UTF-8
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Access-Control-Allow-Credentials: true
X-Cache-Hits: 10903

GET
H/1.1 200
OK nazista-tatuagem.png
extra.globo.com/incoming/25394168-132-d63/w162h91-PROP/ 4 KB
5 KB 217ms
216ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/incoming/25394168-132-d63/w162h91-PROP/nazista-tatuagem.png

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

d298bcf171dc0959d5d9b6267b587e47d162cdb65d366d602ce66b90bbadfbfa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 21:26:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 9948
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 4185
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg;charset=UTF-8
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Access-Control-Allow-Credentials: true
X-Cache-Hits: 3746

GET
H/1.1 200
OK 51711285606_a19c21b1f7_c.jpg
extra.globo.com/incoming/25296817-93f-8e5/w311h175-PROP/ 17 KB
18 KB 357ms
214ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/incoming/25296817-93f-8e5/w311h175-PROP/51711285606_a19c21b1f7_c.jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

57b9a1290cd85e21cf7ca71a6169fa035536414e753de37fedcab72e404da215

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 19:51:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 1225215
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 17575
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sun, 30 Jan 2022 18:08:05 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "3cc5f9-4527-5d6d08ca97767-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Access-Control-Allow-Credentials: true
X-Cache-Hits: 288686

GET
H/1.1 200
OK 41787113_ni-02-07-2015churrascaria-mocellin..jpg
extra.globo.com/incoming/25394157-b48-cf2/w311h175-PROP/ 18 KB
18 KB 818ms
221ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/incoming/25394157-b48-cf2/w311h175-PROP/41787113_ni-02-07-2015churrascaria-mocellin..jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

183790ae96e81ec821dc7ded85858069502208bc137ce1648f1de7780a9f34d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 21:32:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 9595
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 17886
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 14 Feb 2022 21:17:39 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "201bbe18-465f-5d800f23de9d7-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Access-Control-Allow-Credentials: true
X-Cache-Hits: 708

GET
H/1.1 200
OK 93314741_esrio-de-janeiro-rj-11062021treino-do-flamengono-ninho-dourubu-thiago-ma.jpg
extra.globo.com/incoming/25333031-4e4-66c/w311h175-PROP/ 12 KB
13 KB 676ms
222ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/incoming/25333031-4e4-66c/w311h175-PROP/93314741_esrio-de-janeiro-rj-11062021treino-do-flamengono-ninho-dourubu-thiago-ma.jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

51a3447e113178d51c5d558d4318de5b7920458a75a266cb5d7883d75a42fdf4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 20:31:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 13197
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 12099
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 14 Feb 2022 18:03:19 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "c00d8f05-2fc4-5d7fe3b434294-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Access-Control-Allow-Credentials: true
X-Cache-Hits: 957

GET
H/1.1 200
OK natalia-barbara-bbb-22-1.jpg
extra.globo.com/incoming/25393301-a42-b23/w162h91-PROP/ 5 KB
6 KB 611ms
216ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/incoming/25393301-a42-b23/w162h91-PROP/natalia-barbara-bbb-22-1.jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

8024e0a2f4812c750d9997845dcffc605f72a01cd7efae7d55e5e14bd4b677c9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 13:56:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 36918
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 5437
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg;charset=UTF-8
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Access-Control-Allow-Credentials: true
X-Cache-Hits: 4672

GET
H/1.1 200
OK whatsapp-image-2022-02-14-at-00.47.50.jpeg.jpg
extra.globo.com/incoming/25393052-318-7b6/w162h91-PROP/ 7 KB
8 KB 819ms
221ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/incoming/25393052-318-7b6/w162h91-PROP/whatsapp-image-2022-02-14-at-00.47.50.jpeg.jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

2a2776d37e0335fd99109250f480a88f5c1675f7fd7a84dd37156fd1d4398d8b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 03:50:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 73277
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 7358
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 14 Feb 2022 03:50:29 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: W/"204a762f-1d41-5d7f251b2d736-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Access-Control-Allow-Credentials: true
X-Cache-Hits: 13437

GET
H/1.1 200
OK maira-cardi-leo-picon-almoco-1.jpg
extra.globo.com/incoming/25393759-b2b-e9b/w162h91-PROP/ 7 KB
8 KB 597ms
222ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/incoming/25393759-b2b-e9b/w162h91-PROP/maira-cardi-leo-picon-almoco-1.jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

8d5ae1a07a36703682f6423f9455325e6b7ebb7a9bf0a5bd6d3f4ae9397d41fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 18:42:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 19775
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 6721
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 14 Feb 2022 18:42:10 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: W/"2048ff11-1ac1-5d7fec647fe67-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Access-Control-Allow-Credentials: true
X-Cache-Hits: 2939

GET
H/1.1 200
OK gustavo-e-larissa-casa-de-vidro-bbb22.jpg
extra.globo.com/incoming/25389445-e89-42d/w162h91-PROP/ 7 KB
7 KB 595ms
221ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/incoming/25389445-e89-42d/w162h91-PROP/gustavo-e-larissa-casa-de-vidro-bbb22.jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

9969b723406be15997e2af0e4c6787446341bbb6f82dd8e8e18f925db8c49bb1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 02:27:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 337485
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 6684
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 11 Feb 2022 02:26:06 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a042b6c5-1a9e-5d7b4ca01232a-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Access-Control-Allow-Credentials: true
X-Cache-Hits: 9227

GET
H/1.1 200
OK cratera.jpeg.jpg
extra.globo.com/incoming/25393810-c21-d2f/w311h175-PROP/ 26 KB
27 KB 572ms
214ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/incoming/25393810-c21-d2f/w311h175-PROP/cratera.jpeg.jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

d7ee75070c5b7cb8532f6f760c0c4be3d94926d8fd33ed43cd9db2a6eb414850

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 19:03:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 18514
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 26319
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 14 Feb 2022 18:56:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "6018f48e-6751-5d7fef9c6bb48-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Access-Control-Allow-Credentials: true
X-Cache-Hits: 1637

GET
H/1.1 200
OK durval.jpg
extra.globo.com/incoming/25381153-d7a-2de/w311h175-PROP/ 16 KB
17 KB 583ms
217ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/incoming/25381153-d7a-2de/w311h175-PROP/durval.jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

d4fa93451d2405335aa7b3e23912f89892a360884366cc3f9f627bbffaccfdc6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 17:08:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 457423
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 16231
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 09 Feb 2022 17:08:00 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "20111ea6-3fe6-5d798e0367688-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Access-Control-Allow-Credentials: true
X-Cache-Hits: 9412

GET atafona.jpg
extra.globo.com/incoming/25393449-dd1-9d3/w311h175-PROP/ 0
0

GET nazista-tatuagem.png
extra.globo.com/incoming/25394168-132-d63/w311h175-PROP/ 0
0

GET carlinhos-maia-whindersson.jpg
extra.globo.com/incoming/25393378-c1d-550/w162h288/ 0
0

GET mayracardi_71190754_911426155905870_1383116653475152432_n.jpg
extra.globo.com/incoming/24697480-3f0-234/w162h288/ 0
0

GET gazolla.jpg
extra.globo.com/incoming/25393348-f01-4d6/w162h288/ 0
0

GET whatsapp-image-2022-02-14-at-15.36.14.jpeg.jpg
extra.globo.com/incoming/25393776-77f-5e7/w162h288/ 0
0

GET jesus.jpg
extra.globo.com/incoming/25328680-40f-026/w162h91-PROP/ 0
0

GET 97531937_flamengoxnovaiguacu_campeonato-cariocaestadio-raulino-de-oliveira.-foto-paula-reis.jpg
extra.globo.com/incoming/25392939-7e3-768/w162h91-PROP/ 0
0

GET cano-arias-fluminense.jpg
extra.globo.com/incoming/25392819-4f5-bae/w162h91-PROP/ 0
0

GET 97533385_erison-vasco-xbotafogo-pelo-campeonato-carioca-no-estadio-castelao-13-de-fevereiro-de.jpg
extra.globo.com/incoming/25392985-3c2-13d/w162h91-PROP/ 0
0

GET atropelamento-sp.png
extra.globo.com/incoming/25394267-15d-ab5/w311h175-PROP/ 0
0

GET blog_snake.jpg
extra.globo.com/incoming/25391784-4f0-84b/w311h175-PROP/ 0
0

GET
H/1.1 200
OK whatsapp-image-2020-04-24-at-15.50.08.jpeg.jpg
extra.globo.com/incoming/24391872-d2e-36c/w311h175-PROP/ 16 KB
16 KB 1002ms
217ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/incoming/24391872-d2e-36c/w311h175-PROP/whatsapp-image-2020-04-24-at-15.50.08.jpeg.jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

d37e8f6b33553eaf1bc2acf9ceedce689997c09bc373f50d3e4c4deeb1858632

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 16:14:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 31478385
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 15748
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sat, 13 Feb 2021 10:51:45 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "803f409f-3e0d-5bb3589f62f03-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Access-Control-Allow-Credentials: true
X-Cache-Hits: 173864

GET
H/1.1 200
OK simple-slider.js Show response
exstatic.infoglobo.com.br/resources/17/js/lib/jquery/ 7 KB
2 KB 214ms
214ms Script
text/javascript 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://exstatic.infoglobo.com.br/resources/17/js/lib/jquery/simple-slider.js

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

2d06552e1e1ce483dab082cc9a3d0c346fea9e755d2acb768896f280bb4535af

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 10 May 2021 13:03:53 GMT
Content-Encoding: gzip
Age: 24232082
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 2041
Last-Modified: Wed, 05 May 2021 19:36:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a0566a3b-1c10-5c19a506d0680-gzip"
Vary: Origin,Accept-Encoding
Content-Type: text/javascript
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 2545410

GET
H/1.1 200
OK index.js Show response
exstatic.infoglobo.com.br/resources/17/js/lib/widgets/mosaico/ 3 KB
2 KB 213ms
213ms Script
text/javascript 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://exstatic.infoglobo.com.br/resources/17/js/lib/widgets/mosaico/index.js

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

fdfe352eb1e975318a52c9ab617ae7519f8a49c8d067c7ad12fd4d717bfcafb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 10 May 2021 13:03:44 GMT
Content-Encoding: gzip
Age: 24232080
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 1030
Last-Modified: Wed, 05 May 2021 19:36:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a040239c-b8b-5c19a506d0680-gzip"
Vary: Origin,Accept-Encoding
Content-Type: text/javascript
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
X-Cache-Hits: 171256

GET cab.jpg
extra.globo.com/capas-jornal-extra/25393078-ae4-32a/w162h288/ 0
0

GET esp.jpg
extra.globo.com/capas-jornal-extra/25393079-42f-ef0/w162h196/ 0
0

GET thumbnail_share-telinha.jpg
extra.globo.com/incoming/24927088-0a3-d43/w107h60-PROP/ 0
0

GET avatar-gilmar.jpg
extra.globo.com/incoming/5467161-ca8-825/w107h60-PROP/ 0
0

GET avatar-astrodosastros.jpg
extra.globo.com/incoming/5449958-88b-35b/w107h60-PROP/ 0
0

GET tape-services.png
exstatic.infoglobo.com.br/skins/17/extra/images/ 0
0

GET
H/1.1 200
OK maquete133-.jpg
extra.globo.com/incoming/25309577-1f3-304/w294h106-PROP/ 11 KB
12 KB 268ms
217ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/incoming/25309577-1f3-304/w294h106-PROP/maquete133-.jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

7e7129698466da306687b67189fbdf6b59df22969061b5ac65ff5513619c8976

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 21:01:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 5973005
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 11572
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 07 Dec 2021 21:00:53 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "204ac8ad-2dc0-5d294ab448d72-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Access-Control-Allow-Credentials: true
X-Cache-Hits: 168007

GET
H/1.1 200
OK site-extra-grana-extra.png
extra.globo.com/incoming/22349082-7fa-dd9/w294h106-PROP/ 12 KB
13 KB 225ms
216ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/incoming/22349082-7fa-dd9/w294h106-PROP/site-extra-grana-extra.png

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

3b0f7eb108378d6097a8f577b2e8e7fbd3ba9070dbfa5cc1890acd5bb94c103b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 26 Jan 2022 14:26:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 1676757
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 12263
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg;charset=UTF-8
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Access-Control-Allow-Credentials: true
X-Cache-Hits: 56630

GET
H/1.1 200
OK dataStorage.js Show response
exstatic.infoglobo.com.br/resources/17/js/lib/extra/ 12 KB
4 KB 224ms
223ms Script
text/javascript 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://exstatic.infoglobo.com.br/resources/17/js/lib/extra/dataStorage.js

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

90e2b3c01105204bb7a856b983f78677c4af05fcddf22f9cb2e40fabf1cbd67c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 11 May 2021 10:55:21 GMT
Content-Encoding: gzip
Age: 24153381
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 3611
Last-Modified: Wed, 05 May 2021 19:36:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a0537b58-3137-5c19a506d0680-gzip"
Vary: Origin,Accept-Encoding
Content-Type: text/javascript
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
X-Cache-Hits: 3386786

GET
H/1.1 200
OK classie.min.js Show response
exstatic.infoglobo.com.br/resources/17/js/lib/extra/ 615 B
813 B 214ms
213ms Script
text/javascript 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://exstatic.infoglobo.com.br/resources/17/js/lib/extra/classie.min.js

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

9a354e40477f2795b7dfaaff591caf12b81e3c47dff7c1f8d7bf410ecb9fb3bd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 17:04:30 GMT
Content-Encoding: gzip
Age: 1235234
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 307
Last-Modified: Wed, 24 Nov 2021 12:42:18 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a0565990-267-5d18830339e80-gzip"
Vary: Origin,Accept-Encoding
Content-Type: text/javascript
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
X-Cache-Hits: 41840

GET
H/1.1 200
OK floatBarHome.min.js Show response
exstatic.infoglobo.com.br/resources/17/js/lib/extra/ 1 KB
1 KB 214ms
213ms Script
text/javascript 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://exstatic.infoglobo.com.br/resources/17/js/lib/extra/floatBarHome.min.js

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

837b912257262c7d3bf486072e0a69cf0a9b2648682675419c3dc22220df3274

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 17:04:57 GMT
Content-Encoding: gzip
Age: 1235218
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 653
Last-Modified: Wed, 24 Nov 2021 12:43:32 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a059ab71-5f7-5d188349cc500-gzip"
Vary: Origin,Accept-Encoding
Content-Type: text/javascript
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
X-Cache-Hits: 40642

GET vrs.js
vra.outbrain.com/ 0
0

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 107ms
35ms Script
text/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4167
date: Mon, 14 Feb 2022 23:02:29 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Tue, 15 Feb 2022 01:02:29 GMT

GET
H2 200 barra-globocom.min.js Show response
barra.globo.com/gl/ba/oidcprodutos/js/ 48 KB
17 KB 232ms
232ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://barra.globo.com/gl/ba/oidcprodutos/js/barra-globocom.min.js

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

e1371b9b9bd714cb7cdb06d336166927dfd6614714c08a22f4988400d1b34ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 166314773 ra09 20 06
age: 270270
content-length: 17124
x-xss-protection: 1; mode=block
x-request-id: 131e68f8-fc21-428e-ae71-909189391e0a
last-modified: Wed, 09 Sep 2020 18:48:31 GMT
x-thanos: 0AB4D019
etag: W/"5f59237f-c089"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Fri, 18 Feb 2022 21:07:26 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 195 KB
69 KB 103ms
44ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-BDVW

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

106af6c9f34593f93c68111b778867c1a398b86ee2f52818fc281fdca7a4e147

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:56 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69970
x-xss-protection: 0
expires: Tue, 15 Feb 2022 00:11:56 GMT

GET
H2 200 profiling.min.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/profiling/ 93 KB
28 KB 229ms
229ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/profiling/profiling.min.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.extra/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 192d2eb7078526e7974933da14512e5f5d64902e654d1e4ee5b421abbf169a3b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:56 GMT
content-encoding: gzip
x-openstack-request-id: txc7628711849448efa35ce-00620aef24
last-modified: Wed, 12 May 2021 17:50:53 GMT
x-thanos: 0AB54008
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1620841852.71626
cache-control: public, max-age=180
x-trans-id: txc7628711849448efa35ce-00620aef24
x-request-id: 320acbc8-3e88-4650-8794-b5ed0a54cbd7

GET
H2 200 tm13574.js Show response
tag.navdmp.com/ 17 KB
6 KB 68ms
25ms Script
application/javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/tm13574.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.extra/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1acaf1b84c7c6a5a7ae96e4b9cce92c540c0c8ebbb0e56f8ff473917e2e9a72

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 07 Sep 2021 18:45:04 GMT
server: cloudflare
age: 3595
etag: W/"6137b330-4291"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6dda525f685783a8-MXP
content-type: application/javascript
expires: Tue, 15 Feb 2022 00:12:01 GMT

GET
H2 200 horizon-common-hit.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 41 KB
14 KB 447ms
447ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.extra/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: fb4c391be2dd9e927d16789bebea68314f10f75383bc4a7b920e8addfdf3e44c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:56 GMT
content-encoding: gzip
x-openstack-request-id: txbdab14904a874329a3db4-00620ae513
last-modified: Wed, 22 Dec 2021 23:24:10 GMT
x-thanos: 0AB54008
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1640215449.32111
cache-control: max-age=86400
x-trans-id: txbdab14904a874329a3db4-00620ae513
x-request-id: 6b7586c9-5a7d-4a77-908d-4cf86006c579

GET
H2 200 glb-pv-min.js Show response
s.glbimg.com/bu/rt/js/ 2 KB
1 KB 1116ms
450ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/bu/rt/js/glb-pv-min.js?utv=201811011457

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.extra/prod/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 975249340 ra03 11 09
age: 158
content-length: 969
x-xss-protection: 1; mode=block
x-request-id: e96089b7-43a8-4707-8cf3-4911ff4b6faa
last-modified: Mon, 04 Feb 2019 16:44:48 GMT
x-thanos: 0AB1D00F
etag: W/"5c586c00-703"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Tue, 15 Feb 2022 01:09:19 GMT

GET
H/1.1 200
OK bg-news.png
exstatic.infoglobo.com.br/skins/17/extra/images/new-header/ 948 B
1 KB 221ms
213ms Image
image/png 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exstatic.infoglobo.com.br/skins/17/extra/images/new-header/bg-news.png

Requested by

Host: exstatic.infoglobo.com.br
URL: https://exstatic.infoglobo.com.br/skins/17/extra/css/default.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

b66abba8607da6d3edb50be345a38829954b0a9f4644197d0530362d74403cc7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://exstatic.infoglobo.com.br/skins/17/extra/css/default.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 10 May 2021 13:03:43 GMT
Content-Encoding: gzip
Age: 24232082
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 604
Last-Modified: Wed, 05 May 2021 19:36:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a0670846-3b4-5c19a506d0680-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/png
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
X-Cache-Hits: 468580

GET
H/1.1 200
OK logo-sprite-transparent.png
exstatic.infoglobo.com.br/skins/17/extra/images/new-header/ 5 KB
5 KB 407ms
213ms Image
image/png 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exstatic.infoglobo.com.br/skins/17/extra/images/new-header/logo-sprite-transparent.png

Requested by

Host: exstatic.infoglobo.com.br
URL: https://exstatic.infoglobo.com.br/skins/17/extra/css/default.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

cc3306d84d5c0b73b18d09f0bf7dd814a0852c202555a390670c16c445956553

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://exstatic.infoglobo.com.br/skins/17/extra/css/default.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 17:04:32 GMT
Content-Encoding: gzip
Age: 1235233
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 4527
Last-Modified: Wed, 24 Nov 2021 12:33:50 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a0040026-12c2-5d18811ec2780-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/png
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
X-Cache-Hits: 300768

GET
H/1.1 200
OK sprite-assine.png
exstatic.infoglobo.com.br/skins/17/extra/images/ 3 KB
4 KB 406ms
212ms Image
image/png 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exstatic.infoglobo.com.br/skins/17/extra/images/sprite-assine.png

Requested by

Host: exstatic.infoglobo.com.br
URL: https://exstatic.infoglobo.com.br/skins/17/extra/css/default.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

6f1346761a56715aebdbbc3cc3d7c722f856caf12f23468326bd312a424452f9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://exstatic.infoglobo.com.br/skins/17/extra/css/default.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 17:04:42 GMT
Content-Encoding: gzip
Age: 1235234
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 3556
Last-Modified: Wed, 24 Nov 2021 12:33:50 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a044b724-dcd-5d18811ec2780-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/png
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
X-Cache-Hits: 301648

GET
H3 200 pubads_impl_2022020901.js Show response
securepubads.g.doubleclick.net/gpt/ 357 KB
120 KB 68ms
28ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a4fd9dc6db644313269ca0055f0cef11c1361c8879480f45393332ae2c8e027

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 22:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4480
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122359
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 09:36:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 14 Feb 2023 22:57:16 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
975 B 119ms
40ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=extra.globo.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

050f7a7a5e330d034fc3a5cdc0d2335e0b11ccfa4777dbc716fd6d9c1e9ada0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 338
x-xss-protection: 0
expires: Tue, 15 Feb 2022 00:11:56 GMT

GET
H/1.1 200
OK black-70.png
exstatic.infoglobo.com.br/skins/17/extra/images/ 109 B
623 B 385ms
213ms Image
image/png 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exstatic.infoglobo.com.br/skins/17/extra/images/black-70.png

Requested by

Host: exstatic.infoglobo.com.br
URL: https://exstatic.infoglobo.com.br/skins/17/extra/css/default.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

80a5c5719d465827285bc7af904594f04ddfc1186cef8a08a822dd643b9bb5dc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://exstatic.infoglobo.com.br/skins/17/extra/css/default.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 10 May 2021 13:03:46 GMT
Content-Encoding: gzip
Age: 24232090
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 121
Last-Modified: Wed, 05 May 2021 19:36:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a0140ca6-6d-5c19a506d0680-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/png
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
X-Cache-Hits: 1508609

GET
H/1.1 200
OK search.png
exstatic.infoglobo.com.br/skins/17/extra/images/new-header/ 2 KB
2 KB 386ms
213ms Image
image/png 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exstatic.infoglobo.com.br/skins/17/extra/images/new-header/search.png

Requested by

Host: exstatic.infoglobo.com.br
URL: https://exstatic.infoglobo.com.br/skins/17/extra/css/default.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

256a6464b1dbb4d02351a596b8c8de50dc9e3ad3a182879eb392ddd570820278

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://exstatic.infoglobo.com.br/skins/17/extra/css/default.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 10 May 2021 13:03:54 GMT
Content-Encoding: gzip
Age: 24232081
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 1348
Last-Modified: Wed, 05 May 2021 19:36:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a04a2ec2-65c-5c19a506d0680-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/png
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
X-Cache-Hits: 1498727

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/editoraglobonetwork/ 611 KB
45 KB 50ms
16ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 272c830cf9396a4251607be60e2274ac21c9fe9b66f2ca5c63e25695f0dc76cf

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: uY5FC5WdfJDmqN6CV38JXkSxKrs.8koI
content-encoding: gzip
etag: "3fd80508d8ac578cca9db4becf85fea5"
age: 44
x-cache: HIT
content-length: 45433
x-amz-id-2: o0Gqs2LO/b2/ADzOM5fwjhNxvuFmTenBuPLJhaAbvMaTshyozga5fN3zAVARrx9jOJLNu7WGUiA=
x-served-by: cache-mxp6946-MXP
last-modified: Thu, 10 Feb 2022 14:56:04 GMT
server: AmazonS3
x-timer: S1644883917.695468,VS0,VE1
date: Tue, 15 Feb 2022 00:11:56 GMT
vary: Accept-Encoding
x-amz-request-id: B90B38AJYFVDY5SD
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 69
x-cache-hits: 1

GET
H/1.1 200
OK boxes-breaking-news.css
exstatic.infoglobo.com.br/skins/17/extra/css/ 3 KB
1 KB 282ms
222ms Stylesheet
text/css 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://exstatic.infoglobo.com.br/skins/17/extra/css/boxes-breaking-news.css

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

9ce2d6e224977f54977fa30b9dcb148aeb7e94a275cf1ce5d6420fa70c111e4b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 10 May 2021 13:03:54 GMT
Content-Encoding: gzip
Age: 24232082
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 659
Last-Modified: Wed, 05 May 2021 19:36:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a0468278-c94-5c19a506d0680"
Vary: Accept-Encoding,Origin
Content-Type: text/css
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
X-Cache-Hits: 6378693

GET
H/1.1 200
OK compartilhar.png
exstatic.infoglobo.com.br/skins/17/extra/images/ 22 KB
23 KB 559ms
215ms Image
image/png 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exstatic.infoglobo.com.br/skins/17/extra/images/compartilhar.png

Requested by

Host: exstatic.infoglobo.com.br
URL: https://exstatic.infoglobo.com.br/skins/17/extra/css/redesocial.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

f4097cc9275ddab3f19cdbbb7085bdd87d31f438d060a4724e2e5d7beca06aa8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://exstatic.infoglobo.com.br/skins/17/extra/css/redesocial.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 05:47:42 GMT
Content-Encoding: gzip
Age: 1189441
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 22694
Last-Modified: Wed, 24 Nov 2021 12:33:48 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a05f3d58-5988-5d18811cda300-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/png
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
X-Cache-Hits: 33539

GET
H/1.1 200
OK infpub-bg.png
exstatic.infoglobo.com.br/skins/17/extra/images/ 1003 B
1 KB 372ms
214ms Image
image/png 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exstatic.infoglobo.com.br/skins/17/extra/images/infpub-bg.png

Requested by

Host: exstatic.infoglobo.com.br
URL: https://exstatic.infoglobo.com.br/skins/17/extra/css/box-expub-slider.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

7c22baf04835a818725820ae372e600f8670a651262daad109f81b9385cde301

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://exstatic.infoglobo.com.br/skins/17/extra/css/box-expub-slider.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 10 May 2021 13:03:56 GMT
Content-Encoding: gzip
Age: 24232080
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 624
Last-Modified: Wed, 05 May 2021 19:36:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a05f9beb-3eb-5c19a506d0680-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/png
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
X-Cache-Hits: 2492983

GET
H/1.1 200
OK infpub-187x29.png
exstatic.infoglobo.com.br/skins/17/extra/images/ 3 KB
3 KB 559ms
214ms Image
image/png 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exstatic.infoglobo.com.br/skins/17/extra/images/infpub-187x29.png

Requested by

Host: exstatic.infoglobo.com.br
URL: https://exstatic.infoglobo.com.br/skins/17/extra/css/box-expub-slider.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

cd681b12931ea4cfbfcfca5a62a3a3a252b613112f4d258606a73d72f1e7b558

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://exstatic.infoglobo.com.br/skins/17/extra/css/box-expub-slider.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 10 May 2021 13:07:04 GMT
Content-Encoding: gzip
Age: 24231892
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 2624
Last-Modified: Wed, 05 May 2021 19:36:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a0398f65-b57-5c19a506d0680-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/png
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
X-Cache-Hits: 1875640

GET
H/1.1 200
OK left-arrow-small.png
exstatic.infoglobo.com.br/skins/17/extra/images/ 3 KB
3 KB 495ms
223ms Image
image/png 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exstatic.infoglobo.com.br/skins/17/extra/images/left-arrow-small.png

Requested by

Host: exstatic.infoglobo.com.br
URL: https://exstatic.infoglobo.com.br/skins/17/extra/css/box-expub-slider.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

69f2626617772935552e5ddfdeb1b9a7b4b41850620d428eea86820b02d3ef3c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://exstatic.infoglobo.com.br/skins/17/extra/css/box-expub-slider.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 10 May 2021 13:03:41 GMT
Content-Encoding: gzip
Age: 24232095
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 2938
Last-Modified: Wed, 05 May 2021 19:36:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a034affb-b63-5c19a506d0680-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/png
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
X-Cache-Hits: 2208359

GET
H/1.1 200
OK right-arrow-small.png
exstatic.infoglobo.com.br/skins/17/extra/images/ 3 KB
3 KB 560ms
214ms Image
image/png 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exstatic.infoglobo.com.br/skins/17/extra/images/right-arrow-small.png

Requested by

Host: exstatic.infoglobo.com.br
URL: https://exstatic.infoglobo.com.br/skins/17/extra/css/box-expub-slider.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

642ead52dfc7372d61487372d55b6d3c1881aede1f86ef6143220eb7a348b610

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://exstatic.infoglobo.com.br/skins/17/extra/css/box-expub-slider.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 10 May 2021 13:03:42 GMT
Content-Encoding: gzip
Age: 24232094
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 2938
Last-Modified: Wed, 05 May 2021 19:36:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a06190d0-b63-5c19a506d0680-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/png
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
X-Cache-Hits: 2191708

GET
H/1.1 200
OK elements-sprite.png
exstatic.infoglobo.com.br/skins/17/extra/images/ 70 KB
58 KB 559ms
215ms Image
image/png 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exstatic.infoglobo.com.br/skins/17/extra/images/elements-sprite.png

Requested by

Host: exstatic.infoglobo.com.br
URL: https://exstatic.infoglobo.com.br/skins/17/extra/css/default.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

0361f428dd1845f868faae37ef57bfb80b85d0d2fe5ce689dd92e3a611596bd3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://exstatic.infoglobo.com.br/skins/17/extra/css/default.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 17:04:45 GMT
Content-Encoding: gzip
Age: 1235220
grace: none
Transfer-Encoding: chunked
X-Cache: HIT
Connection: Keep-Alive
Last-Modified: Wed, 24 Nov 2021 12:33:48 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a01d987a-11982-5d18811cda300-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/png
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
X-Cache-Hits: 304103

GET
H/1.1 200
OK clique-assine.png
exstatic.infoglobo.com.br/skins/17/extra/images/ 18 KB
19 KB 214ms
214ms Image
image/png 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exstatic.infoglobo.com.br/skins/17/extra/images/clique-assine.png

Requested by

Host: exstatic.infoglobo.com.br
URL: https://exstatic.infoglobo.com.br/skins/17/extra/css/home1.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

5de1b084a9df17b2bf59df4f0addc4da952ba0985ccea9331cd6430af3810946

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://exstatic.infoglobo.com.br/skins/17/extra/css/home1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 10 May 2021 13:09:31 GMT
Content-Encoding: gzip
Age: 24231745
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 18483
Last-Modified: Wed, 05 May 2021 19:36:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a0368190-492b-5c19a506d0680-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/png
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
X-Cache-Hits: 206406

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 100ms
26ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700,800,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://extra.globo.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 00:14:34 GMT
x-content-type-options: nosniff
age: 518242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 00:14:34 GMT

GET
H/1.1 200
OK box-promo.png
exstatic.infoglobo.com.br/skins/17/extra/images/ 4 KB
4 KB 214ms
213ms Image
image/png 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exstatic.infoglobo.com.br/skins/17/extra/images/box-promo.png

Requested by

Host: exstatic.infoglobo.com.br
URL: https://exstatic.infoglobo.com.br/skins/17/extra/css/home1.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

4e0f1b554ee57c446904470082dead87629d10d796548647a846ba745b779fe1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://exstatic.infoglobo.com.br/skins/17/extra/css/home1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 10 May 2021 13:09:15 GMT
Content-Encoding: gzip
Age: 24231761
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 3654
Last-Modified: Wed, 05 May 2021 19:36:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a06696e5-e34-5c19a506d0680-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/png
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
X-Cache-Hits: 203402

GET
H/1.1 200
OK black-60.png
exstatic.infoglobo.com.br/skins/17/extra/images/ 109 B
623 B 214ms
214ms Image
image/png 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exstatic.infoglobo.com.br/skins/17/extra/images/black-60.png

Requested by

Host: exstatic.infoglobo.com.br
URL: https://exstatic.infoglobo.com.br/skins/17/extra/css/home1.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

fae72e3ee6480f03dcd656cd0bc418fe4b0474a49b2a18fa24639d8276092a27

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://exstatic.infoglobo.com.br/skins/17/extra/css/home1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 10 May 2021 13:03:53 GMT
Content-Encoding: gzip
Age: 24232083
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 121
Last-Modified: Wed, 05 May 2021 19:36:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a0562d75-6d-5c19a506d0680-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/png
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
X-Cache-Hits: 1555728

GET
H/1.1 200
OK horoscopo.png
exstatic.infoglobo.com.br/skins/17/extra/images/ 25 KB
25 KB 215ms
214ms Image
image/png 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exstatic.infoglobo.com.br/skins/17/extra/images/horoscopo.png

Requested by

Host: exstatic.infoglobo.com.br
URL: https://exstatic.infoglobo.com.br/skins/17/extra/css/home1.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

76600bda5f2aa9febce67856f053b9abe34814b8efe335bc2d2226daea081dd2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://exstatic.infoglobo.com.br/skins/17/extra/css/home1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 10 May 2021 13:03:56 GMT
Content-Encoding: gzip
Age: 24232081
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 24992
Last-Modified: Wed, 05 May 2021 19:36:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a056a552-62ab-5c19a506d0680-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/png
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
X-Cache-Hits: 204879

GET
H/1.1 200
OK sprite-famosos.png
exstatic.infoglobo.com.br/skins/17/extra/images/ 7 KB
6 KB 215ms
214ms Image
image/png 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exstatic.infoglobo.com.br/skins/17/extra/images/sprite-famosos.png

Requested by

Host: exstatic.infoglobo.com.br
URL: https://exstatic.infoglobo.com.br/skins/17/extra/css/default.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

c23e60e165c863b853f37fdd7a2181120d88a065dda6c993bc2660144cd2dc18

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://exstatic.infoglobo.com.br/skins/17/extra/css/default.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 10 May 2021 13:03:56 GMT
Content-Encoding: gzip
Age: 24232081
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 5239
Last-Modified: Wed, 05 May 2021 19:36:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a061343a-1c15-5c19a506d0680-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/png
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
X-Cache-Hits: 1510670

GET
H/1.1 200
OK black-90.png
exstatic.infoglobo.com.br/skins/17/extra/images/ 991 B
1 KB 214ms
214ms Image
image/png 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exstatic.infoglobo.com.br/skins/17/extra/images/black-90.png

Requested by

Host: exstatic.infoglobo.com.br
URL: https://exstatic.infoglobo.com.br/skins/17/extra/css/default.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

c39b28fd7c41f22ab0443dae62ca05a35468a2b79a5e19c5e1bf1b1c8454ec8e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://exstatic.infoglobo.com.br/skins/17/extra/css/default.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 10 May 2021 13:03:47 GMT
Content-Encoding: gzip
Age: 24232090
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 621
Last-Modified: Wed, 05 May 2021 19:36:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a0481b17-3df-5c19a506d0680-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/png
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
X-Cache-Hits: 1485345

GET
H/1.1 200
OK black-80.png
exstatic.infoglobo.com.br/skins/17/extra/images/ 109 B
623 B 223ms
222ms Image
image/png 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exstatic.infoglobo.com.br/skins/17/extra/images/black-80.png

Requested by

Host: exstatic.infoglobo.com.br
URL: https://exstatic.infoglobo.com.br/skins/17/extra/css/default.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

b8659e1e241fb57b69774d3eb48a1aade2675d857aeb278b3e327a96787ea474

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://exstatic.infoglobo.com.br/skins/17/extra/css/default.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 10 May 2021 13:03:30 GMT
Content-Encoding: gzip
Age: 24232096
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 121
Last-Modified: Wed, 05 May 2021 19:36:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a05f7373-6d-5c19a506d0680-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/png
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
X-Cache-Hits: 1496793

GET
H2 200 1601559926114.png
s3.glbimg.com/v1/AUTH_0ae9f161c1ff459593599b7ffa1a1292/images/escenic/2020/10/1/10/ 1 KB
1 KB 327ms
327ms Image
image/png 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.glbimg.com/v1/AUTH_0ae9f161c1ff459593599b7ffa1a1292/images/escenic/2020/10/1/10/1601559926114.png
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 0b6280fde965f5f27047df639e2af6e2e28229ee7fe7ba0f765533fc37c4cd1a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:56 GMT
x-openstack-request-id: tx165ac11ad88d42f68d6ee-00620aef96
last-modified: Thu, 01 Oct 2020 13:45:27 GMT
x-trans-id: tx165ac11ad88d42f68d6ee-00620aef96
x-thanos: 0AB54008
etag: 75a9d4d6be0469cf3ed886f4fe559578
vary: Accept-Encoding, Origin
content-type: image/png
x-timestamp: 1601559926.31218
cache-control: public, max-age=180
accept-ranges: bytes
content-length: 1114
x-request-id: 45dd04ab-3365-4c23-a409-4b2cedb37eff

GET
H/1.1 200
OK ico-arrow.svg
exstatic.infoglobo.com.br/skins/17/extra/images/box-assine-footer/ 560 B
798 B 662ms
222ms Image
image/svg+xml 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exstatic.infoglobo.com.br/skins/17/extra/images/box-assine-footer/ico-arrow.svg

Requested by

Host: exstatic.infoglobo.com.br
URL: https://exstatic.infoglobo.com.br/skins/17/extra/css/floatBarHome.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

72b36b3ecf121fd2bd921864fbbea273317f7ce119db6577b0502b9f37f2ec43

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://exstatic.infoglobo.com.br/skins/17/extra/css/floatBarHome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 10 May 2021 13:06:21 GMT
Content-Encoding: gzip
Age: 24231935
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 265
Last-Modified: Wed, 05 May 2021 19:36:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a058c7f3-230-5c19a506d0680"
Vary: Accept-Encoding,Origin
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
X-Cache-Hits: 827545

GET
H2 200 1605558485901.png
s3.glbimg.com/v1/AUTH_0ae9f161c1ff459593599b7ffa1a1292/images/escenic/2020/11/16/17/ 9 KB
9 KB 327ms
327ms Image
image/png 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.glbimg.com/v1/AUTH_0ae9f161c1ff459593599b7ffa1a1292/images/escenic/2020/11/16/17/1605558485901.png
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 05430425142af2ee6693633b64fa72c6522f95a83c06ed771a8da7eecadacf45

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:56 GMT
x-openstack-request-id: txdfba9b3ffded49e6a962f-00620aef96
last-modified: Mon, 16 Nov 2020 20:28:07 GMT
x-trans-id: txdfba9b3ffded49e6a962f-00620aef96
x-thanos: 0AB54008
etag: 9421d9f10999d3cd0a064c099b09aa18
vary: Accept-Encoding, Origin
content-type: image/png
x-timestamp: 1605558486.11247
cache-control: public, max-age=180
accept-ranges: bytes
content-length: 8872
x-request-id: ff34a5a1-4df7-40f2-aa15-b43410f5d359

GET
H/1.1 200
OK ico-fechar.svg
exstatic.infoglobo.com.br/skins/17/extra/images/box-assine-footer/ 491 B
782 B 530ms
212ms Image
image/svg+xml 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exstatic.infoglobo.com.br/skins/17/extra/images/box-assine-footer/ico-fechar.svg

Requested by

Host: exstatic.infoglobo.com.br
URL: https://exstatic.infoglobo.com.br/skins/17/extra/css/floatBarHome.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

8e3fe68afc386677a3e940c3f3bea6d675137cd6ca94ab4ac50b368687c0023b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://exstatic.infoglobo.com.br/skins/17/extra/css/floatBarHome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 10 May 2021 13:05:27 GMT
Content-Encoding: gzip
Age: 24231978
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 249
Last-Modified: Wed, 05 May 2021 19:36:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a0332b6a-1eb-5c19a506d0680"
Vary: Accept-Encoding,Origin
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
X-Cache-Hits: 831000

GET
H2 200 1605558474236.png
s3.glbimg.com/v1/AUTH_0ae9f161c1ff459593599b7ffa1a1292/images/escenic/2020/11/16/17/ 75 KB
76 KB 327ms
327ms Image
image/png 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.glbimg.com/v1/AUTH_0ae9f161c1ff459593599b7ffa1a1292/images/escenic/2020/11/16/17/1605558474236.png
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 49e05d453de79e1d0c6b4770b430c6296d030af9e1614b75b0659a95812cf17b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:56 GMT
x-openstack-request-id: tx45c4cf3db7a7440c84c62-00620aef96
last-modified: Mon, 16 Nov 2020 20:27:55 GMT
x-trans-id: tx45c4cf3db7a7440c84c62-00620aef96
x-thanos: 0AB54008
etag: 7612aecc6920325e4f7512c3c7bab9f3
vary: Accept-Encoding, Origin
content-type: image/png
x-timestamp: 1605558474.44502
cache-control: public, max-age=180
accept-ranges: bytes
content-length: 77274
x-request-id: 0633f833-f35c-4eca-a960-a5870245cfda

GET
H/1.1 200
OK ico-check.svg
exstatic.infoglobo.com.br/skins/17/extra/images/box-assine-footer/ 450 B
826 B 216ms
213ms Image
image/svg+xml 201.7.177.160
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exstatic.infoglobo.com.br/skins/17/extra/images/box-assine-footer/ico-check.svg

Requested by

Host: exstatic.infoglobo.com.br
URL: https://exstatic.infoglobo.com.br/skins/17/extra/css/floatBarHome.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.160 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

1cc15a3d94455f00ea2a0e25543c2a04a232575f8aa7d0d2e2773b1d20da9b04

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://exstatic.infoglobo.com.br/skins/17/extra/css/floatBarHome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 10 May 2021 13:05:38 GMT
Content-Encoding: gzip
Age: 24231968
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 293
Last-Modified: Wed, 05 May 2021 19:36:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a017649b-1c2-5c19a506d0680"
Vary: Accept-Encoding,Origin
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
X-Cache-Hits: 830533

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 85ms
27ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: exstatic.infoglobo.com.br
URL: https://exstatic.infoglobo.com.br/resources/17/js/lib/onesignal/onesignal.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:56 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 797
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6dda525fa923f923-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 18 Feb 2022 00:11:56 GMT

GET
H/1.1 200
OK ecsImghome-noticias-1920x1200-8966794931313799310.jpg
extra.globo.com/img/449/2020/8/7/22/ 107 KB
86 KB 894ms
226ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/img/449/2020/8/7/22/ecsImghome-noticias-1920x1200-8966794931313799310.jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

4a8e50a462dee8d1c709c4fe6ddbe6a2b2185342f88ef86778ceef7bd11cb61b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 08:31:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 574807
grace: none
Transfer-Encoding: chunked
X-Cache: HIT
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sat, 08 Aug 2020 01:08:49 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "3854d7-1acfd-5ac535d2c4a40-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Access-Control-Allow-Credentials: true
X-Cache-Hits: 52310

GET
H/1.1 200
OK mosaico.json Show response
extra.globo.com/api/asmais/ 5 KB
3 KB 847ms
217ms XHR
application/json 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://extra.globo.com/api/asmais/mosaico.json?id=21869432

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

c0ae18dbcb9d1fd5b82246e53af9390653b1271bdf28c5de621cf5f904442098

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://extra.globo.com/
X-Requested-With: XMLHttpRequest
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 00:09:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 144
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 1775
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Origin,Accept-Encoding
Content-Type: application/json;charset=UTF-8
cache-control: max-age=181
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Access-Control-Allow-Credentials: true
X-Cache-Hits: 25

GET
H2 200 cadun.js Show response
s.glbimg.com/pc/ca/ 14 KB
6 KB 1030ms
448ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/ca/cadun.js

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/profiling/profiling.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

server-143-204-98-93.fra50.r.cloudfront.net

Software

Resource Hash

9f07eb1d3485dabe204a944ab51fd4d7b4f2247c58f170714cfb40ff118af06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 974081304 ra03 11 09
age: 75935
content-length: 5547
x-xss-protection: 1; mode=block
x-request-id: 7e3bdd4c-40fb-42dc-8fc8-61c0c79a50c9
last-modified: Wed, 27 Jan 2021 20:50:06 GMT
x-thanos: 0AB1D00F
etag: W/"6011d1fe-3759"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Mon, 21 Feb 2022 03:06:21 GMT

GET
H2 200 usr Show response
usr.navdmp.com/ 77 B
280 B 2313ms
2304ms Script
application/javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=13574&upd=1&new=1&wst=0&wct=1&wla=1&dsy=0
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff3457f2c976b1cc30f677f951acd987c14ddb6d131990d72e92341efbe03e99

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 15 Feb 2022 00:11:59 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6dda525fd90d83a8-MXP
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
content-type: application/javascript
expires: Tue, 15 Feb 2022 01:11:58 GMT

GET
H2 200 load.js Show response
widget.perfectmarket.com/editoraglobonetwork/ 5 KB
2 KB 54ms
16ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/editoraglobonetwork/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af38286fa634519ab80524b90b1e992febefc15923c89b1663bcd46dfee2c383

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: gUgj3C7AZJFMWF2Nwsx5cjlAkNxfoKpr
content-encoding: gzip
etag: "061b43bac53a5e78578ef76be22c651a"
age: 187
x-cache: HIT, HIT
content-length: 1576
x-amz-id-2: 7qMY2tr3tgJJu3RuHvKLnlGT+tp4ahVkICnTsdh7igYm/8jU1ONVVeoKbHQS9il59FYP06bMkN4=
x-served-by: cache-lax10635-LGB, cache-mxp6930-MXP
last-modified: Tue, 28 Dec 2021 18:47:08 GMT
server: AmazonS3
x-timer: S1644883917.836073,VS0,VE1
date: Tue, 15 Feb 2022 00:11:56 GMT
vary: Accept-Encoding,,
x-amz-request-id: 0A4RBD29M3SF65SK
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2 200 impl.20220209-5-RELEASE.js Show response
cdn.taboola.com/libtrc/ 617 KB
128 KB 16ms
16ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 25db276f514822906922fbfedd6557c9418afbf1d9d51d69c4f9dacd722a4baa

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: ni.XKnNDCYFnD0XKIPB7fzmdxGXZ7_Rh
content-encoding: br
etag: "47aba8dcefca4560e05ab437baae1ec9"
age: 23011
x-cache: HIT
content-length: 130247
x-amz-id-2: eCKEIXhtzP/qyJiZToWadn84EgCBXSG/wGdTcBpFCNSRowFJzakhEyE1gzVcDk1N0btdjhpeweQ=
x-served-by: cache-mxp6946-MXP
last-modified: Wed, 09 Feb 2022 09:39:49 GMT
server: AmazonS3-br
x-timer: S1644883917.799524,VS0,VE0
date: Tue, 15 Feb 2022 00:11:56 GMT
vary: Accept-Encoding
x-amz-request-id: 868695HH8DNBYJJ4
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 12
x-cache-hits: 83162

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 107ms
37ms Script
application/javascript 108.157.4.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-121.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 01:45:32 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 80804
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8080d8bfc581f6befaaa7736f6d0003e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: bCtUwl_rUbCbA959Pep8mYhGHz8fTK8Qo0DDrm09HoKeqcP20gYWOQ==

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 54ms
32ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:56 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2606
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6dda52604cb059e9-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 18 Feb 2022 00:11:56 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 94ms
30ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-BDVW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2222
date: Mon, 14 Feb 2022 23:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 15 Feb 2022 01:34:54 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 123ms
46ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-BDVW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 00:11:56 GMT

GET
H2 200 hotjar-831430.js Show response
static.hotjar.com/c/ 4 KB
2 KB 104ms
36ms Script
application/javascript 143.204.98.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-831430.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-BDVW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7f4aa82424c9eecaf7afe0a621b6bb1a1564c69ca5cca5ef23788d27bf465ac7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1915
access-control-allow-origin: *
x-cache-hit: 1
etag: W/34cf46ba8394d5bec55ed384579099ab
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
cache-control: max-age=60
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Acnt4Y4Olk85ptEyAV3ta9KIV1Dw0cvQUpkaSIQ04Jm9nmZb4uv3zQ==

GET
H2 200 ivc.js Show response
gadasource.storage.googleapis.com/ 71 KB
24 KB 124ms
26ms Script
text/plain 2a00:1450:4001:831::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gadasource.storage.googleapis.com/ivc.js
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:06:34 GMT
content-encoding: gzip
age: 322
x-guploader-uploadid: ADPycduQVsegdGcsmRGufM4HVDtLV3JYSSw1jNZnSSD8R2jMGbJo40JU_7fKxdNw1FPUO8MkNJ4QNguX27BzOnP2nSQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24321
last-modified: Mon, 02 Sep 2019 19:50:51 GMT
server: UploadServer
etag: "cdaa61cbc24c48191196b45b31a7e18b"
vary: Accept-Encoding
x-goog-hash: crc32c=okr5pw==, md5=zaphy8JMSBkRlrRbMafhiw==
x-goog-generation: 1567453851562424
cache-control: public, max-age=3600
x-goog-stored-content-length: 24321
accept-ranges: bytes
content-type: text/plain
expires: Tue, 15 Feb 2022 01:06:34 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 108ms
35ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: c9MGbANZp89BdIDdCZIxSI4XmdkuR2sq7TqAw/54VUt+p4JHFu26xG0hC1opHnW3fz+axYS+wQgJWBL+MugyNg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 15 Feb 2022 00:11:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 card-interference-detector.20220209-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
3 KB 16ms
16ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/card-interference-detector.20220209-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d59040ad1ec39e643a31d375c395e40e427d7af21000be2fbdd9eac9dcd47b56

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: _E5rQZE9pu7ShlHWiz70DLYfADpobxuw
content-encoding: gzip
etag: "a36fa12fa9daf2f6ba6a51286bdd5fd2"
age: 1157
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2178
x-amz-id-2: 8CIuMAsMzUtpJ9RPDQcmlMqx8jcSO7SEN2ShyEonsx1HIXOvNLch0dDPIMX/CNWiNh4PGxhX1Ng=
x-served-by: cache-mxp6946-MXP
last-modified: Mon, 14 Feb 2022 23:52:36 GMT
server: AmazonS3
x-timer: S1644883917.886949,VS0,VE0
date: Tue, 15 Feb 2022 00:11:56 GMT
vary: Accept-Encoding
x-amz-request-id: 0895C5A4YKVTWS93
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 12
x-cache-hits: 597

GET
H2 200 json Show response
trc.taboola.com/editoraglobo-extra/trc/3/ 23 KB
7 KB 371ms
358ms XHR
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/editoraglobo-extra/trc/3/json?tim=00%3A11%3A58.643&lti=deflated&data=%7B%22id%22%3A126%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1644504958921%2C%22vi%22%3A1644883918640%2C%22cv%22%3A%2220220209-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fextra.globo.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fextra.globo.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3746%2C%22nsid%22%3A%22editoraglobonetwork%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-f%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22cd%22%3A2553.65625%2C%22mw%22%3A640%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbs-hero-02%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Page%22%2C%22orig_uip%22%3A%22Below%20Page%22%2C%22cd%22%3A3210.65625%2C%22mw%22%3A819.84375%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Homepage%20Thumbnails%3Dthumbnails-f%3Apub%3Deditoraglobonetwork%3Aabp%3D0%2C%2CBelow%20Page%3Dthumbs-hero-02%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4713be48ae0c7145a09e3b55d8dbb5a5e5543dcc58372c01a3126e69339f5fba

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 344
date: Tue, 15 Feb 2022 00:11:57 GMT
content-encoding: gzip
server: nginx
x-timer: S1644883917.907023,VS0,VE344
x-served-by: cache-mxp6946-MXP
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://extra.globo.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 pmk-202010011.6.js Show response
widget.perfectmarket.com/editoraglobonetwork/ 99 KB
27 KB 17ms
15ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/editoraglobonetwork/pmk-202010011.6.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/editoraglobonetwork/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b383f17092354aea8e8598be6d4d8acb0de6a35b1f69620e85da57045197522

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: Dj133TGBylNn2devt9Fgqn4nkuTE2sRn
content-encoding: gzip
etag: "a3a81c61409dd6a1e8ba2cb105c53a4a"
age: 2380176
x-cache: HIT, HIT
content-length: 27703
x-amz-id-2: 8gTg2XqgfAciJjqQVF/ADHkgniWt6eQZVLJ2UM7d/VAETW9xEH0b3gvdKOxMAHR29rsSUE86udw=
x-served-by: cache-sna10725-LGB, cache-mxp6930-MXP
last-modified: Tue, 28 Dec 2021 18:47:08 GMT
server: AmazonS3
x-timer: S1644883917.910085,VS0,VE0
date: Tue, 15 Feb 2022 00:11:56 GMT
vary: Accept-Encoding,,
x-amz-request-id: SFQVTF0YWX3XT06H
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 3, 11

POST
H2 204 bulk-metrics Show response
trc-events.taboola.com/editoraglobo-extra/log/3/ 0
247 B 156ms
40ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/editoraglobo-extra/log/3/bulk-metrics?lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://extra.globo.com
pragma: no-cache
date: Tue, 15 Feb 2022 00:11:57 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 horizon-client-js.min.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 11 KB
4 KB 263ms
263ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-client-js.min.js
Requested by: Host: barra.globo.com
URL: https://barra.globo.com/gl/ba/oidcprodutos/js/barra-globocom.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:57 GMT
content-encoding: gzip
x-openstack-request-id: txf1b6b64d200744b5bd6c5-00620aee70
last-modified: Fri, 13 Nov 2020 17:21:38 GMT
x-thanos: 0AB54008
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1605288097.88717
cache-control: public, max-age=600
x-trans-id: txf1b6b64d200744b5bd6c5-00620aee70
x-request-id: 26e86853-e59d-4dba-9a1c-65e2c83ce839

GET
H2 200 glb-pv-min.js Show response
s.glbimg.com/bu/rt/js/ 2 KB
1 KB 580ms
226ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/bu/rt/js/glb-pv-min.js

Requested by

Host: barra.globo.com
URL: https://barra.globo.com/gl/ba/oidcprodutos/js/barra-globocom.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 972516733 ra03 11 09
age: 158
content-length: 969
x-xss-protection: 1; mode=block
x-request-id: d91c0020-2d2c-4585-a541-643ccb38ca66
last-modified: Mon, 04 Feb 2019 16:44:48 GMT
x-thanos: 0AB1D00F
etag: W/"5c586c00-703"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Tue, 15 Feb 2022 01:09:19 GMT

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/6035227/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
349 B

34ms
34ms

Script
application/javascript

108.157.4.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Server: 108.157.4.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-121.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:02:18 GMT
via: 1.1 8080d8bfc581f6befaaa7736f6d0003e.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 579
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 0
x-amz-cf-id: iAoercbcgUp_i9GuJveUKs9XJNY7Q2U44pH73I0QJ4qnUCTZOAA6qA==

Redirect headers

date: Tue, 15 Feb 2022 00:11:56 GMT
via: 1.1 8080d8bfc581f6befaaa7736f6d0003e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-c2/default/cs.js
content-length: 48
x-amz-cf-id: 02f3Fag8uR81ADej4peKmlJZepnB_h2pmxQCyLzVRY2fWHgxm9Evlg==

GET
H2 200 globoid-js.min.js Show response
s3.glbimg.com/v1/AUTH_05f06ca986b54d6e9c5df94927ccf7fc/libs/globoid-js/1.4.1/ 159 KB
58 KB 282ms
282ms Script
text/html 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_05f06ca986b54d6e9c5df94927ccf7fc/libs/globoid-js/1.4.1/globoid-js.min.js
Requested by: Host: barra.globo.com
URL: https://barra.globo.com/gl/ba/oidcprodutos/js/barra-globocom.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: ee72a800f0e75a30ba23632ed5689c707913bb9c598e22a825af375d10a2bc75

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:57 GMT
content-encoding: gzip
x-openstack-request-id: tx0f1f7e90ebe54df7bdffb-00620aef6e
last-modified: Tue, 29 Sep 2020 17:43:36 GMT
x-thanos: 0AB54008
vary: Accept-Encoding, Origin
content-type: text/html
x-timestamp: 1601401415.68699
cache-control: public, max-age=180
x-trans-id: tx0f1f7e90ebe54df7bdffb-00620aef6e
x-request-id: 8c5c1483-f785-486e-914d-646aeb76d93e

GET
H2 200 images-large-s546941f7e6.png
s.glbimg.com/gl/ba/img/ 2 KB
2 KB 624ms
224ms Image
image/png 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.glbimg.com/gl/ba/img/images-large-s546941f7e6.png

Requested by

Host: barra.globo.com
URL: https://barra.globo.com/gl/ba/oidcprodutos/css/barra-globocom.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

server-108-157-4-122.dus51.r.cloudfront.net

Software

Resource Hash

d9b26fd560a75febda13bf4b670cb2e87f67830b8b2b6377a1401af914da89ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://barra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:57 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 971817171 ra03 11 09
age: 3062
content-length: 2017
x-xss-protection: 1; mode=block
x-request-id: af7eb17e-7f4a-4ddb-b916-21132878925d
last-modified: Fri, 24 Jul 2020 12:45:33 GMT
x-thanos: 0AB1D00F
etag: "5f1ad7ed-7e1"
vary: Origin
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Tue, 15 Feb 2022 00:20:55 GMT

GET
H2

200

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=6035227&ns__t=1644883918673&ns_c=UTF-8&c8=Extra%20-%20Extra%20Online&c7=https%3A%2F%2Fextra.globo.com%2F&c9=
https://sb.scorecardresearch.com/p2?c1=2&c2=6035227&ns__t=1644883918673&ns_c=UTF-8&c8=Extra%20-%20Extra%20Online&c7=https%3A%2F%2Fextra.globo.com%2F&c9=

64 B
329 B

39ms
38ms

Image
image/gif

108.157.4.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=6035227&ns__t=1644883918673&ns_c=UTF-8&c8=Extra%20-%20Extra%20Online&c7=https%3A%2F%2Fextra.globo.com%2F&c9=
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Server: 108.157.4.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-121.dus51.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:56 GMT
via: 1.1 8080d8bfc581f6befaaa7736f6d0003e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: lc2Es-ScplMJNIkYGureqiXwd4kZdu2e6MGnG_5ICZ1w9aK3if_ifA==

Redirect headers

date: Tue, 15 Feb 2022 00:11:56 GMT
via: 1.1 8080d8bfc581f6befaaa7736f6d0003e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/p2?c1=2&c2=6035227&ns__t=1644883918673&ns_c=UTF-8&c8=Extra%20-%20Extra%20Online&c7=https%3A%2F%2Fextra.globo.com%2F&c9=
content-length: 174
x-amz-cf-id: WULLq4oXampz1fKaGjKlLr4cvL73W7-rlwEGBTG450-V--hXQEr6AA==

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1644883918678&ns_c=UTF-8&cv=3.5&c8=Extra%20-%20Extra%20Online&c7=https%3A%2F%2Fextra.globo.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1644883918678&ns_c=UTF-8&cv=3.5&c8=Extra%20-%20Extra%20Online&c7=https%3A%2F%2Fextra.globo.com%2F&c9=

0
224 B

43ms
43ms

Image
text/plain

108.157.4.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1644883918678&ns_c=UTF-8&cv=3.5&c8=Extra%20-%20Extra%20Online&c7=https%3A%2F%2Fextra.globo.com%2F&c9=
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Server: 108.157.4.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-121.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:56 GMT
via: 1.1 8080d8bfc581f6befaaa7736f6d0003e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: 99Vz0_6REUqkh-mCU1JheJw4rJfqv3tzHSenipCOdmbXtEK4Z_HvwA==
x-cache: Miss from cloudfront

Redirect headers

date: Tue, 15 Feb 2022 00:11:56 GMT
via: 1.1 8080d8bfc581f6befaaa7736f6d0003e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1644883918678&ns_c=UTF-8&cv=3.5&c8=Extra%20-%20Extra%20Online&c7=https%3A%2F%2Fextra.globo.com%2F&c9=
content-length: 187
x-amz-cf-id: TQgZCItTesRFo3EgaNZpWo7u0zn9xQZ5uouqpviJjU6zQfH67vvFZA==

GET
H2 200 tv4.min.js Show response
s3.glbimg.com/cdn/libs/tv4/1.3.0/ 28 KB
10 KB 487ms
487ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/libs/tv4/1.3.0/tv4.min.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:57 GMT
content-encoding: gzip
x-openstack-request-id: tx2a95a7ff23324cc8b6e44-00619540bb
last-modified: Fri, 25 May 2018 14:11:50 GMT
x-thanos: 0AB54008
vary: Accept-Encoding, Origin
content-type: application/javascript
x-timestamp: 1527257509.32548
cache-control: public, max-age=31536000
x-trans-id: tx2a95a7ff23324cc8b6e44-00619540bb
x-request-id: 1c6634c8-dd31-4f20-a391-358cc4f35bca

GET
H2 200 web Show response
onesignal.com/api/v1/sync/0c9a71b0-a982-4601-92db-74792a2489b9/ 5 KB
2 KB 38ms
29ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/0c9a71b0-a982-4601-92db-74792a2489b9/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4600201b77aecc0516a6b10fc923ab975f4c43c76de3c71a8e3399e2cf8c0cf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1399
cf-polished: origSize=5167
status: 200 OK
x-envoy-upstream-service-time: 23
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 471ec102-b213-4cd1-9b4e-e1ce3626c3c5
x-runtime: 0.021588
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"d8ef2d85fa99577556d18eb6e98ebb5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6dda52614b7cf923-MXP
access-control-allow-headers: SDK-Version
expires: Tue, 15 Feb 2022 01:11:57 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
532 B 97ms
34ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a633abf6ef85a1bf221e75979146c4c7f7a6164732a6a981180a84cf44ced8bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 15 Feb 2022 00:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://extra.globo.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H2 200 modules.855de5fca5328f4d913a.js Show response
script.hotjar.com/ 235 KB
62 KB 101ms
35ms Script
application/javascript 108.157.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.855de5fca5328f4d913a.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-831430.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

23b3d2b54537739075db04f57c66bd7a4b95aef7a8d95cfd50516c51ec094250

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 17:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 370311
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 62578
access-control-allow-origin: *
last-modified: Thu, 10 Feb 2022 17:19:42 GMT
etag: "6f96b4466f1ad2a1f9575d6ac84a137f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 271c2e1e305f31b0f14837cad3c843b0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: vEdn3CiUUtUaI1sitEOEAGvVpS47w5EziicgbgnHLeMem3wuNLET9Q==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1000485159/ 2 KB
2 KB 101ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1000485159/?random=1644883918763&cv=9&fst=1644883918763&num=1&label=bPzNCKmZnAQQp-KI3QM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fextra.globo.com%2F&tiba=Extra%20-%20Extra%20Online&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4bdf4d3f57120d8e08938d5a9b7902f1e1cda34ca3d2d1deae89f9a652b38206

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1056
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2098794280156062 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 124ms
90ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2098794280156062?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

766f59f4ab4eb741487e070f17167918f6e99f79205fe4f8df4f63034b4a861a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 6uC14Dtd67u1YZTUYoQ43P8lpDFYeChvTMXLjzEtxE/oEOJjVYOe8Viuq/dW/N+7XRaIwdM4jdWQmuLkVslkXg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 15 Feb 2022 00:11:57 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200 i
ivccf.ivcbrasil.org.br/ 43 B
461 B 1335ms
443ms Image
image/gif 52.40.91.215
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ivccf.ivcbrasil.org.br/i?stm=1644883918821&e=pv&url=https%3A%2F%2Fextra.globo.com%2F&page=Extra%20-%20Extra%20Online&tv=js-2.9.2-SNAPSHOT&tna=cf&aid=8&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&eid=231a9fef-b876-4787-9b1a-2b006e4647b2&dtm=1644883918820&vp=1600x1200&ds=1600x3746&vid=1&sid=57e98d15-3194-4ca6-9378-dd7066070343&duid=ea110bdb-638a-4c2c-9461-f6286e7cfa72&fp=941459047&uid=login_do_usuario
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.40.91.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-40-91-215.us-west-2.compute.amazonaws.com
Software: Apache/2.4.51 () OpenSSL/1.0.2k-fips /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 00:11:57 GMT
Server: Apache/2.4.51 () OpenSSL/1.0.2k-fips
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43

GET
H2 200 box-acca23410e696f2ca3087d947271c3d0.html Show response
vars.hotjar.com/ Frame 696E 2 KB
1 KB 111ms
36ms Document
text/html 143.204.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-831430.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-123.fra50.r.cloudfront.net
Software: /
Resource Hash: e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/

Response headers

content-type: text/html
content-length: 1044
date: Fri, 04 Feb 2022 08:52:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6f65fac4e8efe167ff5132c0c54c5729"
last-modified: Fri, 04 Feb 2022 08:51:39 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 8HNNjBmaxUs_j4YyHE7f0pyo-nlouJyZ7Q2EuXGcmMOGhxyNi8gfHw==
age: 919191

POST
H2 200 publisher:getClientId Show response
ampcid.google.it/v1/ 3 B
461 B 101ms
32ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.it/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 15 Feb 2022 00:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://extra.globo.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/1000485159/ 42 B
548 B 119ms
37ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1000485159/?random=1644883918763&cv=9&fst=1644883200000&num=1&label=bPzNCKmZnAQQp-KI3QM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&frm=0&url=https%3A%2F%2Fextra.globo.com%2F&tiba=Extra%20-%20Extra%20Online&async=1&fmt=3&is_vtc=1&random=350672512&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:11:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.it/pagead/1p-user-list/1000485159/ 42 B
548 B 114ms
39ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.it/pagead/1p-user-list/1000485159/?random=1644883918763&cv=9&fst=1644883200000&num=1&label=bPzNCKmZnAQQp-KI3QM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&frm=0&url=https%3A%2F%2Fextra.globo.com%2F&tiba=Extra%20-%20Extra%20Online&async=1&fmt=3&is_vtc=1&random=350672512&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:11:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 horizon-pageview
horizon.globo.com/auth-session/activity/extra/ 0
322 B 685ms
124ms Image
text/plain 35.211.79.33
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horizon.globo.com/auth-session/activity/extra/horizon-pageview?object=https%3A%2F%2Fextra.globo.com%2F&Referrer=&tags=&client_version=0.3.11

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.211.79.33 North Charleston, United States, ASN19527 (GOOGLE-2, US),

Reverse DNS

33.79.211.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
x-served-from: hzt-tsuru
content-length: 0
strict-transport-security: max-age=60
content-type: text/plain; charset=UTF-8

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 103ms
34ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-50597390-10&cid=1323511657.1644883919&jid=666616726&gjid=88575808&_gid=1699585631.1644883919&_u=YGBAgEABAAQCAE~&z=366431854

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 15 Feb 2022 00:11:57 GMT
content-type: text/plain
access-control-allow-origin: https://extra.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 70ms
25ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=47975251&t=pageview&_s=1&dl=https%3A%2F%2Fextra.globo.com%2F&ul=en-us&de=UTF-8&dt=Extra%20-%20Extra%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAQC~&jid=666616726&gjid=88575808&cid=1323511657.1644883919&tid=UA-50597390-10&_gid=1699585631.1644883919&gtm=2wg290BDVW&cd1=&cd2=&cd3=&cd4=&cd5=&cd7=&cd9=Capa&cd14=&cd15=&cd16=&cd17=&cd18=&cd19=&cd20=&cd21=&cd22=&cd23=&cd24=&cd25=&cd26=&cd49=Capa&cd61=&cd82=desktop&z=1086353323

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 18:12:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21561
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
406 B 90ms
32ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2098794280156062&ev=PageView&dl=https%3A%2F%2Fextra.globo.com%2F&rl=&if=false&ts=1644883919003&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1644883919002.138857693&it=1644883918783&coo=false&tm=1&rqm=GET

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 15 Feb 2022 00:11:57 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 37ms
36ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2098794280156062&ev=ContentData&dl=https%3A%2F%2Fextra.globo.com%2F&rl=&if=false&ts=1644883919005&cd[idMateria]=&cd[dtPublicacao]=&cd[tipoConteudo]=Capa&cd[editoria]=Capa&cd[topicos]=&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1644883919002.138857693&it=1644883918783&coo=false&tm=2&rqm=GET

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 15 Feb 2022 00:11:58 GMT

GET
H2 200 8314438e-1240-4037-ade5-bfeaed299a90.css
cdn.taboola.com/static/83/ 451 B
497 B 15ms
15ms Stylesheet
text/css 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/static/83/8314438e-1240-4037-ade5-bfeaed299a90.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68a4909c6b8a33d5355c1ef06ee9caff0286db5252efedcf509859a82cdc5463

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: CkT0watBV7AEsiEughRkYLexggZw11Ym
content-encoding: gzip
etag: "1802e318f880ad7e5c7030e9da649cf6"
age: 10072
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 222
x-amz-id-2: 5Z2ZGUo7ERZx9o0G39/uJkVOxBdM6uETIixZplDmCG9hOsLUT/2lBDED52+Y6CA55sePGNdfrL0=
x-served-by: cache-mxp6946-MXP
last-modified: Tue, 07 Jul 2020 17:40:49 GMT
server: AmazonS3
x-timer: S1644883917.285686,VS0,VE0
date: Tue, 15 Feb 2022 00:11:57 GMT
vary: Accept-Encoding
x-amz-request-id: 22W8Q3HZXYA8QP1P
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: text/css
abp: 12
x-cache-hits: 10

GET
H2 200 cta-component.20220209-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 18 KB
5 KB 22ms
21ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/cta-component.20220209-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a217093482f8f267d7b2687f71cb07e0d1d54f2006e6895e78b94e3b390721bb

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: vCe6_6Bsumb.GJ3vSYXxHZHuEowbLWa3
content-encoding: gzip
etag: "9849d7a808261a0a8eb56398b3b71925"
age: 1159
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5020
x-amz-id-2: YZW7ADnEB4FbfPRhhg7bL+yyFKssO8aym7J2ef2DMaQssmc6241KxMHU1Nyp+qkvDBHF/eYSaUY=
x-served-by: cache-mxp6946-MXP
last-modified: Mon, 14 Feb 2022 23:52:33 GMT
server: AmazonS3
x-timer: S1644883917.304367,VS0,VE0
date: Tue, 15 Feb 2022 00:11:57 GMT
vary: Accept-Encoding
x-amz-request-id: M981RMS4HQXBEKY9
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 12
x-cache-hits: 1160

GET
H2 200 tb Show response
15.taboola.com/ 31 KB
9 KB 75ms
74ms XHR
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=editoraglobo-extra&unitType=226&tbloc=&pageType=home&pstn=Below%20Homepage%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fextra.globo.com%2F&encoded=1&uid=d0d7cd74-44af-4e79-ad5a-051eceef7cc0-tuct904754c&variant=-100|1786072032&callback=TRC.videoTagCallbacks.videoCallback1&cb=1644883919057&tagid=&cntry=IT&platform=1&sesid=a0f2e5cdb1b09c7b089388d6dc4ffbfa&itemid=/&viewid=1644883918640&geolat=&geoing=&deviceifa=&appid=&sd=v2_a0f2e5cdb1b09c7b089388d6dc4ffbfa_d0d7cd74-44af-4e79-ad5a-051eceef7cc0-tuct904754c_1644883916_1644883916_CIi3jgYQmf9JGLD-4tXvLyABKAEwbDin7gpAl5EQSJe82ANQ____________AVgAYABoxqLdxZvAufqLAXAA&ri=37e52daaed040ef1d4b263035b68ce8f&appname=&cdb=&gdprApplies=true&rid=&sii=895431792905068299&oee=true&tpubid=1212313&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=VA&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1207970&prcnt=&layer=&normp=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 896fe014b1b48d5e6447b97f0860bd4a393162c222760754850fa2cd54e94cd5

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 15 Feb 2022 00:11:57 GMT
content-encoding: gzip
access-control-allow-origin: https://extra.globo.com
machineid: 1450
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-mxp6946-MXP
pragma: no-cache
server: nginx
x-timer: S1644883917.312467,VS0,VE47
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 userx.20220209-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 20ms
20ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20220209-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8847cc60ae38e9ee058fe1c1ead1cd834995c605c5d940437078419e622ce933

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: lFdIXfK9LKkZ15UdXCYXw6zJ6ui7AXgJ
content-encoding: gzip
etag: "61e315da9d36378bf5cee1884d4b1acb"
age: 1213
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5396
x-amz-id-2: MvoOgZwO+LW+FJilER71cLu//pD/vyZidtvjE3Lye77kMDRmn3Bb6SAQDI4tcMEvsePAJOubFrg=
x-served-by: cache-mxp6946-MXP
last-modified: Mon, 14 Feb 2022 23:51:39 GMT
server: AmazonS3
x-timer: S1644883917.312344,VS0,VE0
date: Tue, 15 Feb 2022 00:11:57 GMT
vary: Accept-Encoding
x-amz-request-id: GW5NVTG4709HMNEZ
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 12
x-cache-hits: 163

GET
H2 200 distance-from-article.20220209-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 19ms
19ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20220209-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d111500bf25634f687194ff4d0d56fdbf0408efbf5d3b7fbb5698a5427bda0d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: YeMf__5EMgxT_uozucw92zzPcujmfzYq
content-encoding: gzip
etag: "985b3679263be8e68090502d42c0b343"
age: 1163
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1003
x-amz-id-2: LmFdCnisXoMZKt94rb2KnNtc+zVyyd2eV8j/dkXFykH0IQv7j+YqwjqncQaAya2nhBtB0+8AOUY=
x-served-by: cache-mxp6946-MXP
last-modified: Mon, 14 Feb 2022 23:52:30 GMT
server: AmazonS3
x-timer: S1644883917.312577,VS0,VE0
date: Tue, 15 Feb 2022 00:11:57 GMT
vary: Accept-Encoding
x-amz-request-id: 646AD2MNYRQYQTKQ
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 12
x-cache-hits: 327

GET
H2 200 article-detection.20220209-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
1 KB 18ms
18ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20220209-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f8223c715d6927d3966caef0d8ee78e4ee5be665e2c26c8d7226d68ea052445f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: t91ssRmD7bGtb43988YHo_GgjYUJEAvh
content-encoding: gzip
etag: "c7dddf34530fc6e1ab95602fa7bfe77c"
age: 1152
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1234
x-amz-id-2: kHBa9HnVMJJKBbohgevp9kQShC4ATuUpm7533O8WX0mSJqH5QL7VsLElB2nm7O2x1vV+9PTE8f0=
x-served-by: cache-mxp6946-MXP
last-modified: Mon, 14 Feb 2022 23:52:41 GMT
server: AmazonS3
x-timer: S1644883917.312744,VS0,VE0
date: Tue, 15 Feb 2022 00:11:57 GMT
vary: Accept-Encoding
x-amz-request-id: TYGR6EB8R3CQ7NQH
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 12
x-cache-hits: 322

GET
H2 200 tb Show response
15.taboola.com/ 37 KB
11 KB 53ms
52ms XHR
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=editoraglobo-extra&unitType=244&tbloc=&pageType=home&pstn=Below%20Page&uuip=Feed%20-%20Below%20Page&cisrf=&cirf=https%3A%2F%2Fextra.globo.com%2F&encoded=1&uid=d0d7cd74-44af-4e79-ad5a-051eceef7cc0-tuct904754c&variant=-100|1786072032&callback=TRC.videoTagCallbacks.videoCallback2&cb=1644883919060&tagid=&cntry=IT&platform=1&sesid=a0f2e5cdb1b09c7b089388d6dc4ffbfa&itemid=/&viewid=1644883918640&geolat=&geoing=&deviceifa=&appid=&sd=v2_a0f2e5cdb1b09c7b089388d6dc4ffbfa_d0d7cd74-44af-4e79-ad5a-051eceef7cc0-tuct904754c_1644883916_1644883916_CIi3jgYQmf9JGLD-4tXvLyABKAEwbDin7gpAl5EQSJe82ANQ____________AVgAYABoxqLdxZvAufqLAXAA&ri=f81a337b8dda457ca3b676deda19b57a&appname=&cdb=&gdprApplies=true&rid=&sii=895431792905068299&oee=true&tpubid=1212313&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=VA&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1207970&prcnt=&layer=&normp=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 76e1add8e0785e97eea169ffc008d3170b680be255b5885942b7010ed9f7e60f

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 15 Feb 2022 00:11:57 GMT
content-encoding: gzip
access-control-allow-origin: https://extra.globo.com
machineid: 1451
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-mxp6946-MXP
pragma: no-cache
server: nginx
x-timer: S1644883917.312909,VS0,VE36
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 feed-card-placeholder.20220209-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
1 KB 17ms
17ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20220209-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fe183cf65f19ad2ed6494c6cbc3bd50bd86a9b6c7ccbff95143fa6c26bacb8

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: hoByg.fDvnfVBNeCLC3l.hAW4DyZDQFJ
content-encoding: gzip
etag: "b0cec8ec7667c7db8960686fe402a9a2"
age: 1169
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: lmSER2iYBKEQw8YqiwTxWw6atx7KrQUjpQpb0L0/2VNKFIyEdAYWeeUUFgDvFBoWyNwQ0xVPhic=
x-served-by: cache-mxp6946-MXP
last-modified: Mon, 14 Feb 2022 23:52:21 GMT
server: AmazonS3
x-timer: S1644883917.313451,VS0,VE0
date: Tue, 15 Feb 2022 00:11:57 GMT
vary: Accept-Encoding
x-amz-request-id: 41CRYJCCGDT8KR1T
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 12
x-cache-hits: 1384

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-extra/log/2/ 0
89 B 42ms
41ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-extra/log/2/debug?tim=00%3A11%3A59.065&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01&llvl=2&id=3147&cv=20220209-5-RELEASE&lt=deflated&pct=1
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 43901

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-extra/log/2/ 0
89 B 41ms
41ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-extra/log/2/debug?tim=00%3A11%3A59.066&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01&llvl=2&id=784&cv=20220209-5-RELEASE&lt=deflated&pct=1
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 43901

GET
H2 204 social
am-trc-events.taboola.com/editoraglobo-extra/log/3/ 0
230 B 42ms
41ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-extra/log/3/social?route=AM:AM:V&lti=deflated&ri=37e52daaed040ef1d4b263035b68ce8f&sd=v2_a0f2e5cdb1b09c7b089388d6dc4ffbfa_d0d7cd74-44af-4e79-ad5a-051eceef7cc0-tuct904754c_1644883916_1644883916_CIi3jgYQmf9JGLD-4tXvLyABKAEwbDin7gpAl5EQSJe82ANQ____________AVgAYABoxqLdxZvAufqLAXAA&ui=d0d7cd74-44af-4e79-ad5a-051eceef7cc0-tuct904754c&pi=/&wi=895431792905068299&pt=home&vi=1644883918640&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fextra.globo.com%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22%20Extra%20-%20Extra%20Online%20%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=00%3A11%3A59.090&id=8656&llvl=2&cv=20220209-5-RELEASE&
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 15 Feb 2022 00:11:58 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 204 bulk-metrics Show response
am-trc-events.taboola.com/editoraglobo-extra/log/3/ 0
246 B 42ms
41ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/editoraglobo-extra/log/3/bulk-metrics?route=AM%3AAM%3AV&lti=deflated&bulkSize=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://extra.globo.com
pragma: no-cache
date: Tue, 15 Feb 2022 00:11:57 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.6.3/ 99 KB
29 KB 18ms
16ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.6.3/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f05b433bd9e3d5f20b021fbec3b24de2441225a1b970cbfe3f1302f5731024c0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
via: 1.1 61beea9b7a54f47fca4ae4dea3f52fa2.cloudfront.net (CloudFront), 1.1 varnish
age: 223508
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 29211
x-served-by: cache-mxp6946-MXP
last-modified: Sat, 12 Feb 2022 10:06:12 GMT
server: AmazonS3
x-timer: S1644883918.055331,VS0,VE0
etag: "ee3e0b0aba5a18179563dfdda39b8989"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: MXP63-P3
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: kNEY_es4EtKDd_ZHe4vaHc1Cy2wQwIj9FDfxb2XbcKkamH-KouT_Pg==
x-cache-hits: 54715

GET
H2 200 UnitWidgetItemDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.6.3/ 99 KB
28 KB 17ms
16ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.6.3/UnitWidgetItemDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9a80c3d91214871839137dc21e17647e75e2b7957c750731864e2db26fad35f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
via: 1.1 8a18f55d51efc3ad7cf529879a3478f4.cloudfront.net (CloudFront), 1.1 varnish
age: 223508
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 28657
x-served-by: cache-mxp6946-MXP
last-modified: Sat, 12 Feb 2022 10:06:12 GMT
server: AmazonS3
x-timer: S1644883918.074032,VS0,VE0
etag: "f60e53a81f31a9fcd61a363cf4dcddec"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: MXP63-P3
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 3M41AkBzkYvl59NM4Lci4F8qqWcgLCdB7cDY4rDXRj4aifEIH93k7g==
x-cache-hits: 18905

GET
H2 200 regular.woff2
s3.glbimg.com/cdn/fonts/proximanova/ 20 KB
21 KB 687ms
229ms Font
application/font-woff2 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/fonts/proximanova/regular.woff2
Requested by: Host: barra.globo.com
URL: https://barra.globo.com/gl/ba/oidcprodutos/css/barra-globocom.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 961d2527913673b9488d10ca5f8ceb13ad768457a5918d1595b9fafbd8ad08a3

Request headers

Referer: https://barra.globo.com/
Origin: https://extra.globo.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
x-openstack-request-id: txb63563d8e6e84a6cb93fd-00619540c2
last-modified: Tue, 25 Jun 2019 17:42:57 GMT
x-thanos: 0AB54008
etag: a28c6bf751afd0731507d904609fe5da
vary: Accept-Encoding, Origin
content-type: application/font-woff2
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
cache-control: public, max-age=31536000
content-length: 20904
accept-ranges: bytes
x-trans-id: txb63563d8e6e84a6cb93fd-00619540c2
x-request-id: 27fd8bb5-038b-4cbc-a598-2130c34c8886
x-timestamp: 1561484576.57450

GET
H2 200 schemas Show response
horizon-schemas.globo.com/ 111 KB
11 KB 738ms
233ms XHR
application/json 186.192.81.117
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://horizon-schemas.globo.com/schemas

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.81.117 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-81-117.prt.globo.com

Software

Resource Hash

5ee942933492d9eee0dbb393400f00afba90667fdd419bfc8cab5e4d167cb5b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 716702923 ra09 20 14
age: 2474
vary: X-Forwarded-Proto, Accept-Encoding, Origin
content-length: 10734
x-xss-protection: 1; mode=block
x-request-id: 5d21c4b4-b4d5-4977-ae25-781b8991966b
access-control-allow-origin: https://extra.globo.com
x-thanos: 0AB4D017
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/json; charset=UTF-8
via: 2.0 CachOS
cache-control: max-age=7200, public
accept-ranges: bytes

GET
H/1.1 200
OK blog_coluna_lesbians.jpg
extra.globo.com/mosaic/25392709-e40000-c48/w488h275/ 27 KB
28 KB 255ms
223ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/mosaic/25392709-e40000-c48/w488h275/blog_coluna_lesbians.jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

8f3926c69e8119cfef7b839509d977eab66fd81bc29290d78464346ce59ef8d3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 22:18:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 6779
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 27730
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 14 Feb 2022 22:15:15 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "601bd174-6d35-5d801c043cbe9-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Access-Control-Allow-Credentials: true
X-Cache-Hits: 330

GET
H/1.1 200
OK barbara-e-natalia-bbb22.jpg
extra.globo.com/mosaic/25393529-0cb7e2-975/w311h175/ 22 KB
23 KB 338ms
214ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/mosaic/25393529-0cb7e2-975/w311h175/barbara-e-natalia-bbb22.jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

92d23637b6bc8367d146d792a30a524df69fa2a3dd4aed5dea4fe7b556d17372

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 22:16:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 6924
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 22202
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 14 Feb 2022 22:15:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "e086830f-5791-5d801c04bbe2a-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Access-Control-Allow-Credentials: true
X-Cache-Hits: 286

GET
H/1.1 200
OK blog_vanesa.jpg
extra.globo.com/mosaic/25384029-e40000-030/w162h91/ 6 KB
7 KB 271ms
216ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/mosaic/25384029-e40000-030/w162h91/blog_vanesa.jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

3e850b479a71c0cd528385cbfca3caebcf43f35b6023d4dd3339e7dad581754a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 23:56:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 605742
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 6071
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 07 Feb 2022 23:47:14 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "28fcfd-182a-5d776384abc85-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Access-Control-Allow-Credentials: true
X-Cache-Hits: 12222

GET
H/1.1 200
OK natalia-barbara-bbb-22-1.jpg
extra.globo.com/mosaic/25393301-0cb7e2-b23/w162h91/ 5 KB
6 KB 233ms
215ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/mosaic/25393301-0cb7e2-b23/w162h91/natalia-barbara-bbb-22-1.jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

7e36cafc980cb29912a970a96dc3fefc63acad33c9b463faf48c2225ecfc1b6f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 17:03:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 25706
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 5322
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 14 Feb 2022 17:02:48 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "20468aa4-1546-5d7fd62de00e1-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Access-Control-Allow-Credentials: true
X-Cache-Hits: 1430

GET
H/1.1 200
OK whatsapp-image-2022-02-14-at-14.36.38.jpeg.jpg
extra.globo.com/mosaic/25393667-ff7200-c8d/w162h91/ 6 KB
7 KB 222ms
221ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/mosaic/25393667-ff7200-c8d/w162h91/whatsapp-image-2022-02-14-at-14.36.38.jpeg.jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

fd97360daeeff20173b2b54861507951dbf990dfa41666be803db7c5649f8bb0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 23:05:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 3970
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 6243
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 14 Feb 2022 23:03:48 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "20276d69-18d8-5d8026de6c0c6-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Access-Control-Allow-Credentials: true
X-Cache-Hits: 165

GET
H/1.1 200
OK 96908355-(1).jpg
extra.globo.com/mosaic/25392969-ecb010-9de/w162h91/ 4 KB
5 KB 217ms
217ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/mosaic/25392969-ecb010-9de/w162h91/96908355-(1).jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

53116321f845be51bfe38e2ae79431f3495d4cc266b6c0033496cecd34edb931

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 12:11:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 43229
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 3923
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 14 Feb 2022 12:10:25 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "4019c3e8-100a-5d7f94d3489f3-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Access-Control-Allow-Credentials: true
X-Cache-Hits: 3738

GET
H/1.1 200
OK svr.jpg
extra.globo.com/mosaic/25393553-ecb010-a35/w162h91/ 3 KB
3 KB 217ms
216ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/mosaic/25393553-ecb010-a35/w162h91/svr.jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

8b33429623d6a2c34c421e106bb249a91a3d2b52b4f314b83b7100bcf2c7ecf1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 22:07:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 7478
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 2427
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 14 Feb 2022 18:22:10 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "201b0d14-cda-5d7fe7eaa2296-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Access-Control-Allow-Credentials: true
X-Cache-Hits: 398

GET
H/1.1 200
OK 93314741_esrio-de-janeiro-rj-11062021treino-do-flamengono-ninho-dourubu-thiago-ma.jpg
extra.globo.com/mosaic/25333031-7ac40b-66c/w233h131/ 7 KB
8 KB 222ms
221ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/mosaic/25333031-7ac40b-66c/w233h131/93314741_esrio-de-janeiro-rj-11062021treino-do-flamengono-ninho-dourubu-thiago-ma.jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

2af7c7626bd2538bb58e185ee6fd0122f3d99df2ac14f4447514dcf3586c4195

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 21:02:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 11354
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 7340
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 14 Feb 2022 21:02:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "3b848-1d30-5d800bc53d129-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Access-Control-Allow-Credentials: true
X-Cache-Hits: 561

GET
H/1.1 200
OK romont.jpg
extra.globo.com/mosaic/25392787-c722fd-90d/w233h131/ 13 KB
14 KB 223ms
222ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/mosaic/25392787-c722fd-90d/w233h131/romont.jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

686a7d8199d19e34f0397ed608ed78866357369719adc6d92e4e395d8c18727c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:09:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 54164
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 13634
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 14 Feb 2022 09:08:02 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a0407b20-35c6-5d7f6c0ed71ca-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Access-Control-Allow-Credentials: true
X-Cache-Hits: 3031

GET
H/1.1 200
OK whatsapp-image-2022-02-12-at-18.36.33.jpeg.jpg
extra.globo.com/mosaic/25392283-c722fd-71f/w233h131/ 12 KB
13 KB 214ms
214ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/mosaic/25392283-c722fd-71f/w233h131/whatsapp-image-2022-02-12-at-18.36.33.jpeg.jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

75d933a5d4b59cbae0d459e32781b8260d3b23156842533e0ad2dcc1cff6ea72

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 13 Feb 2022 11:39:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 131561
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 12552
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sun, 13 Feb 2022 11:38:30 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "20365b99-319c-5d7e4bd31cc5c-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Access-Control-Allow-Credentials: true
X-Cache-Hits: 1584

GET
H/1.1 200
OK cratera.jpeg.jpg
extra.globo.com/mosaic/25393810-e40000-d2f/w162h91/ 7 KB
8 KB 217ms
217ms Image
image/jpeg 201.7.177.130
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://extra.globo.com/mosaic/25393810-e40000-d2f/w162h91/cratera.jpeg.jpg

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.130 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

4f2d68c81e315d7643d55f67bf620586c60141cff7a0e5be1ebe3f7ae349fb95

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: http://.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://.aws.infg.com.br;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 23:12:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 3528
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 7462
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 14 Feb 2022 23:11:41 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "c0157744-1d99-5d8028a18d63f-gzip"
Vary: Origin,Accept-Encoding
Content-Type: image/jpeg
cache-control: max-age=31535912
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'self' https://horizon*.globo.com; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: http://*.globo.com blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https: http://*.aws.infg.com.br;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Access-Control-Allow-Credentials: true
X-Cache-Hits: 159

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 59ms
28ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2098794280156062&ev=Microdata&dl=https%3A%2F%2Fextra.globo.com%2F&rl=&if=false&ts=1644883919509&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20Extra%20-%20Extra%20Online%20%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22url%22%3A%22http%3A%2F%2Fextra.globo.com%2F%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22http%3A%2F%2Fextra.globo.com%2F%3Fs%3D%7Bsearch_term%7D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.52&r=stable&ec=2&o=30&fbp=fb.1.1644883919002.138857693&it=1644883918783&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 15 Feb 2022 00:11:58 GMT

OPTIONS
H2 204 logged
cocoon.globo.com/v2/user/ Frame 0
0 678ms
215ms Preflight 201.7.182.243
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://cocoon.globo.com/v2/user/logged
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 201.7.182.243 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-requested-with
Origin: https://extra.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
access-control-allow-origin: https://extra.globo.com
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
access-control-allow-methods: POST, OPTIONS
access-control-allow-credentials: true
x-request-id: d106209d-b287-499a-91e2-7540d38e54a8
x-thanos: 0A83D0A7

GET
H2 200 login.css
s.glbimg.com/pc/ca/ 846 B
836 B 235ms
234ms Stylesheet
text/css 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/ca/login.css

Requested by

Host: s.glbimg.com
URL: https://s.glbimg.com/pc/ca/cadun.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Resource Hash

d3decc75ba01ec53d1204eee13646967c5ec5ae009d0172ff3a06d38e0c8ef44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 973554947 ra03 11 09
age: 75936
content-length: 431
x-xss-protection: 1; mode=block
x-request-id: dd3ae1cd-7e0a-43c9-bc18-36052e4faaa1
last-modified: Wed, 27 Jan 2021 20:50:06 GMT
x-thanos: 0AB1D00F
etag: W/"6011d1fe-34e"
vary: Accept-Encoding, Origin
content-type: text/css
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Mon, 21 Feb 2022 03:06:21 GMT

POST
H2 200 logged Show response
cocoon.globo.com/v2/user/ 187 B
692 B 649ms
219ms XHR
application/json 201.7.182.243
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://cocoon.globo.com/v2/user/logged
Requested by: Host: s.glbimg.com
URL: https://s.glbimg.com/pc/ca/cadun.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 201.7.182.243 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: /
Resource Hash: b42f450c0f2275fd2afc57aaa6f6e5bc7f86fc29b8d098609e9ef68b2f241cfc

Request headers

Referer: https://extra.globo.com/
X-Requested-With: XMLHttpRequest
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
content-encoding: gzip
x-thanos: 0A83D0A3
vary: Accept-Encoding
access-control-allow-methods: POST, OPTIONS
p3p: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
access-control-allow-origin: https://extra.globo.com
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
x-request-id: 8447b84e-8e30-43fc-84e3-47dc9c54d361

GET
H2 200 utag.158.js Show response
tags.tiqcdn.com/utag/globo/infoglobo.extra/prod/ 4 KB
2 KB 28ms
26ms Script
application/x-javascript 2.21.140.252
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/infoglobo.extra/prod/utag.158.js?utv=202012141824
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.extra/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.252 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-252.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fec4e4327fe7df5147a5eff9d98cc2cb1f0cb2766ef2774c8c7a0cd7bcc2de4f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:57 GMT
content-encoding: gzip
last-modified: Mon, 14 Dec 2020 18:24:35 GMT
server: AkamaiNetStorage
etag: "56a0e21bd6fb0095c7f90d965115f300:1607970275.979393"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1842
expires: Wed, 02 Mar 2022 00:11:57 GMT

GET
H2 200 utag.170.js Show response
tags.tiqcdn.com/utag/globo/infoglobo.extra/prod/ 1 KB
929 B 28ms
27ms Script
application/x-javascript 2.21.140.252
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/infoglobo.extra/prod/utag.170.js?utv=201911252034
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.extra/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.252 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-252.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9f2b13aea108ffe5ecc803d5f8304016e3eea8c39ddaaacbf1f3f1a9bfc0225d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:57 GMT
content-encoding: gzip
last-modified: Mon, 25 Nov 2019 20:34:17 GMT
server: AkamaiNetStorage
etag: "9d792b227fde5bcae5570f32dba5615d:1574714057.459592"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 699
expires: Wed, 02 Mar 2022 00:11:57 GMT

GET
H2 200 15688_extra.js Show response
ads.rubiconproject.com/prebid/ 330 KB
100 KB 116ms
25ms Script
text/javascript 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/prebid/15688_extra.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.extra/prod/utag.158.js?utv=202012141824
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9cc64b5afde6dd59eb5bab47542cc0f8079c017dbb35e19f7a225040b0677ca5

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 23:41:13 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=14270
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 102301
expires: Tue, 15 Feb 2022 04:09:48 GMT

GET
H2 200 sexqhznbn.js Show response
cdn.krxd.net/controltag/ 75 KB
21 KB 68ms
16ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/sexqhznbn.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.extra/prod/utag.170.js?utv=201911252034
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5eb0c95f0d7179c64baa27e947a3e78dc669a72397f690adfec421d751cf3446

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Tue, 15 Feb 2022 00:11:58 GMT
via: 1.1 varnish, 1.1 varnish
age: 18
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 20776
x-served-by: config-service-a004-ash-prod.krxd.net, cache-iad-kcgs7200031-IAD, cache-mxp6922-MXP
x-response-time: 0
x-do-esi: esi
x-timer: S1644883918.144154,VS0,VE1
etag: "5de8f588c1acbc44ba73a5864b7b57b763c894e2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 1

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 26ms
25ms Script
application/x-javascript 2.21.140.252
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=globo/infoglobo.extra/202201261938&cb=1644883919663
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.extra/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.252 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-252.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:57 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Tue, 15 Feb 2022 00:21:57 GMT

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 16ms
16ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sexqhznbn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Tue, 15 Feb 2022 00:11:58 GMT
content-encoding: gzip
age: 15266720
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 7894220
content-length: 84509
x-served-by: cache-mxp6922-MXP
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1644883918.175969,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response
cdn.krxd.net/partnerjs/xdi/ Frame BE1C 805 B
826 B 16ms
16ms Document
text/html 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/

Response headers

last-modified: Tue, 21 Feb 2017 17:50:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
cache-control: public, max-age=315360000
expires: Fri, 19 Feb 2027 17:50:50 GMT
content-type: text/html
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 15 Feb 2022 00:11:58 GMT
via: 1.1 varnish
age: 8290341
x-served-by: cache-mxp6922-MXP
x-cache: HIT
x-cache-hits: 3057726
x-timer: S1644883918.234182,VS0,VE0
vary: Accept-Encoding
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 525

GET
H2 200 sexqhznbn.js Show response
cdn.krxd.net/controltag/ Frame BE1C 75 KB
21 KB 16ms
16ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/sexqhznbn.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5eb0c95f0d7179c64baa27e947a3e78dc669a72397f690adfec421d751cf3446

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Tue, 15 Feb 2022 00:11:58 GMT
via: 1.1 varnish, 1.1 varnish
age: 18
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 20776
x-served-by: config-service-a004-ash-prod.krxd.net, cache-iad-kcgs7200031-IAD, cache-mxp6922-MXP
x-response-time: 0
x-do-esi: esi
x-timer: S1644883918.272107,VS0,VE0
etag: "5de8f588c1acbc44ba73a5864b7b57b763c894e2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 2

GET
H2 200 15688-pbjs-floors.json Show response
ads.rubiconproject.com/floors/ 1006 B
574 B 74ms
25ms XHR
application/json 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/floors/15688-pbjs-floors.json
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_extra.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8d160fd21c064326b3ea9eb331dfa8f861474830ab777eeb510f2a9672b3e0d0

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 23:41:01 GMT
server: Apache
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1500
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 394

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 64ms
29ms XHR
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220215

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_extra.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09a546e7358e4dad9ce3f48afd5e59695a724f04becd6451980c7186fad3f0cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-jsd-version: 1.0.1253
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19139-FRA, cache-mxp6950-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"6a0-RO4We27WtK8+9LAr+u0Wuauf5KU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6dda52698b2e59f5-MXP

GET
H2 200 5007d44e-09d1-49b7-8c99-6b1cc38c3cbc Show response
consumer.krxd.net/consent/get/ 235 B
429 B 50ms
16ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9f1508da4c7e232fecfa9d9ca9c8d6d4097d449c91b20d51903af021612c1214

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a005-dub-prod.krxd.net, cache-mxp6976-MXP
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1644883918.340250,VS0,VE0
content-length: 192
x-cache-hits: 0, 1

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 504 B
1 KB 210ms
86ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15688&site_id=264326&zone_id=1308066&size_id=2&alt_size_ids=55%2C57&eid_pubcid.org=973cbdc0-61a1-465f-ab38-24723a7ac55e%5E1&rf=https%3A%2F%2Fextra.globo.com%2F&tg_i.adunit=info.web.extra%2Fhome%2Fcapa&tg_i.page_name=home&tg_i.platform=desktop&tg_i.aupname=%2F85042905.*%26pub-super.*%26position%3Datf&tg_i.dfp_ad_unit_code=85042905%2Finfo.web.extra%2Fhome%2Fcapa&tg_i.pbadslot=85042905%2Finfo.web.extra%2Fhome%2Fcapa&tk_flint=dmpbjs_v5.20.0&x_source.tid=fbeeb8b5-110b-4617-9ddd-305d0da0d434&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9720568779589223
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_extra.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 00d8eccab1de5e76836610b458206498c8bf4de005a97393a6d9d4089d50514e

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 00:11:58 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://extra.globo.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 504
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
557 B 232ms
94ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_extra.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:11:57 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://extra.globo.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
312 B 202ms
51ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.20.0&cb=81754546227

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_extra.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 15 Feb 2022 00:11:57 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://extra.globo.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 15 KB
8 KB 151ms
94ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_extra.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

98fd8d9a44dc15e0ecc09d1ebef94ac3b048f10f0196ac7d6573f3e98dadd9e0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 15 Feb 2022 00:11:58 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 192.145.127.219; 192.145.127.219; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 4608c0f3-efa5-4f44-a149-1a6e8e2754c2
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://extra.globo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 27 B
809 B 610ms
566ms XHR
application/json 35.244.182.124
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_extra.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 124.182.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1be45c7a0fdf34b220113cd7d2f3ba2d19e81502792c1ab77da76adc36c30036

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
content-encoding: gzip
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
etag: W/"1b-EHEP6f3HeX2j76oqC2hiwEiULGo"
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://extra.globo.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
296 B 178ms
126ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_extra.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: cfb1621326461a3aea40cad09a7c202f50eb3e78b165a2e009c9533a58fe81b2

Request headers

Referer: https://extra.globo.com/
x-openrtb-version: 2.5
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://extra.globo.com
access-control-allow-credentials: true
content-length: 66

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 111ms
27ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Origin: https://extra.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
server: ATS/9.1.0.33
access-control-allow-origin: https://extra.globo.com
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ Frame BE1C 259 KB
83 KB 16ms
16ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sexqhznbn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Tue, 15 Feb 2022 00:11:58 GMT
content-encoding: gzip
age: 15266720
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 7894221
content-length: 84509
x-served-by: cache-mxp6922-MXP
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1644883918.330945,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame B3C7 1 KB
578 B 44ms
43ms Document
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7rPkCFgPn5NnwxUCv7QTn5NnwxUCv7QUAAAAGBvQHHDRY7CakzYw1GM12m8VsMFgsF5PhbDUbTIbAQYPFbkLazFiD0Wy3WcwGg8FqM5ktZrPVZAoRxnKZDGqBhGX2-w6Chs_lBgw0nQ6f616vMp4uD7vO7Lf47Rq_2y8HAAAAgAeAqqcFiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAITEcA0ANI4Cc1nufn8AADwogAAACGCQABTwnpYAfJwdnQAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBWsFjECAAAAAI782z6a1AmVRRUAAEG6FcAVAECAnz6u7kMYAAAAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTstELTwtiQLFX-wUEAFj7BQQAYBs3AIA3AbigI2jFYLA6hdgNZ4PdZLCZzA4AAADg7v___18PJAwzy8q1MVkcE8Ny45sYhsvNcDiyjTymmc1ic3gvqurxfO0qm6VvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0P4EcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEYYMI9_G5ButRaOFzS1a-ZZrhcm1cAtWi5XH5bL5Nh7DWvT6mJ6D0W412nhRMMBjL4KLdKIyOU1_y8Nn9lv8bpXxdHlYxBLNySKdyC77hmFmWbk2JotjYlhufBPDcLkZDke2kcc0s1lsDn_JMPJtTL7RWjRa2NyilW-5VphcC7dgtVh5XC6bb-MxrEWvj-k5GO1Wo42_MRuNhsPNcjHbN2aj0XC4WS5m-w6T6Zn6nI22zTnlkUls0ehYOzMfFC6DxbuYmHbfzvAgu1aMTpVlnCzojH6_3-_3-_1-v99v0HoOZoPCNz7OJOO19mDdHGcGscGgiCWC00U6EfrdLotYInlapBOZcbHwbHYT48jkMK12G4dnYtvNRi6Tw7GcuHYLi1iiNF2kE71E_ceHWE7mitFqrpjs5pLFcpUAAAAAAAAAAJYwZ94EAAAA4DSY3Wq5Wy0XQOIvUxcYBAAAAAAAYJehzQYPVvZzobjxY4kyOU1_y8Nn9lv8bpXxdHlYGUDCTZR5s2eCWKvVsgYAABDABgAACODWzVvAGiQH!&cmcv=&pix=undefined&cb=1644883920109&uv=3120&tms=1644883920109&abt=adh5c-1_vA!iiq8c_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vB!pblc_vE!spa2_vA!t45!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=4017B43F50467316001912865602&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.3/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 82deb488ed90a4434ca3c944a199af3d557338dbdd3862bf4b2fa7e304f13656

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/

Response headers

server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Tue, 15 Feb 2022 00:11:58 GMT
via: 1.1 varnish
x-served-by: cache-mxp6946-MXP
x-cache: MISS
x-cache-hits: 0
x-timer: S1644883918.362385,VS0,VE28
vary: Accept-Encoding

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 404A 1 KB
1 KB 68ms
47ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7rPkCFgPn5NnwxUCv7QTn5NnwxUCv7QUAAAAGBvQHHDRY7CakzYw1GM12m8VsMFgsF5PhbDUbTIbAQYPFbkLazFiD0Wy3WcwGg8FqM5ktZrPVZAoRxnKZDGqBhGX2-w6Chs_lBgw0nQ6f616vMp4uD7vO7Lf47Rq_2y8HAAAAgAeAqqcFiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAITEcA0ANI4Cc1nufn8AADwogAAACGCQABTwnpYAfJwdnQAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBWsFjECAAAAAI782z6a1AmVRRUAAEG6FcAVAECAnz6u7kMYAAAAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTstELTwtiQLFX-wUEAFj7BQQAYBs3AIA3AbigI2jFYLA6hdgNZ4PdZLCZzA4AAADg7v___18PJAwzy8q1MVkcE8Ny45sYhsvNcDiyjTymmc1ic3gvqurxfO0qm6VvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0P4EcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEYYMI9_G5ButRaOFzS1a-ZZrhcm1cAtWi5XH5bL5Nh7DWvT6mJ6D0W412nhRMMBjL4KLdKIyOU1_y8Nn9lv8bpXxdHlYxBLNySKdyC77hmFmWbk2JotjYlhufBPDcLkZDke2kcc0s1lsDn_JMPJtTL7RWjRa2NyilW-5VphcC7dgtVh5XC6bb-MxrEWvj-k5GO1Wo42_MRuNhsPNcjHbN2aj0XC4WS5m-w6T6Zn6nI22zTnlkUls0ehYOzMfFC6DxbuYmHbfzvAgu1aMTpVlnCzojH6_3-_3-_1-v99v0HoOZoPCNz7OJOO19mDdHGcGscGgiCWC00U6EfrdLotYInlapBOZcbHwbHYT48jkMK12G4dnYtvNRi6Tw7GcuHYLi1iiNF2kE71E_ceHWE7mitFqrpjs5pLFcpUAAAAAAAAAAJYwZ94EAAAA4DSY3Wq5Wy0XQOIvUxcYBAAAAAAAYJehzQYPVvZzobjxY4kyOU1_y8Nn9lv8bpXxdHlYGUDCTZR5s2eCWKvVsgYAABDABgAACODWzVvAGiQH!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.3/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 2cfe3860cbed1aadb7413754ecab66c5e58561a48cced4efa2f0a4a294cd39d1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/

Response headers

server: nginx
date: Tue, 15 Feb 2022 00:11:58 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3402

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 41ms
41ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7rPkCFgPn5NnwxUCv7QTn5NnwxUCv7QUAAAAGBvQHHDRY7CakzYw1GM12m8VsMFgsF5PhbDUbTIbAQYPFbkLazFiD0Wy3WcwGg8FqM5ktZrPVZAoRxnKZDGqBhGX2-w6Chs_lBgw0nQ6f616vMp4uD7vO7Lf47Rq_2y8HAAAAgAeAqqcFiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAITEcA0ANI4Cc1nufn8AADwogAAACGCQABTwnpYAfJwdnQAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBWsFjECAAAAAI782z6a1AmVRRUAAEG6FcAVAECAnz6u7kMYAAAAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTstELTwtiQLFX-wUEAFj7BQQAYBs3AIA3AbigI2jFYLA6hdgNZ4PdZLCZzA4AAADg7v___18PJAwzy8q1MVkcE8Ny45sYhsvNcDiyjTymmc1ic3gvqurxfO0qm6VvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0P4EcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEYYMI9_G5ButRaOFzS1a-ZZrhcm1cAtWi5XH5bL5Nh7DWvT6mJ6D0W412nhRMMBjL4KLdKIyOU1_y8Nn9lv8bpXxdHlYxBLNySKdyC77hmFmWbk2JotjYlhufBPDcLkZDke2kcc0s1lsDn_JMPJtTL7RWjRa2NyilW-5VphcC7dgtVh5XC6bb-MxrEWvj-k5GO1Wo42_MRuNhsPNcjHbN2aj0XC4WS5m-w6T6Zn6nI22zTnlkUls0ehYOzMfFC6DxbuYmHbfzvAgu1aMTpVlnCzojH6_3-_3-_1-v99v0HoOZoPCNz7OJOO19mDdHGcGscGgiCWC00U6EfrdLotYInlapBOZcbHwbHYT48jkMK12G4dnYtvNRi6Tw7GcuHYLi1iiNF2kE71E_ceHWE7mitFqrpjs5pLFcpUAAAAAAAAAAJYwZ94EAAAA4DSY3Wq5Wy0XQOIvUxcYBAAAAAAAYJehzQYPVvZzobjxY4kyOU1_y8Nn9lv8bpXxdHlYGUDCTZR5s2eCWKvVsgYAABDABgAACODWzVvAGiQH!&cmcv=&pix=31589837&cb=1644883920109&uv=3120&tms=1644883920109&abt=adh5c-1_vA!iiq8c_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vB!pblc_vE!spa2_vA!t45!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1644883914959.6!ts:1644883920109&mntl=1
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
content-length: 0
server: nginx

POST
H2 204 bulk Show response
trc.taboola.com/editoraglobo-extra/log/3/ 0
264 B 41ms
41ms XHR
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/editoraglobo-extra/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=3
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 26
pragma: no-cache
date: Tue, 15 Feb 2022 00:11:58 GMT
via: 1.1 varnish
server: nginx
x-timer: S1644883918.368088,VS0,VE26
x-served-by: cache-mxp6946-MXP
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://extra.globo.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 5007d44e-09d1-49b7-8c99-6b1cc38c3cbc Show response
consumer.krxd.net/consent/get/ Frame BE1C 220 B
300 B 67ms
67ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 487df29b6eb95f8d9264535befe6f07d832b77406717c09f9c083ee8c9538d3b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a009-dub-prod.krxd.net, cache-mxp6976-MXP
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1644883918.388488,VS0,VE41
content-length: 184
x-cache-hits: 0, 0

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 00D8 742 B
453 B 41ms
40ms Document
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66354595&crid=6205575&dast=V7_dcCFgPn5NnwxUCv7QTn5NnwxUCv7QUAAAAGBuIHHcRY8EYUynJGI812y-FoMtkslpPZYLCZzWZD6CDGgjeiUJYzGmm2Ww5Hk8lksRouBsPFajGYQoawzH7fQch3uwwPn8sgKrreFrvDafa8AQNNp8PnuterjKfLw64z-y1-u8bv9ssBAAAA4AHAC_YQ4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAKGxQgMAjaPAXJa73x8AAA8KIAAAAhgkAAW_qSUAKj3FJwAAAAAAAAAALP____8xA_R9ozID-0olPQAPPgAPRAWqRYwAAAAAgCP_to8mdUJlUQUAQJBuBXAFABDgp4-rCxEGAAAAMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEbPTC04IYUOzVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKxOIXbD2WA3GWwmswMAAAC4-____9cDCcPMsnJtTBbHxLDc-CaG4XIzHI5sI49pZrPYHN6Lqno8X7vKZunLEJbZ7zsI-W6X4eFzGURF19tidzjNnvtN2GK0mkw2y-FsuZgMhqPhaLQ_gRwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0Rhgwj38bkG61Fo4XNLVr5lmuFybVwC1aLlcflsvk2HsNa9PqYnoPRbjXaeFEwwGMvgot0ojI5TX_Lw2f2W_xulfF0eVjEEs3JIp3ILvuGYWZZuTYmi2NiWG58E8NwuRkOR7aRxzSzWWwOf8kw8m1MvtFaNFrY3KKVb7lWmFwLt2C1WHlcLptv4zGsRa-P6TkY7Vajjb8xG42Gw81yMds3ZqPRcLhZLmb7DpPpmfqcjbbNOeWRSWzR6Fg7Mx8ULoPFu5iYdt_O8CC7VoxOlWWcLOiMfr_f7_f7_X6_32_Qeg5mg8I3Ps4k47X2YN0cZwaxwaCIJYLTRToR-t0ui1gieVqkE81u5ZqMHA6XyTAarGyOkWlimW0Gm9XENty4jDOLWKI0XaQTvUT9x4dYTuaK0WqumOzmksVylQAAAAAAAAAAljBn3gQAAADgNJjdbDdaLRdA4i9TFxgEAAAAAABgl6HNBg9W9nOhuPFjiTI5TX_Lw2f2W_xulfF0eVgZQMJNlHmzZ4JYq9WyBgAAEMAGAAAI4NbNW8AaJAc!&cmcv=&pix=undefined&cb=1644883920150&uv=3120&tms=1644883920150&abt=adh5c-1_vA!iiq8c_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vB!pblc_vE!spa2_vA!t45!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=D1A7DB29FF4679842231926003666&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.3/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/

Response headers

server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Tue, 15 Feb 2022 00:11:58 GMT
via: 1.1 varnish
x-served-by: cache-mxp6946-MXP
x-cache: MISS
x-cache-hits: 0
x-timer: S1644883918.402553,VS0,VE25
vary: Accept-Encoding

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 4345 742 B
827 B 42ms
42ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7_dcCFgPn5NnwxUCv7QTn5NnwxUCv7QUAAAAGBuIHHcRY8EYUynJGI812y-FoMtkslpPZYLCZzWZD6CDGgjeiUJYzGmm2Ww5Hk8lksRouBsPFajGYQoawzH7fQch3uwwPn8sgKrreFrvDafa8AQNNp8PnuterjKfLw64z-y1-u8bv9ssBAAAA4AHAC_YQ4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAKGxQgMAjaPAXJa73x8AAA8KIAAAAhgkAAW_qSUAKj3FJwAAAAAAAAAALP____8xA_R9ozID-0olPQAPPgAPRAWqRYwAAAAAgCP_to8mdUJlUQUAQJBuBXAFABDgp4-rCxEGAAAAMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEbPTC04IYUOzVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKxOIXbD2WA3GWwmswMAAAC4-____9cDCcPMsnJtTBbHxLDc-CaG4XIzHI5sI49pZrPYHN6Lqno8X7vKZunLEJbZ7zsI-W6X4eFzGURF19tidzjNnvtN2GK0mkw2y-FsuZgMhqPhaLQ_gRwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0Rhgwj38bkG61Fo4XNLVr5lmuFybVwC1aLlcflsvk2HsNa9PqYnoPRbjXaeFEwwGMvgot0ojI5TX_Lw2f2W_xulfF0eVjEEs3JIp3ILvuGYWZZuTYmi2NiWG58E8NwuRkOR7aRxzSzWWwOf8kw8m1MvtFaNFrY3KKVb7lWmFwLt2C1WHlcLptv4zGsRa-P6TkY7Vajjb8xG42Gw81yMds3ZqPRcLhZLmb7DpPpmfqcjbbNOeWRSWzR6Fg7Mx8ULoPFu5iYdt_O8CC7VoxOlWWcLOiMfr_f7_f7_X6_32_Qeg5mg8I3Ps4k47X2YN0cZwaxwaCIJYLTRToR-t0ui1gieVqkE81u5ZqMHA6XyTAarGyOkWlimW0Gm9XENty4jDOLWKI0XaQTvUT9x4dYTuaK0WqumOzmksVylQAAAAAAAAAAljBn3gQAAADgNJjdbDdaLRdA4i9TFxgEAAAAAABgl6HNBg9W9nOhuPFjiTI5TX_Lw2f2W_xulfF0eVgZQMJNlHmzZ4JYq9WyBgAAEMAGAAAI4NbNW8AaJAc!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.3/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/

Response headers

server: nginx
date: Tue, 15 Feb 2022 00:11:58 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3406

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 5 KB
3 KB 92ms
89ms XHR
application/json 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=309&height=173&pubid=169497&tagid=953497&crid=6205575&noaop=3&sortOrderType=0&cb=1644883920154&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1355&pt=-1202291962&tz=0&viewable=true&ddast=V7_dcCFgPn5NnwxUCv7QTn5NnwxUCv7QUAAAAGBuIHHcRY8EYUynJGI812y-FoMtkslpPZYLCZzWZD6CDGgjeiUJYzGmm2Ww5Hk8lksRouBsPFajGYQoawzH7fQch3uwwPn8sgKrreFrvDafa8AQNNp8PnuterjKfLw64z-y1-u8bv9ssBAAAA4AHAC_YQ4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAKGxQgMAjaPAXJa73x8AAA8KIAAAAhgkAAW_qSUAKj3FJwAAAAAAAAAALP____8xA_R9ozID-0olPQAPPgAPRAWqRYwAAAAAgCP_to8mdUJlUQUAQJBuBXAFABDgp4-rCxEGAAAAMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEbPTC04IYUOzVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKxOIXbD2WA3GWwmswMAAAC4-____9cDCcPMsnJtTBbHxLDc-CaG4XIzHI5sI49pZrPYHN6Lqno8X7vKZunLEJbZ7zsI-W6X4eFzGURF19tidzjNnvtN2GK0mkw2y-FsuZgMhqPhaLQ_gRwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0Rhgwj38bkG61Fo4XNLVr5lmuFybVwC1aLlcflsvk2HsNa9PqYnoPRbjXaeFEwwGMvgot0ojI5TX_Lw2f2W_xulfF0eVjEEs3JIp3ILvuGYWZZuTYmi2NiWG58E8NwuRkOR7aRxzSzWWwOf8kw8m1MvtFaNFrY3KKVb7lWmFwLt2C1WHlcLptv4zGsRa-P6TkY7Vajjb8xG42Gw81yMds3ZqPRcLhZLmb7DpPpmfqcjbbNOeWRSWzR6Fg7Mx8ULoPFu5iYdt_O8CC7VoxOlWWcLOiMfr_f7_f7_X6_32_Qeg5mg8I3Ps4k47X2YN0cZwaxwaCIJYLTRToR-t0ui1gieVqkE81u5ZqMHA6XyTAarGyOkWlimW0Gm9XENty4jDOLWKI0XaQTvUT9x4dYTuaK0WqumOzmksVylQAAAAAAAAAAljBn3gQAAADgNJjdbDdaLRdA4i9TFxgEAAAAAABgl6HNBg9W9nOhuPFjiTI5TX_Lw2f2W_xulfF0eVgZQMJNlHmzZ4JYq9WyBgAAEMAGAAAI4NbNW8AaJAc!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2768325&dpubid=376745&abtst=adh5c-1_vA!iiq8c_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vB!pblc_vE!spa2_vA!t45!t45!ufm&mPre=0.033&cirf=https%3A%2F%2Fextra.globo.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.3/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 279207c7c8366033b65cd3bf378414aa75f0edeb01d2551550bb77e90349bb86

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: text/plain

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
content-encoding: gzip
access-control-allow-origin: https://extra.globo.com
machineid: 1474
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-mxp6946-MXP
pragma: no-cache
server: nginx
x-timer: S1644883918.408986,VS0,VE74
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://impr.taboola.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 43ms
41ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66354595&crid=6205575&dast=V7_dcCFgPn5NnwxUCv7QTn5NnwxUCv7QUAAAAGBuIHHcRY8EYUynJGI812y-FoMtkslpPZYLCZzWZD6CDGgjeiUJYzGmm2Ww5Hk8lksRouBsPFajGYQoawzH7fQch3uwwPn8sgKrreFrvDafa8AQNNp8PnuterjKfLw64z-y1-u8bv9ssBAAAA4AHAC_YQ4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAKGxQgMAjaPAXJa73x8AAA8KIAAAAhgkAAW_qSUAKj3FJwAAAAAAAAAALP____8xA_R9ozID-0olPQAPPgAPRAWqRYwAAAAAgCP_to8mdUJlUQUAQJBuBXAFABDgp4-rCxEGAAAAMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEbPTC04IYUOzVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKxOIXbD2WA3GWwmswMAAAC4-____9cDCcPMsnJtTBbHxLDc-CaG4XIzHI5sI49pZrPYHN6Lqno8X7vKZunLEJbZ7zsI-W6X4eFzGURF19tidzjNnvtN2GK0mkw2y-FsuZgMhqPhaLQ_gRwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0Rhgwj38bkG61Fo4XNLVr5lmuFybVwC1aLlcflsvk2HsNa9PqYnoPRbjXaeFEwwGMvgot0ojI5TX_Lw2f2W_xulfF0eVjEEs3JIp3ILvuGYWZZuTYmi2NiWG58E8NwuRkOR7aRxzSzWWwOf8kw8m1MvtFaNFrY3KKVb7lWmFwLt2C1WHlcLptv4zGsRa-P6TkY7Vajjb8xG42Gw81yMds3ZqPRcLhZLmb7DpPpmfqcjbbNOeWRSWzR6Fg7Mx8ULoPFu5iYdt_O8CC7VoxOlWWcLOiMfr_f7_f7_X6_32_Qeg5mg8I3Ps4k47X2YN0cZwaxwaCIJYLTRToR-t0ui1gieVqkE81u5ZqMHA6XyTAarGyOkWlimW0Gm9XENty4jDOLWKI0XaQTvUT9x4dYTuaK0WqumOzmksVylQAAAAAAAAAAljBn3gQAAADgNJjdbDdaLRdA4i9TFxgEAAAAAABgl6HNBg9W9nOhuPFjiTI5TX_Lw2f2W_xulfF0eVgZQMJNlHmzZ4JYq9WyBgAAEMAGAAAI4NbNW8AaJAc!&cmcv=&pix=31589837&cb=1644883920150&uv=3120&tms=1644883920150&abt=adh5c-1_vA!iiq8c_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vB!pblc_vE!spa2_vA!t45!t45!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1644883914959.6!ts:1644883920149&mntl=1
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
content-length: 0
server: nginx

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame B3C7 70 B
264 B 165ms
55ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7rPkCFgPn5NnwxUCv7QTn5NnwxUCv7QUAAAAGBvQHHDRY7CakzYw1GM12m8VsMFgsF5PhbDUbTIbAQYPFbkLazFiD0Wy3WcwGg8FqM5ktZrPVZAoRxnKZDGqBhGX2-w6Chs_lBgw0nQ6f616vMp4uD7vO7Lf47Rq_2y8HAAAAgAeAqqcFiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAITEcA0ANI4Cc1nufn8AADwogAAACGCQABTwnpYAfJwdnQAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBWsFjECAAAAAI782z6a1AmVRRUAAEG6FcAVAECAnz6u7kMYAAAAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTstELTwtiQLFX-wUEAFj7BQQAYBs3AIA3AbigI2jFYLA6hdgNZ4PdZLCZzA4AAADg7v___18PJAwzy8q1MVkcE8Ny45sYhsvNcDiyjTymmc1ic3gvqurxfO0qm6VvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0P4EcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEYYMI9_G5ButRaOFzS1a-ZZrhcm1cAtWi5XH5bL5Nh7DWvT6mJ6D0W412nhRMMBjL4KLdKIyOU1_y8Nn9lv8bpXxdHlYxBLNySKdyC77hmFmWbk2JotjYlhufBPDcLkZDke2kcc0s1lsDn_JMPJtTL7RWjRa2NyilW-5VphcC7dgtVh5XC6bb-MxrEWvj-k5GO1Wo42_MRuNhsPNcjHbN2aj0XC4WS5m-w6T6Zn6nI22zTnlkUls0ehYOzMfFC6DxbuYmHbfzvAgu1aMTpVlnCzojH6_3-_3-_1-v99v0HoOZoPCNz7OJOO19mDdHGcGscGgiCWC00U6EfrdLotYInlapBOZcbHwbHYT48jkMK12G4dnYtvNRi6Tw7GcuHYLi1iiNF2kE71E_ceHWE7mitFqrpjs5pLFcpUAAAAAAAAAAJYwZ94EAAAA4DSY3Wq5Wy0XQOIvUxcYBAAAAAAAYJehzQYPVvZzobjxY4kyOU1_y8Nn9lv8bpXxdHlYGUDCTZR5s2eCWKvVsgYAABDABgAACODWzVvAGiQH!&cmcv=&pix=undefined&cb=1644883920109&uv=3120&tms=1644883920109&abt=adh5c-1_vA!iiq8c_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vB!pblc_vE!spa2_vA!t45!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=4017B43F50467316001912865602&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:11:58 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame B3C7 43 B
183 B 393ms
111ms Image
image/gif 2600:1f18:612b:4216:1314:397:4325:f0c1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7rPkCFgPn5NnwxUCv7QTn5NnwxUCv7QUAAAAGBvQHHDRY7CakzYw1GM12m8VsMFgsF5PhbDUbTIbAQYPFbkLazFiD0Wy3WcwGg8FqM5ktZrPVZAoRxnKZDGqBhGX2-w6Chs_lBgw0nQ6f616vMp4uD7vO7Lf47Rq_2y8HAAAAgAeAqqcFiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAITEcA0ANI4Cc1nufn8AADwogAAACGCQABTwnpYAfJwdnQAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBWsFjECAAAAAI782z6a1AmVRRUAAEG6FcAVAECAnz6u7kMYAAAAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTstELTwtiQLFX-wUEAFj7BQQAYBs3AIA3AbigI2jFYLA6hdgNZ4PdZLCZzA4AAADg7v___18PJAwzy8q1MVkcE8Ny45sYhsvNcDiyjTymmc1ic3gvqurxfO0qm6VvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0P4EcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEYYMI9_G5ButRaOFzS1a-ZZrhcm1cAtWi5XH5bL5Nh7DWvT6mJ6D0W412nhRMMBjL4KLdKIyOU1_y8Nn9lv8bpXxdHlYxBLNySKdyC77hmFmWbk2JotjYlhufBPDcLkZDke2kcc0s1lsDn_JMPJtTL7RWjRa2NyilW-5VphcC7dgtVh5XC6bb-MxrEWvj-k5GO1Wo42_MRuNhsPNcjHbN2aj0XC4WS5m-w6T6Zn6nI22zTnlkUls0ehYOzMfFC6DxbuYmHbfzvAgu1aMTpVlnCzojH6_3-_3-_1-v99v0HoOZoPCNz7OJOO19mDdHGcGscGgiCWC00U6EfrdLotYInlapBOZcbHwbHYT48jkMK12G4dnYtvNRi6Tw7GcuHYLi1iiNF2kE71E_ceHWE7mitFqrpjs5pLFcpUAAAAAAAAAAJYwZ94EAAAA4DSY3Wq5Wy0XQOIvUxcYBAAAAAAAYJehzQYPVvZzobjxY4kyOU1_y8Nn9lv8bpXxdHlYGUDCTZR5s2eCWKvVsgYAABDABgAACODWzVvAGiQH!&cmcv=&pix=undefined&cb=1644883920109&uv=3120&tms=1644883920109&abt=adh5c-1_vA!iiq8c_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vB!pblc_vE!spa2_vA!t45!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=4017B43F50467316001912865602&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:1314:397:4325:f0c1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame B3C7
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e41ce613-8df3-11ec-ae7a-132476d60106&orig=video&us_privacy=1---gdpr=1&

0
98 B

41ms
40ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e41ce613-8df3-11ec-ae7a-132476d60106&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7rPkCFgPn5NnwxUCv7QTn5NnwxUCv7QUAAAAGBvQHHDRY7CakzYw1GM12m8VsMFgsF5PhbDUbTIbAQYPFbkLazFiD0Wy3WcwGg8FqM5ktZrPVZAoRxnKZDGqBhGX2-w6Chs_lBgw0nQ6f616vMp4uD7vO7Lf47Rq_2y8HAAAAgAeAqqcFiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAITEcA0ANI4Cc1nufn8AADwogAAACGCQABTwnpYAfJwdnQAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBWsFjECAAAAAI782z6a1AmVRRUAAEG6FcAVAECAnz6u7kMYAAAAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTstELTwtiQLFX-wUEAFj7BQQAYBs3AIA3AbigI2jFYLA6hdgNZ4PdZLCZzA4AAADg7v___18PJAwzy8q1MVkcE8Ny45sYhsvNcDiyjTymmc1ic3gvqurxfO0qm6VvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0P4EcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEYYMI9_G5ButRaOFzS1a-ZZrhcm1cAtWi5XH5bL5Nh7DWvT6mJ6D0W412nhRMMBjL4KLdKIyOU1_y8Nn9lv8bpXxdHlYxBLNySKdyC77hmFmWbk2JotjYlhufBPDcLkZDke2kcc0s1lsDn_JMPJtTL7RWjRa2NyilW-5VphcC7dgtVh5XC6bb-MxrEWvj-k5GO1Wo42_MRuNhsPNcjHbN2aj0XC4WS5m-w6T6Zn6nI22zTnlkUls0ehYOzMfFC6DxbuYmHbfzvAgu1aMTpVlnCzojH6_3-_3-_1-v99v0HoOZoPCNz7OJOO19mDdHGcGscGgiCWC00U6EfrdLotYInlapBOZcbHwbHYT48jkMK12G4dnYtvNRi6Tw7GcuHYLi1iiNF2kE71E_ceHWE7mitFqrpjs5pLFcpUAAAAAAAAAAJYwZ94EAAAA4DSY3Wq5Wy0XQOIvUxcYBAAAAAAAYJehzQYPVvZzobjxY4kyOU1_y8Nn9lv8bpXxdHlYGUDCTZR5s2eCWKvVsgYAABDABgAACODWzVvAGiQH!&cmcv=&pix=undefined&cb=1644883920109&uv=3120&tms=1644883920109&abt=adh5c-1_vA!iiq8c_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vB!pblc_vE!spa2_vA!t45!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=4017B43F50467316001912865602&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 51932

Redirect headers

Date: Tue, 15 Feb 2022 00:11:58 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e41ce613-8df3-11ec-ae7a-132476d60106&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 118
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame B3C7 43 B
220 B 251ms
26ms Image
image/gif 18.156.181.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7rPkCFgPn5NnwxUCv7QTn5NnwxUCv7QUAAAAGBvQHHDRY7CakzYw1GM12m8VsMFgsF5PhbDUbTIbAQYPFbkLazFiD0Wy3WcwGg8FqM5ktZrPVZAoRxnKZDGqBhGX2-w6Chs_lBgw0nQ6f616vMp4uD7vO7Lf47Rq_2y8HAAAAgAeAqqcFiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAITEcA0ANI4Cc1nufn8AADwogAAACGCQABTwnpYAfJwdnQAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBWsFjECAAAAAI782z6a1AmVRRUAAEG6FcAVAECAnz6u7kMYAAAAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTstELTwtiQLFX-wUEAFj7BQQAYBs3AIA3AbigI2jFYLA6hdgNZ4PdZLCZzA4AAADg7v___18PJAwzy8q1MVkcE8Ny45sYhsvNcDiyjTymmc1ic3gvqurxfO0qm6VvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0P4EcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEYYMI9_G5ButRaOFzS1a-ZZrhcm1cAtWi5XH5bL5Nh7DWvT6mJ6D0W412nhRMMBjL4KLdKIyOU1_y8Nn9lv8bpXxdHlYxBLNySKdyC77hmFmWbk2JotjYlhufBPDcLkZDke2kcc0s1lsDn_JMPJtTL7RWjRa2NyilW-5VphcC7dgtVh5XC6bb-MxrEWvj-k5GO1Wo42_MRuNhsPNcjHbN2aj0XC4WS5m-w6T6Zn6nI22zTnlkUls0ehYOzMfFC6DxbuYmHbfzvAgu1aMTpVlnCzojH6_3-_3-_1-v99v0HoOZoPCNz7OJOO19mDdHGcGscGgiCWC00U6EfrdLotYInlapBOZcbHwbHYT48jkMK12G4dnYtvNRi6Tw7GcuHYLi1iiNF2kE71E_ceHWE7mitFqrpjs5pLFcpUAAAAAAAAAAJYwZ94EAAAA4DSY3Wq5Wy0XQOIvUxcYBAAAAAAAYJehzQYPVvZzobjxY4kyOU1_y8Nn9lv8bpXxdHlYGUDCTZR5s2eCWKvVsgYAABDABgAACODWzVvAGiQH!&cmcv=&pix=undefined&cb=1644883920109&uv=3120&tms=1644883920109&abt=adh5c-1_vA!iiq8c_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vB!pblc_vE!spa2_vA!t45!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=4017B43F50467316001912865602&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.156.181.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-181-30.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 00:11:58 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

/
sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/ Frame B3C7
Redirect Chain

https://cms.quantserve.com/pixel/p-FyWrHAMskJyru.gif?idmatch=0&us_privacy=1---&gdpr=1&&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fquantcastrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID%26orig%3...
https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=p7KmafTm9W28t_Q497K7PKXj8Dq8uaJr8rl-IfTd

0
98 B

100ms
41ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=p7KmafTm9W28t_Q497K7PKXj8Dq8uaJr8rl-IfTd
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7rPkCFgPn5NnwxUCv7QTn5NnwxUCv7QUAAAAGBvQHHDRY7CakzYw1GM12m8VsMFgsF5PhbDUbTIbAQYPFbkLazFiD0Wy3WcwGg8FqM5ktZrPVZAoRxnKZDGqBhGX2-w6Chs_lBgw0nQ6f616vMp4uD7vO7Lf47Rq_2y8HAAAAgAeAqqcFiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAITEcA0ANI4Cc1nufn8AADwogAAACGCQABTwnpYAfJwdnQAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBWsFjECAAAAAI782z6a1AmVRRUAAEG6FcAVAECAnz6u7kMYAAAAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTstELTwtiQLFX-wUEAFj7BQQAYBs3AIA3AbigI2jFYLA6hdgNZ4PdZLCZzA4AAADg7v___18PJAwzy8q1MVkcE8Ny45sYhsvNcDiyjTymmc1ic3gvqurxfO0qm6VvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0P4EcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEYYMI9_G5ButRaOFzS1a-ZZrhcm1cAtWi5XH5bL5Nh7DWvT6mJ6D0W412nhRMMBjL4KLdKIyOU1_y8Nn9lv8bpXxdHlYxBLNySKdyC77hmFmWbk2JotjYlhufBPDcLkZDke2kcc0s1lsDn_JMPJtTL7RWjRa2NyilW-5VphcC7dgtVh5XC6bb-MxrEWvj-k5GO1Wo42_MRuNhsPNcjHbN2aj0XC4WS5m-w6T6Zn6nI22zTnlkUls0ehYOzMfFC6DxbuYmHbfzvAgu1aMTpVlnCzojH6_3-_3-_1-v99v0HoOZoPCNz7OJOO19mDdHGcGscGgiCWC00U6EfrdLotYInlapBOZcbHwbHYT48jkMK12G4dnYtvNRi6Tw7GcuHYLi1iiNF2kE71E_ceHWE7mitFqrpjs5pLFcpUAAAAAAAAAAJYwZ94EAAAA4DSY3Wq5Wy0XQOIvUxcYBAAAAAAAYJehzQYPVvZzobjxY4kyOU1_y8Nn9lv8bpXxdHlYGUDCTZR5s2eCWKvVsgYAABDABgAACODWzVvAGiQH!&cmcv=&pix=undefined&cb=1644883920109&uv=3120&tms=1644883920109&abt=adh5c-1_vA!iiq8c_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vB!pblc_vE!spa2_vA!t45!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=4017B43F50467316001912865602&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 51932

Redirect headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:11:58 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=p7KmafTm9W28t_Q497K7PKXj8Dq8uaJr8rl-IfTd
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
750 B 16ms
15ms Image
image/png 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 3459
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: QYSQ4/qAqV4Hb4K6M+GoojBK1e8pnhtotO1/yTxdJpopul6YDUPXKzR3ArITbOLUVAA12TmhKuQ=
x-served-by: cache-mxp6946-MXP
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1644883918.431363,VS0,VE0
date: Tue, 15 Feb 2022 00:11:58 GMT
x-amz-request-id: DM4PFN0WZV5ZS5NS
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 12
x-cache-hits: 597

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 404A 43 B
182 B 372ms
112ms Image
image/gif 2600:1f18:612b:4216:1314:397:4325:f0c1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7rPkCFgPn5NnwxUCv7QTn5NnwxUCv7QUAAAAGBvQHHDRY7CakzYw1GM12m8VsMFgsF5PhbDUbTIbAQYPFbkLazFiD0Wy3WcwGg8FqM5ktZrPVZAoRxnKZDGqBhGX2-w6Chs_lBgw0nQ6f616vMp4uD7vO7Lf47Rq_2y8HAAAAgAeAqqcFiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAITEcA0ANI4Cc1nufn8AADwogAAACGCQABTwnpYAfJwdnQAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBWsFjECAAAAAI782z6a1AmVRRUAAEG6FcAVAECAnz6u7kMYAAAAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTstELTwtiQLFX-wUEAFj7BQQAYBs3AIA3AbigI2jFYLA6hdgNZ4PdZLCZzA4AAADg7v___18PJAwzy8q1MVkcE8Ny45sYhsvNcDiyjTymmc1ic3gvqurxfO0qm6VvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0P4EcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEYYMI9_G5ButRaOFzS1a-ZZrhcm1cAtWi5XH5bL5Nh7DWvT6mJ6D0W412nhRMMBjL4KLdKIyOU1_y8Nn9lv8bpXxdHlYxBLNySKdyC77hmFmWbk2JotjYlhufBPDcLkZDke2kcc0s1lsDn_JMPJtTL7RWjRa2NyilW-5VphcC7dgtVh5XC6bb-MxrEWvj-k5GO1Wo42_MRuNhsPNcjHbN2aj0XC4WS5m-w6T6Zn6nI22zTnlkUls0ehYOzMfFC6DxbuYmHbfzvAgu1aMTpVlnCzojH6_3-_3-_1-v99v0HoOZoPCNz7OJOO19mDdHGcGscGgiCWC00U6EfrdLotYInlapBOZcbHwbHYT48jkMK12G4dnYtvNRi6Tw7GcuHYLi1iiNF2kE71E_ceHWE7mitFqrpjs5pLFcpUAAAAAAAAAAJYwZ94EAAAA4DSY3Wq5Wy0XQOIvUxcYBAAAAAAAYJehzQYPVvZzobjxY4kyOU1_y8Nn9lv8bpXxdHlYGUDCTZR5s2eCWKvVsgYAABDABgAACODWzVvAGiQH!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:1314:397:4325:f0c1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 404A 70 B
264 B 144ms
55ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7rPkCFgPn5NnwxUCv7QTn5NnwxUCv7QUAAAAGBvQHHDRY7CakzYw1GM12m8VsMFgsF5PhbDUbTIbAQYPFbkLazFiD0Wy3WcwGg8FqM5ktZrPVZAoRxnKZDGqBhGX2-w6Chs_lBgw0nQ6f616vMp4uD7vO7Lf47Rq_2y8HAAAAgAeAqqcFiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAITEcA0ANI4Cc1nufn8AADwogAAACGCQABTwnpYAfJwdnQAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBWsFjECAAAAAI782z6a1AmVRRUAAEG6FcAVAECAnz6u7kMYAAAAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTstELTwtiQLFX-wUEAFj7BQQAYBs3AIA3AbigI2jFYLA6hdgNZ4PdZLCZzA4AAADg7v___18PJAwzy8q1MVkcE8Ny45sYhsvNcDiyjTymmc1ic3gvqurxfO0qm6VvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0P4EcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEYYMI9_G5ButRaOFzS1a-ZZrhcm1cAtWi5XH5bL5Nh7DWvT6mJ6D0W412nhRMMBjL4KLdKIyOU1_y8Nn9lv8bpXxdHlYxBLNySKdyC77hmFmWbk2JotjYlhufBPDcLkZDke2kcc0s1lsDn_JMPJtTL7RWjRa2NyilW-5VphcC7dgtVh5XC6bb-MxrEWvj-k5GO1Wo42_MRuNhsPNcjHbN2aj0XC4WS5m-w6T6Zn6nI22zTnlkUls0ehYOzMfFC6DxbuYmHbfzvAgu1aMTpVlnCzojH6_3-_3-_1-v99v0HoOZoPCNz7OJOO19mDdHGcGscGgiCWC00U6EfrdLotYInlapBOZcbHwbHYT48jkMK12G4dnYtvNRi6Tw7GcuHYLi1iiNF2kE71E_ceHWE7mitFqrpjs5pLFcpUAAAAAAAAAAJYwZ94EAAAA4DSY3Wq5Wy0XQOIvUxcYBAAAAAAAYJehzQYPVvZzobjxY4kyOU1_y8Nn9lv8bpXxdHlYGUDCTZR5s2eCWKvVsgYAABDABgAACODWzVvAGiQH!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:11:58 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 404A
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e420b462-8df3-11ec-a7ba-1e5bf6c20306&orig=video&us_privacy=1---gdpr=1&

0
98 B

41ms
41ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e420b462-8df3-11ec-a7ba-1e5bf6c20306&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7rPkCFgPn5NnwxUCv7QTn5NnwxUCv7QUAAAAGBvQHHDRY7CakzYw1GM12m8VsMFgsF5PhbDUbTIbAQYPFbkLazFiD0Wy3WcwGg8FqM5ktZrPVZAoRxnKZDGqBhGX2-w6Chs_lBgw0nQ6f616vMp4uD7vO7Lf47Rq_2y8HAAAAgAeAqqcFiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAITEcA0ANI4Cc1nufn8AADwogAAACGCQABTwnpYAfJwdnQAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBWsFjECAAAAAI782z6a1AmVRRUAAEG6FcAVAECAnz6u7kMYAAAAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTstELTwtiQLFX-wUEAFj7BQQAYBs3AIA3AbigI2jFYLA6hdgNZ4PdZLCZzA4AAADg7v___18PJAwzy8q1MVkcE8Ny45sYhsvNcDiyjTymmc1ic3gvqurxfO0qm6VvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0P4EcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEYYMI9_G5ButRaOFzS1a-ZZrhcm1cAtWi5XH5bL5Nh7DWvT6mJ6D0W412nhRMMBjL4KLdKIyOU1_y8Nn9lv8bpXxdHlYxBLNySKdyC77hmFmWbk2JotjYlhufBPDcLkZDke2kcc0s1lsDn_JMPJtTL7RWjRa2NyilW-5VphcC7dgtVh5XC6bb-MxrEWvj-k5GO1Wo42_MRuNhsPNcjHbN2aj0XC4WS5m-w6T6Zn6nI22zTnlkUls0ehYOzMfFC6DxbuYmHbfzvAgu1aMTpVlnCzojH6_3-_3-_1-v99v0HoOZoPCNz7OJOO19mDdHGcGscGgiCWC00U6EfrdLotYInlapBOZcbHwbHYT48jkMK12G4dnYtvNRi6Tw7GcuHYLi1iiNF2kE71E_ceHWE7mitFqrpjs5pLFcpUAAAAAAAAAAJYwZ94EAAAA4DSY3Wq5Wy0XQOIvUxcYBAAAAAAAYJehzQYPVvZzobjxY4kyOU1_y8Nn9lv8bpXxdHlYGUDCTZR5s2eCWKvVsgYAABDABgAACODWzVvAGiQH!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 49043

Redirect headers

Date: Tue, 15 Feb 2022 00:11:58 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e420b462-8df3-11ec-a7ba-1e5bf6c20306&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 75
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 404A 43 B
220 B 230ms
27ms Image
image/gif 18.156.181.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7rPkCFgPn5NnwxUCv7QTn5NnwxUCv7QUAAAAGBvQHHDRY7CakzYw1GM12m8VsMFgsF5PhbDUbTIbAQYPFbkLazFiD0Wy3WcwGg8FqM5ktZrPVZAoRxnKZDGqBhGX2-w6Chs_lBgw0nQ6f616vMp4uD7vO7Lf47Rq_2y8HAAAAgAeAqqcFiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAITEcA0ANI4Cc1nufn8AADwogAAACGCQABTwnpYAfJwdnQAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBWsFjECAAAAAI782z6a1AmVRRUAAEG6FcAVAECAnz6u7kMYAAAAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTstELTwtiQLFX-wUEAFj7BQQAYBs3AIA3AbigI2jFYLA6hdgNZ4PdZLCZzA4AAADg7v___18PJAwzy8q1MVkcE8Ny45sYhsvNcDiyjTymmc1ic3gvqurxfO0qm6VvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0P4EcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEYYMI9_G5ButRaOFzS1a-ZZrhcm1cAtWi5XH5bL5Nh7DWvT6mJ6D0W412nhRMMBjL4KLdKIyOU1_y8Nn9lv8bpXxdHlYxBLNySKdyC77hmFmWbk2JotjYlhufBPDcLkZDke2kcc0s1lsDn_JMPJtTL7RWjRa2NyilW-5VphcC7dgtVh5XC6bb-MxrEWvj-k5GO1Wo42_MRuNhsPNcjHbN2aj0XC4WS5m-w6T6Zn6nI22zTnlkUls0ehYOzMfFC6DxbuYmHbfzvAgu1aMTpVlnCzojH6_3-_3-_1-v99v0HoOZoPCNz7OJOO19mDdHGcGscGgiCWC00U6EfrdLotYInlapBOZcbHwbHYT48jkMK12G4dnYtvNRi6Tw7GcuHYLi1iiNF2kE71E_ceHWE7mitFqrpjs5pLFcpUAAAAAAAAAAJYwZ94EAAAA4DSY3Wq5Wy0XQOIvUxcYBAAAAAAAYJehzQYPVvZzobjxY4kyOU1_y8Nn9lv8bpXxdHlYGUDCTZR5s2eCWKvVsgYAABDABgAACODWzVvAGiQH!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.156.181.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-181-30.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 00:11:58 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 00D8 70 B
264 B 127ms
55ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66354595&crid=6205575&dast=V7_dcCFgPn5NnwxUCv7QTn5NnwxUCv7QUAAAAGBuIHHcRY8EYUynJGI812y-FoMtkslpPZYLCZzWZD6CDGgjeiUJYzGmm2Ww5Hk8lksRouBsPFajGYQoawzH7fQch3uwwPn8sgKrreFrvDafa8AQNNp8PnuterjKfLw64z-y1-u8bv9ssBAAAA4AHAC_YQ4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAKGxQgMAjaPAXJa73x8AAA8KIAAAAhgkAAW_qSUAKj3FJwAAAAAAAAAALP____8xA_R9ozID-0olPQAPPgAPRAWqRYwAAAAAgCP_to8mdUJlUQUAQJBuBXAFABDgp4-rCxEGAAAAMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEbPTC04IYUOzVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKxOIXbD2WA3GWwmswMAAAC4-____9cDCcPMsnJtTBbHxLDc-CaG4XIzHI5sI49pZrPYHN6Lqno8X7vKZunLEJbZ7zsI-W6X4eFzGURF19tidzjNnvtN2GK0mkw2y-FsuZgMhqPhaLQ_gRwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0Rhgwj38bkG61Fo4XNLVr5lmuFybVwC1aLlcflsvk2HsNa9PqYnoPRbjXaeFEwwGMvgot0ojI5TX_Lw2f2W_xulfF0eVjEEs3JIp3ILvuGYWZZuTYmi2NiWG58E8NwuRkOR7aRxzSzWWwOf8kw8m1MvtFaNFrY3KKVb7lWmFwLt2C1WHlcLptv4zGsRa-P6TkY7Vajjb8xG42Gw81yMds3ZqPRcLhZLmb7DpPpmfqcjbbNOeWRSWzR6Fg7Mx8ULoPFu5iYdt_O8CC7VoxOlWWcLOiMfr_f7_f7_X6_32_Qeg5mg8I3Ps4k47X2YN0cZwaxwaCIJYLTRToR-t0ui1gieVqkE81u5ZqMHA6XyTAarGyOkWlimW0Gm9XENty4jDOLWKI0XaQTvUT9x4dYTuaK0WqumOzmksVylQAAAAAAAAAAljBn3gQAAADgNJjdbDdaLRdA4i9TFxgEAAAAAABgl6HNBg9W9nOhuPFjiTI5TX_Lw2f2W_xulfF0eVgZQMJNlHmzZ4JYq9WyBgAAEMAGAAAI4NbNW8AaJAc!&cmcv=&pix=undefined&cb=1644883920150&uv=3120&tms=1644883920150&abt=adh5c-1_vA!iiq8c_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vB!pblc_vE!spa2_vA!t45!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=D1A7DB29FF4679842231926003666&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:11:58 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 00D8 43 B
182 B 355ms
112ms Image
image/gif 2600:1f18:612b:4216:1314:397:4325:f0c1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66354595&crid=6205575&dast=V7_dcCFgPn5NnwxUCv7QTn5NnwxUCv7QUAAAAGBuIHHcRY8EYUynJGI812y-FoMtkslpPZYLCZzWZD6CDGgjeiUJYzGmm2Ww5Hk8lksRouBsPFajGYQoawzH7fQch3uwwPn8sgKrreFrvDafa8AQNNp8PnuterjKfLw64z-y1-u8bv9ssBAAAA4AHAC_YQ4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAKGxQgMAjaPAXJa73x8AAA8KIAAAAhgkAAW_qSUAKj3FJwAAAAAAAAAALP____8xA_R9ozID-0olPQAPPgAPRAWqRYwAAAAAgCP_to8mdUJlUQUAQJBuBXAFABDgp4-rCxEGAAAAMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEbPTC04IYUOzVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKxOIXbD2WA3GWwmswMAAAC4-____9cDCcPMsnJtTBbHxLDc-CaG4XIzHI5sI49pZrPYHN6Lqno8X7vKZunLEJbZ7zsI-W6X4eFzGURF19tidzjNnvtN2GK0mkw2y-FsuZgMhqPhaLQ_gRwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0Rhgwj38bkG61Fo4XNLVr5lmuFybVwC1aLlcflsvk2HsNa9PqYnoPRbjXaeFEwwGMvgot0ojI5TX_Lw2f2W_xulfF0eVjEEs3JIp3ILvuGYWZZuTYmi2NiWG58E8NwuRkOR7aRxzSzWWwOf8kw8m1MvtFaNFrY3KKVb7lWmFwLt2C1WHlcLptv4zGsRa-P6TkY7Vajjb8xG42Gw81yMds3ZqPRcLhZLmb7DpPpmfqcjbbNOeWRSWzR6Fg7Mx8ULoPFu5iYdt_O8CC7VoxOlWWcLOiMfr_f7_f7_X6_32_Qeg5mg8I3Ps4k47X2YN0cZwaxwaCIJYLTRToR-t0ui1gieVqkE81u5ZqMHA6XyTAarGyOkWlimW0Gm9XENty4jDOLWKI0XaQTvUT9x4dYTuaK0WqumOzmksVylQAAAAAAAAAAljBn3gQAAADgNJjdbDdaLRdA4i9TFxgEAAAAAABgl6HNBg9W9nOhuPFjiTI5TX_Lw2f2W_xulfF0eVgZQMJNlHmzZ4JYq9WyBgAAEMAGAAAI4NbNW8AaJAc!&cmcv=&pix=undefined&cb=1644883920150&uv=3120&tms=1644883920150&abt=adh5c-1_vA!iiq8c_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vB!pblc_vE!spa2_vA!t45!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=D1A7DB29FF4679842231926003666&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:1314:397:4325:f0c1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 00D8
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e4218b71-8df3-11ec-a7f9-1ee5b9e10106&orig=video&us_privacy=1---gdpr=1&

0
98 B

41ms
41ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e4218b71-8df3-11ec-a7f9-1ee5b9e10106&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66354595&crid=6205575&dast=V7_dcCFgPn5NnwxUCv7QTn5NnwxUCv7QUAAAAGBuIHHcRY8EYUynJGI812y-FoMtkslpPZYLCZzWZD6CDGgjeiUJYzGmm2Ww5Hk8lksRouBsPFajGYQoawzH7fQch3uwwPn8sgKrreFrvDafa8AQNNp8PnuterjKfLw64z-y1-u8bv9ssBAAAA4AHAC_YQ4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAKGxQgMAjaPAXJa73x8AAA8KIAAAAhgkAAW_qSUAKj3FJwAAAAAAAAAALP____8xA_R9ozID-0olPQAPPgAPRAWqRYwAAAAAgCP_to8mdUJlUQUAQJBuBXAFABDgp4-rCxEGAAAAMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEbPTC04IYUOzVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKxOIXbD2WA3GWwmswMAAAC4-____9cDCcPMsnJtTBbHxLDc-CaG4XIzHI5sI49pZrPYHN6Lqno8X7vKZunLEJbZ7zsI-W6X4eFzGURF19tidzjNnvtN2GK0mkw2y-FsuZgMhqPhaLQ_gRwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0Rhgwj38bkG61Fo4XNLVr5lmuFybVwC1aLlcflsvk2HsNa9PqYnoPRbjXaeFEwwGMvgot0ojI5TX_Lw2f2W_xulfF0eVjEEs3JIp3ILvuGYWZZuTYmi2NiWG58E8NwuRkOR7aRxzSzWWwOf8kw8m1MvtFaNFrY3KKVb7lWmFwLt2C1WHlcLptv4zGsRa-P6TkY7Vajjb8xG42Gw81yMds3ZqPRcLhZLmb7DpPpmfqcjbbNOeWRSWzR6Fg7Mx8ULoPFu5iYdt_O8CC7VoxOlWWcLOiMfr_f7_f7_X6_32_Qeg5mg8I3Ps4k47X2YN0cZwaxwaCIJYLTRToR-t0ui1gieVqkE81u5ZqMHA6XyTAarGyOkWlimW0Gm9XENty4jDOLWKI0XaQTvUT9x4dYTuaK0WqumOzmksVylQAAAAAAAAAAljBn3gQAAADgNJjdbDdaLRdA4i9TFxgEAAAAAABgl6HNBg9W9nOhuPFjiTI5TX_Lw2f2W_xulfF0eVgZQMJNlHmzZ4JYq9WyBgAAEMAGAAAI4NbNW8AaJAc!&cmcv=&pix=undefined&cb=1644883920150&uv=3120&tms=1644883920150&abt=adh5c-1_vA!iiq8c_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vB!pblc_vE!spa2_vA!t45!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=D1A7DB29FF4679842231926003666&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 49043

Redirect headers

Date: Tue, 15 Feb 2022 00:11:58 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e4218b71-8df3-11ec-a7f9-1ee5b9e10106&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 60
Connection: keep-alive
Content-Length: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 4345 70 B
265 B 126ms
54ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7_dcCFgPn5NnwxUCv7QTn5NnwxUCv7QUAAAAGBuIHHcRY8EYUynJGI812y-FoMtkslpPZYLCZzWZD6CDGgjeiUJYzGmm2Ww5Hk8lksRouBsPFajGYQoawzH7fQch3uwwPn8sgKrreFrvDafa8AQNNp8PnuterjKfLw64z-y1-u8bv9ssBAAAA4AHAC_YQ4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAKGxQgMAjaPAXJa73x8AAA8KIAAAAhgkAAW_qSUAKj3FJwAAAAAAAAAALP____8xA_R9ozID-0olPQAPPgAPRAWqRYwAAAAAgCP_to8mdUJlUQUAQJBuBXAFABDgp4-rCxEGAAAAMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEbPTC04IYUOzVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKxOIXbD2WA3GWwmswMAAAC4-____9cDCcPMsnJtTBbHxLDc-CaG4XIzHI5sI49pZrPYHN6Lqno8X7vKZunLEJbZ7zsI-W6X4eFzGURF19tidzjNnvtN2GK0mkw2y-FsuZgMhqPhaLQ_gRwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0Rhgwj38bkG61Fo4XNLVr5lmuFybVwC1aLlcflsvk2HsNa9PqYnoPRbjXaeFEwwGMvgot0ojI5TX_Lw2f2W_xulfF0eVjEEs3JIp3ILvuGYWZZuTYmi2NiWG58E8NwuRkOR7aRxzSzWWwOf8kw8m1MvtFaNFrY3KKVb7lWmFwLt2C1WHlcLptv4zGsRa-P6TkY7Vajjb8xG42Gw81yMds3ZqPRcLhZLmb7DpPpmfqcjbbNOeWRSWzR6Fg7Mx8ULoPFu5iYdt_O8CC7VoxOlWWcLOiMfr_f7_f7_X6_32_Qeg5mg8I3Ps4k47X2YN0cZwaxwaCIJYLTRToR-t0ui1gieVqkE81u5ZqMHA6XyTAarGyOkWlimW0Gm9XENty4jDOLWKI0XaQTvUT9x4dYTuaK0WqumOzmksVylQAAAAAAAAAAljBn3gQAAADgNJjdbDdaLRdA4i9TFxgEAAAAAABgl6HNBg9W9nOhuPFjiTI5TX_Lw2f2W_xulfF0eVgZQMJNlHmzZ4JYq9WyBgAAEMAGAAAI4NbNW8AaJAc!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:11:58 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 4345 43 B
182 B 355ms
112ms Image
image/gif 2600:1f18:612b:4216:1314:397:4325:f0c1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7_dcCFgPn5NnwxUCv7QTn5NnwxUCv7QUAAAAGBuIHHcRY8EYUynJGI812y-FoMtkslpPZYLCZzWZD6CDGgjeiUJYzGmm2Ww5Hk8lksRouBsPFajGYQoawzH7fQch3uwwPn8sgKrreFrvDafa8AQNNp8PnuterjKfLw64z-y1-u8bv9ssBAAAA4AHAC_YQ4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAKGxQgMAjaPAXJa73x8AAA8KIAAAAhgkAAW_qSUAKj3FJwAAAAAAAAAALP____8xA_R9ozID-0olPQAPPgAPRAWqRYwAAAAAgCP_to8mdUJlUQUAQJBuBXAFABDgp4-rCxEGAAAAMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEbPTC04IYUOzVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKxOIXbD2WA3GWwmswMAAAC4-____9cDCcPMsnJtTBbHxLDc-CaG4XIzHI5sI49pZrPYHN6Lqno8X7vKZunLEJbZ7zsI-W6X4eFzGURF19tidzjNnvtN2GK0mkw2y-FsuZgMhqPhaLQ_gRwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0Rhgwj38bkG61Fo4XNLVr5lmuFybVwC1aLlcflsvk2HsNa9PqYnoPRbjXaeFEwwGMvgot0ojI5TX_Lw2f2W_xulfF0eVjEEs3JIp3ILvuGYWZZuTYmi2NiWG58E8NwuRkOR7aRxzSzWWwOf8kw8m1MvtFaNFrY3KKVb7lWmFwLt2C1WHlcLptv4zGsRa-P6TkY7Vajjb8xG42Gw81yMds3ZqPRcLhZLmb7DpPpmfqcjbbNOeWRSWzR6Fg7Mx8ULoPFu5iYdt_O8CC7VoxOlWWcLOiMfr_f7_f7_X6_32_Qeg5mg8I3Ps4k47X2YN0cZwaxwaCIJYLTRToR-t0ui1gieVqkE81u5ZqMHA6XyTAarGyOkWlimW0Gm9XENty4jDOLWKI0XaQTvUT9x4dYTuaK0WqumOzmksVylQAAAAAAAAAAljBn3gQAAADgNJjdbDdaLRdA4i9TFxgEAAAAAABgl6HNBg9W9nOhuPFjiTI5TX_Lw2f2W_xulfF0eVgZQMJNlHmzZ4JYq9WyBgAAEMAGAAAI4NbNW8AaJAc!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:1314:397:4325:f0c1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 4345
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e4218b71-8df3-11ec-a7f9-1ee5b9e10106&orig=video&us_privacy=1---gdpr=1&

0
98 B

42ms
41ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e4218b71-8df3-11ec-a7f9-1ee5b9e10106&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7_dcCFgPn5NnwxUCv7QTn5NnwxUCv7QUAAAAGBuIHHcRY8EYUynJGI812y-FoMtkslpPZYLCZzWZD6CDGgjeiUJYzGmm2Ww5Hk8lksRouBsPFajGYQoawzH7fQch3uwwPn8sgKrreFrvDafa8AQNNp8PnuterjKfLw64z-y1-u8bv9ssBAAAA4AHAC_YQ4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAKGxQgMAjaPAXJa73x8AAA8KIAAAAhgkAAW_qSUAKj3FJwAAAAAAAAAALP____8xA_R9ozID-0olPQAPPgAPRAWqRYwAAAAAgCP_to8mdUJlUQUAQJBuBXAFABDgp4-rCxEGAAAAMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEbPTC04IYUOzVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKxOIXbD2WA3GWwmswMAAAC4-____9cDCcPMsnJtTBbHxLDc-CaG4XIzHI5sI49pZrPYHN6Lqno8X7vKZunLEJbZ7zsI-W6X4eFzGURF19tidzjNnvtN2GK0mkw2y-FsuZgMhqPhaLQ_gRwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0Rhgwj38bkG61Fo4XNLVr5lmuFybVwC1aLlcflsvk2HsNa9PqYnoPRbjXaeFEwwGMvgot0ojI5TX_Lw2f2W_xulfF0eVjEEs3JIp3ILvuGYWZZuTYmi2NiWG58E8NwuRkOR7aRxzSzWWwOf8kw8m1MvtFaNFrY3KKVb7lWmFwLt2C1WHlcLptv4zGsRa-P6TkY7Vajjb8xG42Gw81yMds3ZqPRcLhZLmb7DpPpmfqcjbbNOeWRSWzR6Fg7Mx8ULoPFu5iYdt_O8CC7VoxOlWWcLOiMfr_f7_f7_X6_32_Qeg5mg8I3Ps4k47X2YN0cZwaxwaCIJYLTRToR-t0ui1gieVqkE81u5ZqMHA6XyTAarGyOkWlimW0Gm9XENty4jDOLWKI0XaQTvUT9x4dYTuaK0WqumOzmksVylQAAAAAAAAAAljBn3gQAAADgNJjdbDdaLRdA4i9TFxgEAAAAAABgl6HNBg9W9nOhuPFjiTI5TX_Lw2f2W_xulfF0eVgZQMJNlHmzZ4JYq9WyBgAAEMAGAAAI4NbNW8AaJAc!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 49043

Redirect headers

Date: Tue, 15 Feb 2022 00:11:58 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e4218b71-8df3-11ec-a7f9-1ee5b9e10106&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 15
Connection: keep-alive
Content-Length: 0

POST
H2 200 editoraglobo
horizon-track.globo.com/event/ 0
461 B 899ms
122ms Ping
text/plain 35.211.79.33
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://horizon-track.globo.com/event/editoraglobo
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.211.79.33 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 33.79.211.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryulFlUMENX19xCZdG

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
x-served-from: hzt-tsuru
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://extra.globo.com
access-control-allow-credentials: true
access-control-allow-headers: user,User-Agent,Content-Type,GLBID,GLBUID,GST
content-length: 0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame BE1C
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=google
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3FiZnNyV1E
https://beacon.krxd.net/usermatch.gif?google_gid=CAESELWMMXNsXwrrqzJQSUbTExA&google_cver=1

0
337 B

52ms
52ms

Image
text/plain

52.49.5.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESELWMMXNsXwrrqzJQSUbTExA&google_cver=1
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Server: 52.49.5.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-5-47.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
cache-control: private, no-cache, no-store
x-request-time: D=21 t=1644883918
x-served-by: beacon-n018-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:11:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESELWMMXNsXwrrqzJQSUbTExA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame BE1C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3FiZnNyV1E
https://beacon.krxd.net/usermatch.gif?google_gid=CAESELWMMXNsXwrrqzJQSUbTExA&google_cver=1

0
337 B

108ms
52ms

Image
text/plain

52.49.5.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESELWMMXNsXwrrqzJQSUbTExA&google_cver=1
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Server: 52.49.5.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-5-47.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
cache-control: private, no-cache, no-store
x-request-time: D=72 t=1644883918
x-served-by: beacon-n015-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:11:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESELWMMXNsXwrrqzJQSUbTExA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame BE1C
Redirect Chain

https://stags.bluekai.com/site/26357?id=OqbfsrWQ&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOqbfsrWQ%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID
https://beacon.krxd.net/usermatch.gif?_kuid=OqbfsrWQ&partner=bluekai&bk_uuid=$_BK_UUID

0
337 B

66ms
64ms

Image
text/plain

52.49.5.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?_kuid=OqbfsrWQ&partner=bluekai&bk_uuid=$_BK_UUID
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Server: 52.49.5.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-5-47.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
cache-control: private, no-cache, no-store
x-request-time: D=30 t=1644883918
x-served-by: beacon-n008-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: https://beacon.krxd.net/usermatch.gif?_kuid=OqbfsrWQ&partner=bluekai&bk_uuid=$_BK_UUID
Date: Tue, 15 Feb 2022 00:11:58 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame BE1C
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://gum.criteo.com/sync?s=1&c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=GBhRMnFh8-_gU4LExiYCQjgLklyzLBqi

0
337 B

53ms
53ms

Image
text/plain

52.49.5.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=GBhRMnFh8-_gU4LExiYCQjgLklyzLBqi
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Server: 52.49.5.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-5-47.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
cache-control: private, no-cache, no-store
x-request-time: D=52 t=1644883918
x-served-by: beacon-n004-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=GBhRMnFh8-_gU4LExiYCQjgLklyzLBqi
date: Tue, 15 Feb 2022 00:11:58 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 3935
content-length: 218
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H2 200 p
sb.scorecardresearch.com/ Frame BE1C 64 B
442 B 39ms
39ms Image
image/gif 108.157.4.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=OqbfsrWQ&rn=1644883920
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-121.dus51.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
via: 1.1 8080d8bfc581f6befaaa7736f6d0003e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: sjpd-z9xN4yPZcgp0NwEIqDesfOTqCiqHZElF6kxwV_leRKQgrvWyw==

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame BE1C
Redirect Chain

https://dpm.demdex.net/ibs:dpid=66757&&dpuuid=OqbfsrWQ&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=66757&&dpuuid=OqbfsrWQ&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D
https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=57808780047675104912170905254055227753

0
337 B

53ms
52ms

Image
text/plain

52.49.5.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=57808780047675104912170905254055227753
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Server: 52.49.5.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-5-47.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
cache-control: private, no-cache, no-store
x-request-time: D=76 t=1644883918
x-served-by: beacon-n009-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

DCS: dcs-prod-irl1-2-v028-086f2020d.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: FuPcZU/QQaI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=57808780047675104912170905254055227753
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame BE1C
Redirect Chain

https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID
https://beacon.krxd.net/usermatch.gif?adnxs_uid=5297640074662591712

0
338 B

174ms
51ms

Image
text/plain

52.49.5.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?adnxs_uid=5297640074662591712
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Server: 52.49.5.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-5-47.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1644883918
x-served-by: beacon-n007-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 00:11:58 GMT
X-Proxy-Origin: 192.145.127.219; 192.145.127.219; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: b97d5c55-558e-44f2-852e-7d874a5be6c8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://beacon.krxd.net/usermatch.gif?adnxs_uid=5297640074662591712
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK mapuid
ib.adnxs.com/ Frame BE1C 43 B
764 B 63ms
25ms Image
image/gif 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/mapuid?member_id=1780&user=OqbfsrWQ

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 00:11:58 GMT
X-Proxy-Origin: 192.145.127.219; 192.145.127.219; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: a8767738-30f7-4f27-9940-9ae4790bb674
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 379708.gif
idsync.rlcdn.com/ Frame BE1C 42 B
308 B 77ms
35ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/379708.gif?partner_uid=OqbfsrWQ
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:11:58 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame BE1C 0
214 B 126ms
25ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=27384&puid=krux_id&gdpr=0
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

usersync
pixel-sync.sitescout.com/connectors/krux/ Frame BE1C
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=sitescout
https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=OqbfsrWQ&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID

0
191 B

149ms
45ms

Image
text/plain

66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=OqbfsrWQ&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:11:58 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=OqbfsrWQ&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID
date: Tue, 15 Feb 2022 00:11:58 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a007-ash-prod.krxd.net

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame BE1C
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=verizon
https://cms.analytics.yahoo.com/cms?partner_id=KRUX&_hosted_id=OqbfsrWQ
https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-Wq9sV1ZE2psJM_Png.g1U8rmsp3GsZjW5g--~A

0
337 B

52ms
51ms

Image
text/plain

52.49.5.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-Wq9sV1ZE2psJM_Png.g1U8rmsp3GsZjW5g--~A
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Server: 52.49.5.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-5-47.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1644883919
x-served-by: beacon-n010-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Tue, 15 Feb 2022 00:11:59 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-Wq9sV1ZE2psJM_Png.g1U8rmsp3GsZjW5g--~A
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2

200

sync
sync.navdmp.com/ Frame BE1C
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=navegg
https://sync.navdmp.com/sync?prtid=30&salid=OqbfsrWQ

6 B
91 B

174ms
154ms

Image
application/javascript

2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?prtid=30&salid=OqbfsrWQ
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6dda526d0f9983a8-MXP
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript

Redirect headers

location: https://sync.navdmp.com/sync?prtid=30&salid=OqbfsrWQ
date: Tue, 15 Feb 2022 00:11:58 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a002-ash-prod.krxd.net

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame BE1C
Redirect Chain

https://sync.1rx.io/usersync/krux/OqbfsrWQ?dspret=1&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync/krux/OqbfsrWQ?zcc=1&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3D%5BRX_UUID%5D&cb=1644883918706
https://sync.targeting.unrulymedia.com/csync/RX-8bb6f815-b49b-498d-8683-23236d317373-003?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3DRX-8bb6f815-b49b-4...
https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=RX-8bb6f815-b49b-498d-8683-23236d317373-003

0
337 B

52ms
52ms

Image
text/plain

52.49.5.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=RX-8bb6f815-b49b-498d-8683-23236d317373-003
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Server: 52.49.5.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-5-47.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
cache-control: private, no-cache, no-store
x-request-time: D=49 t=1644883919
x-served-by: beacon-n005-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=RX-8bb6f815-b49b-498d-8683-23236d317373-003
date: Tue, 15 Feb 2022 00:11:58 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX8bb6f815b49b498d868323236d317373003
content-type: text/html

GET getdata.xgi
r.nexac.com/e/ Frame BE1C 0
0

GET
H2 200 cmTagWIDGET_ITEM.js Show response
vidstat.taboola.com/vpaid/units/31_2_0/infra/ 739 KB
128 KB 58ms
19ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/31_2_0/infra/cmTagWIDGET_ITEM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.3/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 71769c74178783d0e41a28992586f549be8300d0ee428dfc9d02651d1ffc96a0

Request headers

Referer: https://extra.globo.com/
Origin: https://extra.globo.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
via: 1.1 varnish
age: 223325
x-amz-meta-mtime: 1644660443
x-cache: HIT
x-amz-meta-ctime: 1644660444
x-amz-meta-mode: 33188
content-encoding: br
content-length: 130392
x-amz-id-2: 8j4oAiCujHOBHSkI1Re/0r+xAugIoOVUepU/S+82wKS7+r2rg3kIWkqGnRLg9sXW1GnoSn6f8b4=
x-served-by: cache-mxp6963-MXP
accept-ranges: bytes
last-modified: Sat, 12 Feb 2022 10:07:25 GMT
server: AmazonS3-br
x-timer: S1644883919.543934,VS0,VE0
etag: "46be57cc116a57b79b450a45a5db5d8d"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: GKKGJ7MD34091QZJ
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 101480

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/31_2_0/assets/css/ 63 KB
8 KB 22ms
21ms Stylesheet
text/css 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/31_2_0/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.3/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 04c92da639b83f3954de1481055274f4dc6891364297dec15c0050a2e5c6dc13

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
via: 1.1 varnish
age: 223326
x-amz-meta-mtime: 1644660496
x-cache: HIT
x-amz-meta-ctime: 1644660496
x-amz-meta-mode: 33188
content-encoding: br
content-length: 8280
x-amz-id-2: DIJj0MzYSe0VW9513kddEbMGnbnAe2WL0b1UVAeHCYYwIRWzf8nwlbnFwuv01zUiDd7W3tb2IFA=
x-served-by: cache-mxp6946-MXP
accept-ranges: bytes
last-modified: Sat, 12 Feb 2022 10:08:17 GMT
server: AmazonS3-br
x-timer: S1644883919.505228,VS0,VE6
etag: "19adad12972fe11c2c8a39a781625b6d"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: GKKQM1H7WH7DBKPV
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-headers: *
x-cache-hits: 312441

GET
H2 200 PMS.js Show response
vidstat.taboola.com/PMS/3.2.2/ 59 KB
17 KB 16ms
16ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/PMS/3.2.2/PMS.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_2_0/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
via: 1.1 dd6d273a0e8062d5909bfd6bf570f52b.cloudfront.net (CloudFront), 1.1 varnish
age: 3697840
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 17509
x-served-by: cache-mxp6946-MXP
last-modified: Thu, 21 Jan 2021 11:30:56 GMT
server: AmazonS3
x-timer: S1644883919.670302,VS0,VE0
etag: "f237b8d35060f133ac8c595fd1234e1c"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: MXP64-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: lnKhoLwCZWTspO5wqVTfjaS5NcWFaoNqpLrj_IT_dp66O79TUDcsQQ==
x-cache-hits: 8777146

GET
H2 200 / Show response
usergate.globo.com/ 31 B
356 B 676ms
224ms XHR
text/plain 201.7.182.142
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://usergate.globo.com/

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.extra/prod/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.182.142 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

nginx /

Resource Hash

2a132f694fca13150b46dd45bb2fc64064fa992e875159d7e2bd75212e9d2e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://extra.globo.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: User-Agent,Content-Type,Cookie,X-App,GLBID,GST

GET
H2 200 content14_10_18m.js Show response
vidstat.taboola.com/ 37 KB
8 KB 18ms
18ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content14_10_18m.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_2_0/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
via: 1.1 1c526e04dcf5c9c6163e62b0bdd963b1.cloudfront.net (CloudFront), 1.1 varnish
age: 2051199
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 7638
x-served-by: cache-mxp6946-MXP
last-modified: Sun, 14 Oct 2018 13:31:31 GMT
server: AmazonS3
x-timer: S1644883919.730617,VS0,VE0
etag: "d8d81221ec6e604811ce469d899c9c8b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: MXP64-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 7Aq0SdyObGvcCMHtXa1Yuh4-C3PivGHmeGMJdQytqqBacuUh52VQrQ==
x-cache-hits: 2131161

GET
H2 200 video-autoplay-detector.js Show response
vidstat.taboola.com/video-autoplay-detector/1.0.0/ 8 KB
2 KB 17ms
17ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_2_0/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
via: 1.1 932fae480d62106deccf09cea69a7db2.cloudfront.net (CloudFront), 1.1 varnish
age: 1377386
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 2210
x-served-by: cache-mxp6946-MXP
last-modified: Mon, 10 Jun 2019 11:55:53 GMT
server: AmazonS3
x-timer: S1644883919.735051,VS0,VE0
etag: "2fac39530c1c168282a35d1ab56450ed"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: MXP64-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: SZfX3UtWAOfblGV6xQU1w4yxO9WGwr0_ubqWNSa7-TGP5jtwCQkucg==
x-cache-hits: 1197485

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v13.5.5/ 553 KB
114 KB 18ms
17ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.5.5/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_2_0/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 9ae8bbf7f8b5f1d3bfbebd5593f718f867d7962e895dc47508735bab6bbc454d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
via: 1.1 varnish
age: 536455
x-amz-meta-mtime: 1644347398
x-cache: HIT
x-amz-meta-ctime: 1644347411
x-amz-meta-mode: 33188
content-encoding: br
content-length: 116114
x-amz-id-2: ZcEODUw9ytOA3ala8LJZaY1ZmLLuKb1HdqyD/w+TuYlD7IPw2Qy3YbGPWdMJVP0IKLskEmszREY=
x-served-by: cache-mxp6946-MXP
accept-ranges: bytes
last-modified: Tue, 08 Feb 2022 19:10:12 GMT
server: AmazonS3-br
x-timer: S1644883919.756982,VS0,VE0
etag: "f1e77e853ec80fa583d681a35dc1cb54"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: V8ET2R1FFXX1PJW7
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 951671

GET
H2 200 sync Show response
am-match.taboola.com/ Frame FE7F 742 B
827 B 42ms
42ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7_dcCFgPn5NnwxUCv7QTn5NnwxUCv7QUAAAAGBuIHHcRY8EYUynJGI812y-FoMtkslpPZYLCZzWZD6CDGgjeiUJYzGmm2Ww5Hk8lksRouBsPFajGYQoawzH7fQch3uwwPn8sgKrreFrvDafa8AQNNp8PnuterjKfLw64z-y1-u8bv9ssBAAAA4AHAC_YQ4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAKGxQgMAjaPAXJa73x8AAA8KIAAAAhgkAAW_qSUAKj3FJwAAAAAAAAAALP____8xA_R9ozID-0olPQAPPgAPRAWqRYwAAAAAgCP_to8mdUJlUQUAQJBuBXAFABDgp4-rCxEGAAAAMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEbPTC04IYUOzVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKxOIXbD2WA3GWwmswMAAAC4-____9cDCcPMsnJtTBbHxLDc-CaG4XIzHI5sI49pZrPYHN6Lqno8X7vKZunLEJbZ7zsI-W6X4eFzGURF19tidzjNnvtN2GK0mkw2y-FsuZgMhqPhaLQ_gRwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0Rhgwj38bkG61Fo4XNLVr5lmuFybVwC1aLlcflsvk2HsNa9PqYnoPRbjXaeFEwwGMvgot0ojI5TX_Lw2f2W_xulfF0eVjEEs3JIp3ILvuGYWZZuTYmi2NiWG58E8NwuRkOR7aRxzSzWWwOf8kw8m1MvtFaNFrY3KKVb7lWmFwLt2C1WHlcLptv4zGsRa-P6TkY7Vajjb8xG42Gw81yMds3ZqPRcLhZLmb7DpPpmfqcjbbNOeWRSWzR6Fg7Mx8ULoPFu5iYdt_O8CC7VoxOlWWcLOiMfr_f7_f7_X6_32_Qeg5mg8I3Ps4k47X2YN0cZwaxwaCIJYLTRToR-t0ui1gieVqkE81u5ZqMHA6XyTAarGyOkWlimW0Gm9XENty4jDOLWKI0XaQTvUT9x4dYTuaK0WqumOzmksVylQAAAAAAAAAAljBn3gQAAADgNJjdbDdaLRdA4i9TFxgEAAAAAABgl6HNBg9W9nOhuPFjiTI5TX_Lw2f2W_xulfF0eVgZQMJNlHmzZ4JYq9WyBgAAEMAGAAAI4NbNW8AaJAc!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_2_0/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/

Response headers

server: nginx
date: Tue, 15 Feb 2022 00:11:58 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3402

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 857B
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

106ms
32ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7rPkCFgPn5NnwxUCv7QTn5NnwxUCv7QUAAAAGBvQHHDRY7CakzYw1GM12m8VsMFgsF5PhbDUbTIbAQYPFbkLazFiD0Wy3WcwGg8FqM5ktZrPVZAoRxnKZDGqBhGX2-w6Chs_lBgw0nQ6f616vMp4uD7vO7Lf47Rq_2y8HAAAAgAeAqqcFiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAITEcA0ANI4Cc1nufn8AADwogAAACGCQABTwnpYAfJwdnQAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBWsFjECAAAAAI782z6a1AmVRRUAAEG6FcAVAECAnz6u7kMYAAAAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTstELTwtiQLFX-wUEAFj7BQQAYBs3AIA3AbigI2jFYLA6hdgNZ4PdZLCZzA4AAADg7v___18PJAwzy8q1MVkcE8Ny45sYhsvNcDiyjTymmc1ic3gvqurxfO0qm6VvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0P4EcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEYYMI9_G5ButRaOFzS1a-ZZrhcm1cAtWi5XH5bL5Nh7DWvT6mJ6D0W412nhRMMBjL4KLdKIyOU1_y8Nn9lv8bpXxdHlYxBLNySKdyC77hmFmWbk2JotjYlhufBPDcLkZDke2kcc0s1lsDn_JMPJtTL7RWjRa2NyilW-5VphcC7dgtVh5XC6bb-MxrEWvj-k5GO1Wo42_MRuNhsPNcjHbN2aj0XC4WS5m-w6T6Zn6nI22zTnlkUls0ehYOzMfFC6DxbuYmHbfzvAgu1aMTpVlnCzojH6_3-_3-_1-v99v0HoOZoPCNz7OJOO19mDdHGcGscGgiCWC00U6EfrdLotYInlapBOZcbHwbHYT48jkMK12G4dnYtvNRi6Tw7GcuHYLi1iiNF2kE71E_ceHWE7mitFqrpjs5pLFcpUAAAAAAAAAAJYwZ94EAAAA4DSY3Wq5Wy0XQOIvUxcYBAAAAAAAYJehzQYPVvZzobjxY4kyOU1_y8Nn9lv8bpXxdHlYGUDCTZR5s2eCWKvVsgYAABDABgAACODWzVvAGiQH!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://am-match.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 15 Feb 2022 00:11:58 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
date: Tue, 15 Feb 2022 00:11:58 GMT
access-control-allow-credentials: true
access-control-allow-origin: *

GET
BLOB 206
Partial Content dcab846d-9904-4eeb-8c77-02852c683946
https://extra.globo.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://extra.globo.com/dcab846d-9904-4eeb-8c77-02852c683946
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer: https://extra.globo.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 70d8ff87-492e-4f12-887a-f1655dfb823a
https://extra.globo.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://extra.globo.com/70d8ff87-492e-4f12-887a-f1655dfb823a
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer: https://extra.globo.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 CreativeDisplayer Show response
impr.taboola.com/ 2 KB
2 KB 59ms
42ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://impr.taboola.com/CreativeDisplayer?adId=6403075&excid=22
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.5.5/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e4116c978d366b8965ed631869066cca809fbc62a2cc53c5223ffea6bd3c7180

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: text/plain

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
via: 1.1 varnish
server: nginx
x-timer: S1644883919.855746,VS0,VE26
x-served-by: cache-mxp6946-MXP
x-cache: MISS
access-control-allow-origin: https://extra.globo.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame FE7F 43 B
182 B 112ms
111ms Image
image/gif 2600:1f18:612b:4216:1314:397:4325:f0c1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7_dcCFgPn5NnwxUCv7QTn5NnwxUCv7QUAAAAGBuIHHcRY8EYUynJGI812y-FoMtkslpPZYLCZzWZD6CDGgjeiUJYzGmm2Ww5Hk8lksRouBsPFajGYQoawzH7fQch3uwwPn8sgKrreFrvDafa8AQNNp8PnuterjKfLw64z-y1-u8bv9ssBAAAA4AHAC_YQ4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAKGxQgMAjaPAXJa73x8AAA8KIAAAAhgkAAW_qSUAKj3FJwAAAAAAAAAALP____8xA_R9ozID-0olPQAPPgAPRAWqRYwAAAAAgCP_to8mdUJlUQUAQJBuBXAFABDgp4-rCxEGAAAAMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEbPTC04IYUOzVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKxOIXbD2WA3GWwmswMAAAC4-____9cDCcPMsnJtTBbHxLDc-CaG4XIzHI5sI49pZrPYHN6Lqno8X7vKZunLEJbZ7zsI-W6X4eFzGURF19tidzjNnvtN2GK0mkw2y-FsuZgMhqPhaLQ_gRwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0Rhgwj38bkG61Fo4XNLVr5lmuFybVwC1aLlcflsvk2HsNa9PqYnoPRbjXaeFEwwGMvgot0ojI5TX_Lw2f2W_xulfF0eVjEEs3JIp3ILvuGYWZZuTYmi2NiWG58E8NwuRkOR7aRxzSzWWwOf8kw8m1MvtFaNFrY3KKVb7lWmFwLt2C1WHlcLptv4zGsRa-P6TkY7Vajjb8xG42Gw81yMds3ZqPRcLhZLmb7DpPpmfqcjbbNOeWRSWzR6Fg7Mx8ULoPFu5iYdt_O8CC7VoxOlWWcLOiMfr_f7_f7_X6_32_Qeg5mg8I3Ps4k47X2YN0cZwaxwaCIJYLTRToR-t0ui1gieVqkE81u5ZqMHA6XyTAarGyOkWlimW0Gm9XENty4jDOLWKI0XaQTvUT9x4dYTuaK0WqumOzmksVylQAAAAAAAAAAljBn3gQAAADgNJjdbDdaLRdA4i9TFxgEAAAAAABgl6HNBg9W9nOhuPFjiTI5TX_Lw2f2W_xulfF0eVgZQMJNlHmzZ4JYq9WyBgAAEMAGAAAI4NbNW8AaJAc!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:1314:397:4325:f0c1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame FE7F 70 B
264 B 51ms
51ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7_dcCFgPn5NnwxUCv7QTn5NnwxUCv7QUAAAAGBuIHHcRY8EYUynJGI812y-FoMtkslpPZYLCZzWZD6CDGgjeiUJYzGmm2Ww5Hk8lksRouBsPFajGYQoawzH7fQch3uwwPn8sgKrreFrvDafa8AQNNp8PnuterjKfLw64z-y1-u8bv9ssBAAAA4AHAC_YQ4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAKGxQgMAjaPAXJa73x8AAA8KIAAAAhgkAAW_qSUAKj3FJwAAAAAAAAAALP____8xA_R9ozID-0olPQAPPgAPRAWqRYwAAAAAgCP_to8mdUJlUQUAQJBuBXAFABDgp4-rCxEGAAAAMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEbPTC04IYUOzVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKxOIXbD2WA3GWwmswMAAAC4-____9cDCcPMsnJtTBbHxLDc-CaG4XIzHI5sI49pZrPYHN6Lqno8X7vKZunLEJbZ7zsI-W6X4eFzGURF19tidzjNnvtN2GK0mkw2y-FsuZgMhqPhaLQ_gRwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0Rhgwj38bkG61Fo4XNLVr5lmuFybVwC1aLlcflsvk2HsNa9PqYnoPRbjXaeFEwwGMvgot0ojI5TX_Lw2f2W_xulfF0eVjEEs3JIp3ILvuGYWZZuTYmi2NiWG58E8NwuRkOR7aRxzSzWWwOf8kw8m1MvtFaNFrY3KKVb7lWmFwLt2C1WHlcLptv4zGsRa-P6TkY7Vajjb8xG42Gw81yMds3ZqPRcLhZLmb7DpPpmfqcjbbNOeWRSWzR6Fg7Mx8ULoPFu5iYdt_O8CC7VoxOlWWcLOiMfr_f7_f7_X6_32_Qeg5mg8I3Ps4k47X2YN0cZwaxwaCIJYLTRToR-t0ui1gieVqkE81u5ZqMHA6XyTAarGyOkWlimW0Gm9XENty4jDOLWKI0XaQTvUT9x4dYTuaK0WqumOzmksVylQAAAAAAAAAAljBn3gQAAADgNJjdbDdaLRdA4i9TFxgEAAAAAABgl6HNBg9W9nOhuPFjiTI5TX_Lw2f2W_xulfF0eVgZQMJNlHmzZ4JYq9WyBgAAEMAGAAAI4NbNW8AaJAc!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:11:58 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame FE7F
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e4218b71-8df3-11ec-a7f9-1ee5b9e10106&orig=video&us_privacy=1---gdpr=1&

0
98 B

41ms
41ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e4218b71-8df3-11ec-a7f9-1ee5b9e10106&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7_dcCFgPn5NnwxUCv7QTn5NnwxUCv7QUAAAAGBuIHHcRY8EYUynJGI812y-FoMtkslpPZYLCZzWZD6CDGgjeiUJYzGmm2Ww5Hk8lksRouBsPFajGYQoawzH7fQch3uwwPn8sgKrreFrvDafa8AQNNp8PnuterjKfLw64z-y1-u8bv9ssBAAAA4AHAC_YQ4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAKGxQgMAjaPAXJa73x8AAA8KIAAAAhgkAAW_qSUAKj3FJwAAAAAAAAAALP____8xA_R9ozID-0olPQAPPgAPRAWqRYwAAAAAgCP_to8mdUJlUQUAQJBuBXAFABDgp4-rCxEGAAAAMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEbPTC04IYUOzVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKxOIXbD2WA3GWwmswMAAAC4-____9cDCcPMsnJtTBbHxLDc-CaG4XIzHI5sI49pZrPYHN6Lqno8X7vKZunLEJbZ7zsI-W6X4eFzGURF19tidzjNnvtN2GK0mkw2y-FsuZgMhqPhaLQ_gRwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0Rhgwj38bkG61Fo4XNLVr5lmuFybVwC1aLlcflsvk2HsNa9PqYnoPRbjXaeFEwwGMvgot0ojI5TX_Lw2f2W_xulfF0eVjEEs3JIp3ILvuGYWZZuTYmi2NiWG58E8NwuRkOR7aRxzSzWWwOf8kw8m1MvtFaNFrY3KKVb7lWmFwLt2C1WHlcLptv4zGsRa-P6TkY7Vajjb8xG42Gw81yMds3ZqPRcLhZLmb7DpPpmfqcjbbNOeWRSWzR6Fg7Mx8ULoPFu5iYdt_O8CC7VoxOlWWcLOiMfr_f7_f7_X6_32_Qeg5mg8I3Ps4k47X2YN0cZwaxwaCIJYLTRToR-t0ui1gieVqkE81u5ZqMHA6XyTAarGyOkWlimW0Gm9XENty4jDOLWKI0XaQTvUT9x4dYTuaK0WqumOzmksVylQAAAAAAAAAAljBn3gQAAADgNJjdbDdaLRdA4i9TFxgEAAAAAABgl6HNBg9W9nOhuPFjiTI5TX_Lw2f2W_xulfF0eVgZQMJNlHmzZ4JYq9WyBgAAEMAGAAAI4NbNW8AaJAc!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 45254

Redirect headers

Date: Tue, 15 Feb 2022 00:11:58 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e4218b71-8df3-11ec-a7f9-1ee5b9e10106&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 10
Connection: keep-alive
Content-Length: 0

GET
H2 200 moatvideo.js Show response
z.moatads.com/taboolajsvideo2446883476/ 347 KB
113 KB 98ms
25ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/taboolajsvideo2446883476/moatvideo.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.5.5/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4ec32fd849e69123db9e52a16586c46f2089547f2bde91020dcd580c3a61c54a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 16:36:19 GMT
server: AmazonS3
x-amz-request-id: 0B9427FKQEXZHCW1
etag: "af22a7b3433344aad8c796b32240a964"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=29629
accept-ranges: bytes
content-length: 114861
x-amz-id-2: VCVc0NG/vtJhXOpva1Xhv6wf9zClFhKZbzFYfrgGmygwiNlQi63zIKuA2SEVi7POl2guvcgbs0U=

GET
H2 206 dvsxpgxsc5efao1bueu9_MOBILE.mp4
vidstat.taboola.com/uploadedVideos/228385/ 973 KB
974 KB 17ms
17ms Media
video/mp4 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/uploadedVideos/228385/dvsxpgxsc5efao1bueu9_MOBILE.mp4
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 935085351cd608a13d37f2ed01f34f15717bae8fadc6667b4a2f59522729abc0

Request headers

Referer: https://extra.globo.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 15 Feb 2022 00:11:58 GMT
via: 1.1 fbd0ff69760f3a4dd26b4ffb73d9ba5c.cloudfront.net (CloudFront), 1.1 varnish
age: 939046
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-996455/996456
x-amz-meta-md5-hash: 55890030ca2320c12dbb2d1d0dac3f5f
Content-Length: 996456
x-served-by: cache-mxp6946-MXP
last-modified: Sun, 01 Aug 2021 13:53:04 GMT
server: AmazonS3
x-timer: S1644883919.907226,VS0,VE1
etag: "55890030ca2320c12dbb2d1d0dac3f5f"
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: MXP63-P3
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 8hTgmhg15HhkEozMY0C1IB_grzE_fRZLdRfCYx0NBRTcmXhjJlHTrw==
x-cache-hits: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 857B 32 KB
10 KB 34ms
34ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 60bd98f878ee40135821356c2c8984e898c8bfdcd458f0a77ef6980a6c536643

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 00:11:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59032
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9704
Expires: Tue, 15 Feb 2022 16:35:50 GMT

GET
H2 200 integrator.js Show response
adservice.google.it/adsid/ 107 B
792 B 98ms
38ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.js?domain=extra.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:11:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 94ms
36ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=extra.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:11:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
8 KB 71ms
70ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3270257099969328&correlator=3341032236510870&output=ldjh&eid=31061814%2C44758228&output=ldjh&gdfp_req=1&vrg=2022020901&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=85042905%2Cinfo.web.extra%2Chome%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&prev_scp=Editora.pos%3DDhtml&eri=1&cust_params=ognCluster%3D%26kuid%3D&cookie_enabled=1&bc=31&abxe=1&dt=1644883920734&lmt=1644883920&dlt=1644883915875&idt=2709&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=4903&adks=2263088871&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fextra.globo.com%2F&vis=1&scr_x=0&scr_y=0&psz=1600x4902&msz=1600x0&ga_vid=1323511657.1644883919&ga_sid=1644883921&ga_hid=47975251&ga_fc=true&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e15681b5e9450e049f50f1d516f6f81df484dbbea4e73b735dc6a683f4995a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8463
x-xss-protection: 0
google-lineitem-id: 5589317011
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138337269223
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://extra.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 43 KB
18 KB 1300ms
1299ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3270257099969328&correlator=3341032236510870&output=ldjh&eid=31061814%2C44758228&output=ldjh&gdfp_req=1&vrg=2022020901&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=85042905%2Cinfo.web.extra%2Chome%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x90%7C728x90%7C970x250%7C1190x250%7C1190x150%7C970x150&prev_scp=Editora.pos%3DTop%26Editora.random%3D5%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D970x250%26hb_pb_appnexus%3D0.01%26hb_adid_appnexus%3D136977c081cb89%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.01%26hb_adid%3D136977c081cb89%26hb_bidder%3Dappnexus&eri=1&cust_params=ognCluster%3D%26kuid%3D&cookie_enabled=1&bc=31&abxe=1&dt=1644883920742&lmt=1644883920&dlt=1644883915875&idt=2709&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=59&adks=2475375514&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fextra.globo.com%2F&vis=1&scr_x=0&scr_y=0&psz=1600x4902&msz=1600x0&ga_vid=1323511657.1644883919&ga_sid=1644883921&ga_hid=47975251&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53eadb6de16d0f1e800b34606963bae08c1354cf735e803fc52db896e5756b80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18220
x-xss-protection: 0
google-lineitem-id: 5908228303
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138379813991
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://extra.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 44 KB
17 KB 1120ms
1120ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3270257099969328&correlator=3341032236510870&output=ldjh&eid=31061814%2C44758228&output=ldjh&gdfp_req=1&vrg=2022020901&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=85042905%2Cinfo.web.extra%2Chome%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250&prev_scp=Editora.pos%3DVitrine&eri=1&cust_params=ognCluster%3D%26kuid%3D&cookie_enabled=1&bc=31&abxe=1&dt=1644883920745&lmt=1644883920&dlt=1644883915875&idt=2709&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=4367&adks=1821320864&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fextra.globo.com%2F&vis=1&scr_x=0&scr_y=0&psz=976x290&msz=976x0&ga_vid=1323511657.1644883919&ga_sid=1644883921&ga_hid=47975251&ga_fc=true&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5043b1d9c9785e51c38e8272f0f7b477e371170eee268f1ee5a0db96a25192d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17824
x-xss-protection: 0
google-lineitem-id: 5908228294
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138379841958
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://extra.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
9 KB 426ms
426ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3270257099969328&correlator=3341032236510870&output=ldjh&eid=31061814%2C44758228&output=ldjh&gdfp_req=1&vrg=2022020901&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=85042905%2Cinfo.web.extra%2Chome%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=304x456&prev_scp=Editora.pos%3DBox-Chamada&eri=1&cust_params=ognCluster%3D%26kuid%3D&cookie_enabled=1&bc=31&abxe=1&dt=1644883920747&lmt=1644883920&dlt=1644883915875&idt=2709&frm=20&biw=1600&bih=1200&oid=2&adxs=969&adys=872&adks=628334461&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fextra.globo.com%2F&vis=1&scr_x=0&scr_y=0&psz=302x0&msz=302x0&ga_vid=1323511657.1644883919&ga_sid=1644883921&ga_hid=47975251&ga_fc=true&fws=4&ohw=302&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fb2575af43f9c61d4b49348fc75f1a7288dfb3c08279c6552abcea8b9621cd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
google-lineitem-id: 5546598900
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138378747883
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://extra.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
9 KB 160ms
160ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3270257099969328&correlator=3341032236510870&output=ldjh&eid=31061814%2C44758228&output=ldjh&gdfp_req=1&vrg=2022020901&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=85042905%2Cinfo.web.extra%2Chome%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=304x456&prev_scp=Editora.pos%3DBox-Chamada&eri=1&cust_params=ognCluster%3D%26kuid%3D&cookie_enabled=1&bc=31&abxe=1&dt=1644883920750&lmt=1644883920&dlt=1644883915875&idt=2709&frm=20&biw=1600&bih=1200&oid=2&adxs=969&adys=872&adks=2388423192&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fextra.globo.com%2F&vis=1&scr_x=0&scr_y=0&psz=302x0&msz=302x0&ga_vid=1323511657.1644883919&ga_sid=1644883921&ga_hid=47975251&ga_fc=true&fws=4&ohw=302&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d63b64122a25a9b281505b205fb2495abd1abeaea26e09a98105843e407e2c15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9516
x-xss-protection: 0
google-lineitem-id: 5546598900
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138380979940
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://extra.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
9 KB 560ms
559ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3270257099969328&correlator=3341032236510870&output=ldjh&eid=31061814%2C44758228&output=ldjh&gdfp_req=1&vrg=2022020901&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=85042905%2Cinfo.web.extra%2Chome%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=304x456&prev_scp=Editora.pos%3DBox-Chamada&eri=1&cust_params=ognCluster%3D%26kuid%3D&cookie_enabled=1&bc=31&abxe=1&dt=1644883920753&lmt=1644883920&dlt=1644883915875&idt=2709&frm=20&biw=1600&bih=1200&oid=2&adxs=969&adys=872&adks=3907026645&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fextra.globo.com%2F&vis=1&scr_x=0&scr_y=0&psz=302x0&msz=302x0&ga_vid=1323511657.1644883919&ga_sid=1644883921&ga_hid=47975251&ga_fc=true&fws=4&ohw=302&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17c764183434becf68738c787ea3488515f09787e7f78345f44a37f3c5115da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9551
x-xss-protection: 0
google-lineitem-id: 5546598900
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138379347901
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://extra.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
9 KB 933ms
932ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3270257099969328&correlator=3341032236510870&output=ldjh&eid=31061814%2C44758228&output=ldjh&gdfp_req=1&vrg=2022020901&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=85042905%2Cinfo.web.extra%2Chome%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=304x456&prev_scp=Editora.pos%3DBox-Chamada&eri=1&cust_params=ognCluster%3D%26kuid%3D&cookie_enabled=1&bc=31&abxe=1&dt=1644883920756&lmt=1644883920&dlt=1644883915875&idt=2709&frm=20&biw=1600&bih=1200&oid=2&adxs=969&adys=872&adks=3933636768&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fextra.globo.com%2F&vis=1&scr_x=0&scr_y=0&psz=302x0&msz=302x0&ga_vid=1323511657.1644883919&ga_sid=1644883921&ga_hid=47975251&ga_fc=true&fws=4&ohw=302&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d5d6ecb109357b4b964fe810a8f166b1da67b70a6f1c47eb516a33de33e1092

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9528
x-xss-protection: 0
google-lineitem-id: 5546598900
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138372045259
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://extra.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
9 KB 254ms
253ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3270257099969328&correlator=3341032236510870&output=ldjh&eid=31061814%2C44758228&output=ldjh&gdfp_req=1&vrg=2022020901&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=85042905%2Cinfo.web.extra%2Chome%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=304x456&prev_scp=Editora.pos%3DBox-Chamada&eri=1&cust_params=ognCluster%3D%26kuid%3D&cookie_enabled=1&bc=31&abxe=1&dt=1644883920759&lmt=1644883920&dlt=1644883915875&idt=2709&frm=20&biw=1600&bih=1200&oid=2&adxs=969&adys=872&adks=4018187571&ucis=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fextra.globo.com%2F&vis=1&scr_x=0&scr_y=0&psz=302x0&msz=302x0&ga_vid=1323511657.1644883919&ga_sid=1644883921&ga_hid=47975251&ga_fc=true&fws=4&ohw=302&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3ad5fe96b598a70f24bdc72c4aba5ae29f8d7721e620ad812a84b41f573b2e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9561
x-xss-protection: 0
google-lineitem-id: 5546598900
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138378856208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://extra.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
9 KB 735ms
735ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3270257099969328&correlator=3341032236510870&output=ldjh&eid=31061814%2C44758228&output=ldjh&gdfp_req=1&vrg=2022020901&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=85042905%2Cinfo.web.extra%2Chome%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=304x456&prev_scp=Editora.pos%3DBox-Chamada&eri=1&cust_params=ognCluster%3D%26kuid%3D&cookie_enabled=1&bc=31&abxe=1&dt=1644883920764&lmt=1644883920&dlt=1644883915875&idt=2709&frm=20&biw=1600&bih=1200&oid=2&adxs=969&adys=872&adks=3631606948&ucis=9&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fextra.globo.com%2F&vis=1&scr_x=0&scr_y=0&psz=302x0&msz=302x0&ga_vid=1323511657.1644883919&ga_sid=1644883921&ga_hid=47975251&ga_fc=true&fws=4&ohw=302&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

209b3e7618998ce23229ff24c26fbea32b0499d9343fddac88605abcc706810a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9505
x-xss-protection: 0
google-lineitem-id: 5546598900
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138376695901
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://extra.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
9 KB 335ms
334ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3270257099969328&correlator=3341032236510870&output=ldjh&eid=31061814%2C44758228&output=ldjh&gdfp_req=1&vrg=2022020901&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=85042905%2Cinfo.web.extra%2Chome%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=304x456&prev_scp=Editora.pos%3DBox-Chamada&eri=1&cust_params=ognCluster%3D%26kuid%3D&cookie_enabled=1&bc=31&abxe=1&dt=1644883920767&lmt=1644883920&dlt=1644883915875&idt=2709&frm=20&biw=1600&bih=1200&oid=2&adxs=969&adys=872&adks=2695077571&ucis=a&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fextra.globo.com%2F&vis=1&scr_x=0&scr_y=0&psz=302x0&msz=302x0&ga_vid=1323511657.1644883919&ga_sid=1644883921&ga_hid=47975251&ga_fc=true&fws=4&ohw=302&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49b9feb2022e018d76fe7c91a124a339cecf1f3e1bc9eee124a43cd500d80c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9507
x-xss-protection: 0
google-lineitem-id: 5546598900
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138378128594
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://extra.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
9 KB 518ms
517ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3270257099969328&correlator=3341032236510870&output=ldjh&eid=31061814%2C44758228&output=ldjh&gdfp_req=1&vrg=2022020901&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=85042905%2Cinfo.web.extra%2Chome%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=304x456&prev_scp=Editora.pos%3DBox-Chamada&eri=1&cust_params=ognCluster%3D%26kuid%3D&cookie_enabled=1&bc=31&abxe=1&dt=1644883920769&lmt=1644883920&dlt=1644883915875&idt=2709&frm=20&biw=1600&bih=1200&oid=2&adxs=969&adys=872&adks=466433780&ucis=b&ifi=11&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fextra.globo.com%2F&vis=1&scr_x=0&scr_y=0&psz=302x0&msz=302x0&ga_vid=1323511657.1644883919&ga_sid=1644883921&ga_hid=47975251&ga_fc=true&fws=4&ohw=302&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ff90bd5fc480750c7523afe9178d5dad3d28e93a5bf4e303914d95e259f1c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9551
x-xss-protection: 0
google-lineitem-id: 5546598900
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138368739726
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://extra.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
9 KB 822ms
821ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3270257099969328&correlator=3341032236510870&output=ldjh&eid=31061814%2C44758228&output=ldjh&gdfp_req=1&vrg=2022020901&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=85042905%2Cinfo.web.extra%2Chome%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=304x456&prev_scp=Editora.pos%3DBox-Chamada&eri=1&cust_params=ognCluster%3D%26kuid%3D&cookie_enabled=1&bc=31&abxe=1&dt=1644883920773&lmt=1644883920&dlt=1644883915875&idt=2709&frm=20&biw=1600&bih=1200&oid=2&adxs=969&adys=872&adks=757062354&ucis=c&ifi=12&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fextra.globo.com%2F&vis=1&scr_x=0&scr_y=0&psz=302x0&msz=302x0&ga_vid=1323511657.1644883919&ga_sid=1644883921&ga_hid=47975251&ga_fc=true&fws=4&ohw=302&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74cb7a1fcd0f15474672afba97996118f798c158848fc0fb46359f1079c5a251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9532
x-xss-protection: 0
google-lineitem-id: 5546598900
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138376240638
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://extra.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
9 KB 646ms
646ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3270257099969328&correlator=3341032236510870&output=ldjh&eid=31061814%2C44758228&output=ldjh&gdfp_req=1&vrg=2022020901&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=85042905%2Cinfo.web.extra%2Chome%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=304x456&prev_scp=Editora.pos%3DBox-Chamada&eri=1&cust_params=ognCluster%3D%26kuid%3D&cookie_enabled=1&bc=31&abxe=1&dt=1644883920776&lmt=1644883920&dlt=1644883915875&idt=2709&frm=20&biw=1600&bih=1200&oid=2&adxs=969&adys=872&adks=4272100671&ucis=d&ifi=13&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fextra.globo.com%2F&vis=1&scr_x=0&scr_y=0&psz=302x0&msz=302x0&ga_vid=1323511657.1644883919&ga_sid=1644883921&ga_hid=47975251&ga_fc=true&fws=4&ohw=302&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a28f82ebbab336d9537ef1880f56eb557b9691aac7c86d1f9ad070933f97ffd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9576
x-xss-protection: 0
google-lineitem-id: 5546598900
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138369488372
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://extra.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DBF7 6 KB
4 KB 131ms
36ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 15 Feb 2022 00:11:59 GMT
expires: Wed, 15 Feb 2023 00:11:59 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 857B 0
239 B 107ms
25ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---&khaos=KZNDEYD0-1R-1G0K
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
76 B 160ms
152ms Script
application/x-javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=1039e7c6caeaaa32ab9205667710&acc=13574&url=https%3A//extra.globo.com/&tit=Extra%20-%20Extra%20Online&h1=Extra%20Online
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6dda526e498d83a8-MXP
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript

GET
H2 204 usermatch.gif Show response
beacon.krxd.net/ 0
337 B 52ms
51ms Script
text/plain 52.49.5.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/usermatch.gif?partner=navegg&partner_uid=1039e7c6caeaaa32ab9205667710
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.5.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-5-47.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
cache-control: private, no-cache, no-store
x-request-time: D=34 t=1644883919
x-served-by: beacon-n001-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 n.js Show response
geo.moatads.com/ 98 B
272 B 203ms
49ms Script
text/html 18.133.69.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-CVvuwVF0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-N5RF9h1deVpMDA%3D%3D&sc=1&os=1-9Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=TABOOLAJSVIDEO1&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=13&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1644883920834&de=249879985745&m=0&ar=944fd8091a1-clean&iw=2e30a08&q=2&cb=0&ym=0&cu=1644883920834&ll=2&lm=0&ln=0&r=0&em=0&en=0&d=WIDGET_ITEM%3A203735%3A67003845%3Aextra.globo.com&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fextra.globo.com%2F&id=1&ii=4&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Fdvsxpgxsc5efao1bueu9_MOBILE.mp4&zMoatOrigSlicer2=N%2FA&zMoatDomain=globo.com&zMoatSubdomain=extra.globo.com&gw=taboolajsvideo2446883476&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A3260%3A3260%3A0%3A3450&jm=-1&fs=196859&na=1550598009&cs=0&ord=1644883920834&jv=443273793&callback=DOMlessLLDcallback_23084187
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/taboolajsvideo2446883476/moatvideo.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.69.250 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-69-250.eu-west-2.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: d224a38a493fe1a1e3f8af8c361bb10b53f85487aa32baa7976d1caea684d5c6

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "568262217e369d3536e4dbc26ea63216818c340b"
content-length: 98
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 34ms
25ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=TABOOLAJSVIDEO1&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=13&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1644883920834&de=249879985745&m=0&ar=944fd8091a1-clean&iw=2e30a08&q=3&cb=0&ym=0&cu=1644883920834&ll=2&lm=0&ln=0&r=0&em=0&en=0&d=WIDGET_ITEM%3A203735%3A67003845%3Aextra.globo.com&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fextra.globo.com%2F&id=1&ii=4&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Fdvsxpgxsc5efao1bueu9_MOBILE.mp4&zMoatOrigSlicer2=N%2FA&zMoatDomain=globo.com&zMoatSubdomain=extra.globo.com&gw=taboolajsvideo2446883476&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A3260%3A3260%3A0%3A3450&jm=-1&fs=196859&na=1297729483&cs=0
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:11:59 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1066 0
0 64ms
63ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJSolfbw8T6-1R6ywWMxzO1Q5KvCaRuyQ1G0rOtuhEU4Y6IhgYjBM5Egoquuls7fQN6WEb4msCE4bytbRL0vb_8GTZlIosWbIU-vHnDNtLSI1u0Hr0O8YNhHL2Z88jLao5W2nhi5KAX4dc460RqXjeSpt28eAnaEahq8vYhc4QR8FpiwSALKvUJzEHzZbXDAsaNApG_dk-a8rVe8exSQSSmoj7s6wB2Njbhvhcyv2W_kQxyPLEZDZZNXmwW-gnDu0umVLXK5RCvBXii1BX655tKrBPaQvU9u09lS9H2DAqubZUxvLyFzNTyih951hVLZAdExgbvN9OC7yDPOitCHuvfAM5AEs&sig=Cg0ArKJSzCMh0NEw3uOmEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:11:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK extra.globo.com_14987.js Show response
ads.vidoomy.com/ Frame 1066 5 KB
6 KB 417ms
133ms Script
application/javascript 3.129.250.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.vidoomy.com/extra.globo.com_14987.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.129.250.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-129-250-65.us-east-2.compute.amazonaws.com
Software: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash: 53caa58f1ab20423a75881460a684f7920d72926e4a2ee24d04566f73657e0f9

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 00:11:59 GMT
Server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=300
Content-Length: 5555

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1066 124 KB
38 KB 73ms
40ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
H2 200 cd
cd.navdmp.com/ 6 B
58 B 167ms
158ms Image
application/x-javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cd.navdmp.com/cd?prtid=13574&prtusridr=77af39f401bbb6640faf64fd1b6dfb7dc98ceb4a
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6dda526efab783a8-MXP
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 857B
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&gdpr=1&us_privacy=1---
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZNDEYD0-1R-1G0K&sigv=1&esig=2~dcea0bd13c5874ac67dbfbb1da847b897f68cec6&gdpr=1&us_privacy=1---

0
194 B

99ms
29ms

Image
text/plain

2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZNDEYD0-1R-1G0K&sigv=1&esig=2~dcea0bd13c5874ac67dbfbb1da847b897f68cec6&gdpr=1&us_privacy=1---

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Protocol

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZNDEYD0-1R-1G0K&sigv=1&esig=2~dcea0bd13c5874ac67dbfbb1da847b897f68cec6&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 857B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEEE4QMDsLw_xEdG2obdjlxM&google_cver=1

0
239 B

25ms
25ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEEE4QMDsLw_xEdG2obdjlxM&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:11:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEEE4QMDsLw_xEdG2obdjlxM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 857B
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pOREVZRDAtMVItMUcwSw==&gdpr=1&us_privacy=1---

170 B
188 B

34ms
34ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pOREVZRDAtMVItMUcwSw==&gdpr=1&us_privacy=1---

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:11:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pOREVZRDAtMVItMUcwSw==&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 857B
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDdjNWFjYmJjZWRjN2U3MmU1MmQyNzgxMGY5MWZjY2ExMGYzZTQ0OQ&gdpr=1&us_privacy=1---

170 B
188 B

35ms
35ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDdjNWFjYmJjZWRjN2U3MmU1MmQyNzgxMGY5MWZjY2ExMGYzZTQ0OQ&gdpr=1&us_privacy=1---

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:11:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDdjNWFjYmJjZWRjN2U3MmU1MmQyNzgxMGY5MWZjY2ExMGYzZTQ0OQ&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 857B 0
0 40ms
33ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 857B 0
239 B 25ms
25ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 857B 70 B
264 B 52ms
51ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:11:59 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 857B
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/RPpwGsjgPbI2Gl5El5sgdsn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2390054394047842176

0
239 B

26ms
26ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2390054394047842176
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

Redirect headers

date: Tue, 15 Feb 2022 00:11:59 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2390054394047842176
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5217 0
0 64ms
63ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstXjSKtrLpVxMG0TwTw1LNMV_YENaReKt2txLLEHxzLdtsZu95eU6pIiQtZ7vLonUGKVKvClGgGUDDidXfV_hCrYcZKv33PqIP8-PSOG4Rt_Fhj0jnrKJKnK7qw7ACKgrIo4GWzT9BA5CaKNt6vnpHtF_ycsDOio1B3T4ZsdfzRvRjrul_fbHPEKMnbP8SmUrYXk5hKVLB3P8kA_dyV1yVSVLFdZOadgjr8R6_RA6h-P4Xf1qxNTC7jNkoxF0C6gpW4_RNSuoxx4OdsknFTC_ZvULACSvSJFsaehk4Hrlg82p-nNpLP56JLyGFQXnjlnRcHE48f&sig=Cg0ArKJSzACz6uknRQ4JEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:11:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 css
fonts.googleapis.com/ Frame 5217 3 KB
626 B 66ms
33ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:700italic

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec9ad4872671a77bb72b759983ee8d0e6887999023f29c503251aa9d661275d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 00:11:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 00:11:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
H2 200 4641787415213286303
tpc.googlesyndication.com/simgad/ Frame 5217 32 KB
32 KB 86ms
28ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4641787415213286303?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d3e5515c8496b1f982b1fc3c57389c3f5e795ce1b2e6f00852c9b47c3aafde1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 14:33:20 GMT
x-content-type-options: nosniff
age: 553119
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33044
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 14:30:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Feb 2023 14:33:20 GMT

GET
H2 200 10605511692198005403
tpc.googlesyndication.com/simgad/ Frame 5217 6 KB
6 KB 83ms
25ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10605511692198005403?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2e80835247f13fceb8a4da11f8f27f1fa1693dcf47c8d5f1699bda402eef405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 14:41:00 GMT
x-content-type-options: nosniff
age: 552659
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5887
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 14:33:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Feb 2023 14:41:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5217 124 KB
38 KB 73ms
70ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
H3 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkyFjWVAewA.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 5217 17 KB
17 KB 61ms
29ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkyFjWVAewA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3131314786063c25356e58697cbc14131dbb8d8b585e4a92b855f25d2eee09dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://extra.globo.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 23:23:37 GMT
x-content-type-options: nosniff
age: 521302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17360
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:15 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 23:23:37 GMT

GET
DATA 200
OK truncated
/ Frame 1066 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13d2040ff163056863587528a23e09b373d438b88691eeb616bb3bf6af307b80

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 2 KB
1 KB 16ms
16ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding: gzip
etag: "3aa74dbf5cd656dbb65deda2d238ddbd"
age: 3082
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 911
x-amz-id-2: eW3h89yrtwcHpvKq3c5HsWXhqbcEdMeXgca1pUDCy9F7gwIrpLfh/z3DHAPkmlrr9HUU8h/cJrM=
x-served-by: cache-mxp6946-MXP
last-modified: Wed, 14 Jul 2021 05:06:01 GMT
server: AmazonS3
x-timer: S1644883919.320705,VS0,VE0
date: Tue, 15 Feb 2022 00:11:59 GMT
vary: Accept-Encoding
x-amz-request-id: 590HHT1T5ZEWHPYV
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 12
x-cache-hits: 6665

GET
H2 200 eid.js Show response
cdn.taboola.com/scripts/ 14 KB
5 KB 17ms
17ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: Rgk6TX83.a2Xbi9.mRUycMEPnxVzEJhe
content-encoding: gzip
etag: "f7917ed1eb799a729725a7db50d1f828"
age: 8963
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5258
x-amz-id-2: ixu+D4fP31o1CpNdCEKGb6kiXRC0lSRr4LAciyGgNuj+kWtSsITgNilYjKVXV4gczzeWhjKz5rA=
x-served-by: cache-mxp6946-MXP
last-modified: Tue, 28 Dec 2021 08:10:40 GMT
server: AmazonS3
x-timer: S1644883919.320889,VS0,VE0
date: Tue, 15 Feb 2022 00:11:59 GMT
vary: Accept-Encoding
x-amz-request-id: MMPHZ9PNJJ540DEQ
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 12
x-cache-hits: 26180

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F124 0
0 63ms
63ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstC77OPPUlBK5fXUr3XmoyP0nPaoBm1a66k3oWFbwkTXjJ8zBQ_k7_RfhA4gTROy_B_YZgM_hc9Tv9HctCI8_RBH427UrigwfMdEsuKAUdttLAjQmBfAiy_Phm6WQkp5hZMhCte17h-kyUzMepAqBaBWRzYmUcXh5xtOYoB_WsWTmMGg0M91ujtQtKMgUnm3773yAWS_l-oG3bEBQsxSUpiaQryeAZglEIkGimwy0NbMurJMfBqrxIaG5Tnc7W-7yh_yGqfuV7P2DVVW4lWZC7GF8nX3nkwak4A2pXmRxUZXt7RAHK53OtjEqNR9yTtyiio4trT&sig=Cg0ArKJSzH37JK_fEHSoEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:11:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 css
fonts.googleapis.com/ Frame F124 3 KB
626 B 34ms
34ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:700italic

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec9ad4872671a77bb72b759983ee8d0e6887999023f29c503251aa9d661275d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 00:11:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 00:11:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
H3 200 4837998435964086305
tpc.googlesyndication.com/simgad/ Frame F124 70 KB
70 KB 77ms
31ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4837998435964086305?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b82aa358e8f6adfaa958fd6337e7be95a34182fc791fc858ea538bffe56e0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 17:42:03 GMT
x-content-type-options: nosniff
age: 23396
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71869
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 17:13:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 14 Feb 2023 17:42:03 GMT

GET
H3 200 4236300781284616574
tpc.googlesyndication.com/simgad/ Frame F124 6 KB
6 KB 72ms
26ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4236300781284616574?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2e80835247f13fceb8a4da11f8f27f1fa1693dcf47c8d5f1699bda402eef405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 17:42:03 GMT
x-content-type-options: nosniff
age: 23396
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5887
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 17:13:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 14 Feb 2023 17:42:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F124 124 KB
38 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5217 0
0 102ms
63ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPxiraW2-VFDHz7_SMy9SD854VCURqXn1j5rV9dr0UHzzLwJueIqvcYTrxy_FGCAdIkN3CUpSyfSq0giHZA2ASbj7GAobQ1GrCZV7gkyTAZ1YF_73e2Fwpszxdu9yfoTcDUVpbV64TeCkmZzHXedqn3F8YiKDZ3YZuq-_SuU8IQYrEGN2Ep-OIYSPZSLWYRcgBO3hctrhqbEh5mX0Jn-utRJDB6SH5ailzK0cgwUAxNek1rRIjR0poCOkR3hmXCZ1tL2DADadunXmrEXPhh4X10xt0AjiefMAbwW-1d9jK-Dbjf6kO87qYmw-Pj8GOF6LCkDqsWns&sig=Cg0ArKJSzD-mZ6zECkPdEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:11:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
DATA 200
OK truncated
/ Frame 5217 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f2871b3b53427a199c3df435a44e1a5454dd65e52225b2bb2e7d224d96bc19e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
pips.taboola.com/ 4 B
122 B 16ms
15ms XHR
text/plain 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-mxp6963-MXP
access-control-allow-methods: GET
access-control-allow-origin: https://extra.globo.com
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H3 200 container.html Show response
93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5D42 6 KB
3 KB 59ms
26ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Feb 2022 00:11:59 GMT
expires: Wed, 15 Feb 2023 00:11:59 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ 0
155 B 334ms
108ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=d0d7cd74-44af-4e79-ad5a-051eceef7cc0-tuct904754c
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 15 Feb 2022 00:11:59 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H3 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkyFjWVAewA.woff2
fonts.gstatic.com/s/opensans/v27/ Frame F124 17 KB
17 KB 29ms
28ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkyFjWVAewA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3131314786063c25356e58697cbc14131dbb8d8b585e4a92b855f25d2eee09dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://extra.globo.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 23:23:37 GMT
x-content-type-options: nosniff
age: 521302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17360
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:15 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 23:23:37 GMT

GET
DATA 200
OK truncated
/ Frame F124 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b30a05dea3589a1a9463f07618bc712db677467091a6065d18f1f2763a328bc0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 5D42 22 KB
7 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com
URL: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 12:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128747
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Feb 2023 12:26:12 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5D42 3 KB
626 B 34ms
34ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:700italic

Requested by

Host: 93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com
URL: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec9ad4872671a77bb72b759983ee8d0e6887999023f29c503251aa9d661275d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 00:11:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 00:11:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
H3 200 4937530138650704488
tpc.googlesyndication.com/simgad/ Frame 5D42 14 KB
14 KB 26ms
26ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4937530138650704488?

Requested by

Host: 93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com
URL: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2a9d5345e19ec260d520463feb932e2ffb88320857caca0c5d7ca95da88fb65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 03:17:48 GMT
x-content-type-options: nosniff
age: 248051
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14232
x-xss-protection: 0
last-modified: Sat, 15 Jan 2022 00:17:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 Feb 2023 03:17:48 GMT

GET
H3 200 3346732757921994849
tpc.googlesyndication.com/simgad/ Frame 5D42 17 KB
17 KB 31ms
31ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3346732757921994849?

Requested by

Host: 93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com
URL: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248a5984cfbabac261e9224a1b813826d6e5bb559f06f20db868a12b30905fc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 03:17:48 GMT
x-content-type-options: nosniff
age: 248051
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17316
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 15:20:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 Feb 2023 03:17:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5D42 124 KB
38 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com
URL: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F124 0
0 64ms
64ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZxMWubJ-zTqeYrhg_z13GC0ByYPXpW032fEUrtbzmoE8hfZrWGNyoIr52LU_r9FZBQtpCFHoqptaUcr8f62tbOrmm3i1iOfpMjJcMhZma42J5kNkNRkpy9L3jReqZcjG-IET6yX3k5ENrhKaxNTCIq20Sd5FptsJRk6z7MIm-7Abg71GG7KvJdjGY-poDzTiaJ7Jdu36De7CC7aeUeZFHPWrhEGQa9aGS9afRJLKVsdyrnDuVm2DQzDU6UzJUXP7NyO-SY_YHMql00PLy3j-JPOWIrlJjWtBJky1lLFjSSPGjVfuWZCdJ5JkBblP2datgqK8ZacY&sig=Cg0ArKJSzETKrXVeia3FEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:11:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 49DD 0
0 64ms
64ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsusMAz7v8Wj0c8l_xTBRjgBnR5vx-Pb-QS4G5kcLEuY_3o7rnOYgmLwDJQZwhjYxdqFt2aCGtlZTLDeBQVvFVPbt12P65oqYEWF_VJPXtpXf3Ky2hsJ3Cnk5lFjW812Y98v7LpGfvQlGYx7tqhN_p_idiQfo37I-AizqAQktcM1RB3c4Rkfr5lAKYL8xUlsmdfOfUlKd7NtbiWglALLCqSaSSnoy0wPmwFGRr6wnZITAP07m67uzb79ooluRseE1vQ2hs9B6vpwO9UmBgE92l4T4DhAF0r06mbFfVyA0SxjdG728smcqKfZ6G1vnoS4YuLqq0yk&sig=Cg0ArKJSzLFZndWMkC6MEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:11:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 css
fonts.googleapis.com/ Frame 49DD 3 KB
626 B 37ms
37ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:700italic

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec9ad4872671a77bb72b759983ee8d0e6887999023f29c503251aa9d661275d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 00:11:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 00:11:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
H3 200 15361061321527571265
tpc.googlesyndication.com/simgad/ Frame 49DD 52 KB
52 KB 30ms
29ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15361061321527571265?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f192dd362de916dd76e5dd42ee9dc577572ab0532acf4a8c22dba028315d49de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53385
x-xss-protection: 0
last-modified: Mon, 17 Jan 2022 22:25:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Feb 2023 00:11:59 GMT

GET
H3 200 18446123671810444448
tpc.googlesyndication.com/simgad/ Frame 49DD 2 KB
2 KB 35ms
35ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18446123671810444448?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ea744d6e09c97657c9e61a7a6d2053670dace8fc2c63ba5801455ffe5a6cc00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2356
x-xss-protection: 0
last-modified: Mon, 17 Jan 2022 22:24:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Feb 2023 00:11:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 49DD 124 KB
38 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5D42 0
0 64ms
64ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstf4AocRnCRGLsRCrYM-RmRn-m8CUoq0OIb11geRM7XfkuCM3u6vqF1h9p6LO1eU__Ib-d8N2kGkOPXebPtAtZW8YrT07MHRNwIYq52F-0Kk-4IfMmIk0WWZNQlLWe0fHiMKw9aL6-H68EsUZprx_V16Crs37sD4Nrfhyie9TkFItStFU60ZWXwnCqTBfaZNFmgMzwYJVv7NMXzgC09SUHSQ1HKwctcXCRL1JYZ7yq0km3frWwQ9o0kMECnbL9lFgXoSWuTPKTDTYh5U4NxraMdhHjyxTo58z7T0zKRA56oCIjRufEgo65JXiHpEVY1RMBSpzKN&sig=Cg0ArKJSzOQ88tGRhombEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com
URL: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:11:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkyFjWVAewA.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 5D42 17 KB
17 KB 30ms
29ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkyFjWVAewA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3131314786063c25356e58697cbc14131dbb8d8b585e4a92b855f25d2eee09dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 23:23:37 GMT
x-content-type-options: nosniff
age: 521302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17360
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:15 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 23:23:37 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5D42 0
0 65ms
64ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIicM6kGvKiTakdEWwWJuOS2X9LpxUlhZj2WNCL2qOb_-w11UItGgKRNLEvZFlMQVCLxqGkNkCRUf9TKAlr_cuu2j1gSua1BtpY_mod7by5fmST6_X-ns3BCUjjMl01vASAT8WJcTg8ZN8hcMgMHRkIAV7gv0Zo62IebmCDBWNQRHtpNFAEih2UGUnk11JzSzAKNLhAlz9xpXLon2E8bOhdeprdZKtRoKSQs0DBB33InPm5ZNEt7Z5I_KJ8dliydPK8daoZUz4QJk45onFGMG7buuSsX2xkS1nfag-3y5KYbm8M7R9n9haD3ONmMxIo92HVUHsxJI&sig=Cg0ArKJSzA08ygHoro60EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:11:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
DATA 200
OK truncated
/ Frame 5D42 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ccd6412d45241bbdcd97880e472cf5405ec6f26a9f0090bc8e07251a3ecbd99f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkyFjWVAewA.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 49DD 17 KB
17 KB 28ms
28ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkyFjWVAewA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3131314786063c25356e58697cbc14131dbb8d8b585e4a92b855f25d2eee09dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://extra.globo.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 23:23:37 GMT
x-content-type-options: nosniff
age: 521302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17360
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:15 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 23:23:37 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 49DD 0
0 62ms
62ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulFzXNMziBWe64tWbi-RF8LbZxKWklTxH6qKTfyU636qeUls8AXqQ24iOtNlBX0buni5fDFdbdTLRzPiZB33kmlj5XA5o130t_6BYGDU4U7rAgIyx87LZE0UGHOCbquD5dRfkRaHKTggHDD9o18KnAaqOmjR9vyA1JQv4p-oncHET9dzoS5VpS4FskFbhCEZhGMqLEcxTJEO0YZzGxU1ldcCsBfAKbBzQH_3A_akQJ_tJg-6VVPuKhWTbiSMyI-jqgCL2iV60LSW61L37o_cSrwRv1AxcBvBgGL9gRsaszvhStduT7ZqmRXEnnjZb8z7NDe3CD5j8&sig=Cg0ArKJSzIsC_Es1B9T6EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:11:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
DATA 200
OK truncated
/ Frame 49DD 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: daa8b983063c1f0070c71aa49702895cbd16dae0496407509b619bb94aaa5649

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C8F7 0
0 65ms
65ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkyZBlMbJ8Vt6o7HkwlWkFt9wrVb8sYsIrJbuc2dzZtY6dzyh_eQhrZMf83u7gAiOoRyohIZ2LRGmYFu1m0_r18sDFVtfVJjYDtBNHuyKhg4QFSFINirjJ-nq_P-D4j6CD_29YPpYzBvuwPl2kfeTbqjPXe4HIAIccvowau12HdctY7SALBxlHuERD2TGS475YajWX3ZLsMTooSBvig_FWzn8EOu8XrVZi1s-wd9aAYEHARKTa3N0CflscAy_HnbMF05IUacIznfMZicMssfPO9gOqGJYgy-5vVD0IYOk--xRrVT0sgtwxjQqAI_vN_wwbMG8K&sig=Cg0ArKJSzO4YjyVvzhE3EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:11:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 css
fonts.googleapis.com/ Frame C8F7 3 KB
626 B 35ms
34ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:700italic

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec9ad4872671a77bb72b759983ee8d0e6887999023f29c503251aa9d661275d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 00:11:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 00:11:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
H3 200 10503263303026466921
tpc.googlesyndication.com/simgad/ Frame C8F7 64 KB
64 KB 28ms
28ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10503263303026466921?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a43968cb56fa5542a20cabaf1e009f51ad8720e1d87347265ea07fd64eee5fe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 14:17:49 GMT
x-content-type-options: nosniff
age: 554050
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65369
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 17:22:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Feb 2023 14:17:49 GMT

GET
H3 200 11181407505177636070
tpc.googlesyndication.com/simgad/ Frame C8F7 6 KB
6 KB 27ms
26ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11181407505177636070?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2e80835247f13fceb8a4da11f8f27f1fa1693dcf47c8d5f1699bda402eef405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 14:17:49 GMT
x-content-type-options: nosniff
age: 554050
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5887
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 17:23:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Feb 2023 14:17:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C8F7 124 KB
38 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3F3C 0
0 65ms
65ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuv4JbJ3TTdL8XrrJwUINZKNt90bebaKx5rr2lU4xSedVSznZwSOtoFjqJt5tR28qu4_uECW6h7XXAuDh6ywn-ebRla6XWalGiqxta_tQNChPC3tjFONY-29EUfsVmHP8QGCvetIKNdNx-wzNBxrGvnbvYQ-chjpmsbjV27-GZnCcO4oiCY-4YIebPk7TAV_3FTo_9alPw3aU8_XRPRjiXmD6bjnPHic15oNYNYU38HubiB7iLa75kUCV5AqUB70dw8MDv78s93us2oJRdbiqvqcun3a_qyHbJbnX9rexq1EREW5Wtv4rI3bKhqMxYttEuU5RZZ&sig=Cg0ArKJSzDgF7_rBT64oEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:11:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 css
fonts.googleapis.com/ Frame 3F3C 3 KB
626 B 35ms
35ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:700italic

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec9ad4872671a77bb72b759983ee8d0e6887999023f29c503251aa9d661275d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 00:11:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 00:11:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
H3 200 3281661372175750928
tpc.googlesyndication.com/simgad/ Frame 3F3C 71 KB
71 KB 28ms
28ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3281661372175750928?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c78f5477b7af0a6ad77f459966ee4db9bdf2f2851df9bb8fa6e9257dc2d5e64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 17:52:03 GMT
x-content-type-options: nosniff
age: 22796
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73152
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 17:07:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 14 Feb 2023 17:52:03 GMT

GET
H3 200 12198738821905313100
tpc.googlesyndication.com/simgad/ Frame 3F3C 6 KB
6 KB 27ms
26ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12198738821905313100?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2e80835247f13fceb8a4da11f8f27f1fa1693dcf47c8d5f1699bda402eef405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 17:53:51 GMT
x-content-type-options: nosniff
age: 22688
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5887
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 17:08:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 14 Feb 2023 17:53:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3F3C 124 KB
38 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame FCCD 118 KB
35 KB 72ms
21ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1644883919.cds203.ml1.hn,1644883919.cds211.ml1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame 1A1C 118 KB
35 KB 90ms
46ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1644883919.cds203.ml1.hn,1644883919.cds211.ml1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H2

200

cookie Show response
a.vidoomy.com/api/rtbserver/ Frame 01A9
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent

43 B
290 B

112ms
27ms

Document
image/gif

3.125.225.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.225.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-225-187.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
content-type: image/gif
content-length: 43
content-encoding: none
vary: Origin

Redirect headers

cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
content-length: 0
date: Tue, 15 Feb 2022 00:11:58 GMT
server: AC1.1

GET
H/1.1 200
OK auto-user-sync
ads.stickyadstv.com/ 43 B
599 B 189ms
36ms Image
image/gif 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 00:11:59 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1644883919460055-403
Expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
H2 200 p
sb.scorecardresearch.com/ 64 B
439 B 40ms
38ms Image
image/gif 108.157.4.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=683911&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1644883921
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-121.dus51.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
via: 1.1 8080d8bfc581f6befaaa7736f6d0003e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: mA7aCAt24dur0gZlwmHGDef-QrBbacJ_u7di7hNkdN9ttc3m1f99Xg==

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=654785591.98025971614062617.3145751
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=654785591.98025971614062617.3145751
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dvidoomy%26expires%3D30%26user_group%3D%24%...
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dvidoomy%26expires%3D30%26user_group%3D%24%...
https://x.bidswitch.net/sync?dsp_id=429&user_id=7c31c089-5361-512e-a190-7dfdc39a9232&ssp=vidoomy&expires=30&user_group=1
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=ea93dafe-48d2-41c5-9bce-5f6bb33d5086

43 B
367 B

27ms
26ms

Image
image/gif

3.125.225.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=ea93dafe-48d2-41c5-9bce-5f6bb33d5086
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Server: 3.125.225.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-225-187.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:00 GMT
content-encoding: none
content-length: 43
vary: Origin
content-type: image/gif

Redirect headers

Location: //a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=ea93dafe-48d2-41c5-9bce-5f6bb33d5086
Date: Tue, 15 Feb 2022 00:11:59 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 ve
stg.vidoomy.com/api/rtbserver/ 9 B
90 B 122ms
31ms Image
application/json 99.83.189.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stg.vidoomy.com/api/rtbserver/ve?ad_type=Video&adomain=&c=IT&category=&crid=14987&deal=&domain=extra.globo.com&dsp=&dsp_ssp=&dt=1&gdpr=&gdprcs=&os=&p=&p_id=1&s=a&seat=1&size=&sspid=0&sync=0&zid=0&uimp=1
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.189.147 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ae6a0aaac8071ff4b.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
content-length: 9
vary: Origin
content-type: application/json

GET
H3 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkyFjWVAewA.woff2
fonts.gstatic.com/s/opensans/v27/ Frame C8F7 17 KB
17 KB 28ms
27ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkyFjWVAewA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3131314786063c25356e58697cbc14131dbb8d8b585e4a92b855f25d2eee09dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://extra.globo.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 23:23:37 GMT
x-content-type-options: nosniff
age: 521302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17360
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:15 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 23:23:37 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1066 0
0 62ms
62ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9DKy_f8Ls7H0feTi9r9foNINiiXCV39CmoEEVLhkcG7iApsw1WcYlqZ8abo8GMrhaF0Vu5HQRswg-jQMUe6njy1Q8HgmG_bojuGqF0_N6oQglEVQtpNpmexx62iOjwKJ8VlrOHmwnxi3tU_pIXpO6aeLt9d3yX2bwy_4QjuqPts5vH_XxLcDhXP9_uUX8_PIbAb9d_IikkasnVWUDVVMg3Eb0KPHcMSXURKFU6kXAJIcDYStWWN6XeTYTMl0Eg5BjYdMwRfjmJoxi2HYewNrO1LAAyErMECMfPqn-NzBPV6NnTkXD-3Kq3VujJ5FgL5ssPJLJn_9RDnQ&sig=Cg0ArKJSzHeJkzOXWF66EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:11:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C8F7 0
0 65ms
65ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsveuUXfVuRChdN2dLUYpuGIHLAnnutzWVPvgYoenHKxzCsTWqJ2yfdrBJksug561KV-2A_pDJWjSNSZARczvdcU5CPqcZTLx3YPnc6T1bNWKeB5aWQNkW_S7z03jaSDlmcNovXH0HPLyMt_rzNSOTdQihWhSvXPlR4vL0dEPkK_OM2nQUYOX16Yj4YQuFt85xeQzjnz2fxCRVfpaz1cJeTfbQsXq6klvak04K2eRtDr1ulrWW23jO6OtS2Uj3ePb52cwSAi3i8ZBG4GjXsGwpTh-HdTcUC0v5YoJhUpdlnSiDXVaDeCiTEHQYEbuoU-hoShJr71V-k&sig=Cg0ArKJSzJdPX2c4tO9pEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:11:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
DATA 200
OK truncated
/ Frame C8F7 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8da04d109f40074c6d5ac00b01883d83590c93d3fbafcaa8b8c636867aa9ccb6

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkyFjWVAewA.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 3F3C 17 KB
17 KB 29ms
28ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkyFjWVAewA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3131314786063c25356e58697cbc14131dbb8d8b585e4a92b855f25d2eee09dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://extra.globo.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 23:23:37 GMT
x-content-type-options: nosniff
age: 521302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17360
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:15 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 23:23:37 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3F3C 0
0 63ms
63ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsut9I6MUm_rpzcV3KROfvgLjNw0GTCpT4EjQFuHs0BG3SJ3h_aFbGUwDvdRQc-gDHXpc57fa7X5yI-vPbIxZDdK4TLU6_T-1ylkG-F2YZWiP_y6OZOo9obrsDhkalUEA9_dGlQeeFbvNlf7IKAPjQY4wGthJn92J4MJct3beDrSJ8CsePxZWTPv-Z0bi_2gSext7R8jQO0lhKw_13kQ6qPWHC4gc4TyUUxHaCmGyS_MKkvADZfg4ymmufDAwOhKj72dCqCOEbp4TtkEftxSOC9jcxcuVzMjPf4Q3FID1zt6vkDOInBOR0tbmP2yb8vN1R-w-1TVrVs&sig=Cg0ArKJSzEGdygDBdIXFEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:11:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
DATA 200
OK truncated
/ Frame 3F3C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0774a0e9e693910eeba53adce9267dc66df46e89742d026d3548f9da30bb9d01

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DFFD 0
0 65ms
65ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssViyaGffXSj6BuLj-kMyEyyrHXpBjEQaxGxO9lhDePCMep-LK5uEKdQTXPVLxeCBq9u4OW6ioudzjL8k2Uauu37yHMm8S6Ks73oowlx5vgnvOSMOxJfXxtnLiiUduJ9Wa__AuJKvzoxX1Fu7VGy7f3fQR6MxEMKZuV-lr-ig5MqSNETA8yPsO8v0OqlVGghJjbZHL4jVWR6G4vQ46yVV6OidJnHaWSVj3LQoA-eEInEESs1HV0wJGxAzFWv0OGfWmNyd6iuVhe3zPrz9UDya16ib2UFHj5UPefE-JhvnEbGQMzFHi1EJVzlrrk4Ry-_jZTt1Zq&sig=Cg0ArKJSzG9Whffbx5h0EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:11:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 css
fonts.googleapis.com/ Frame DFFD 3 KB
626 B 36ms
36ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:700italic

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec9ad4872671a77bb72b759983ee8d0e6887999023f29c503251aa9d661275d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 00:11:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 00:11:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
H3 200 3468700299006536075
tpc.googlesyndication.com/simgad/ Frame DFFD 63 KB
63 KB 29ms
29ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3468700299006536075?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45c7a1ceb6ad972338ea59666dd555a457d9d1cdbe49de7e3b7381dcbb9f740d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 14:18:02 GMT
x-content-type-options: nosniff
age: 554037
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64890
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 20:35:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Feb 2023 14:18:02 GMT

GET
H3 200 11935296893431908193
tpc.googlesyndication.com/simgad/ Frame DFFD 6 KB
6 KB 27ms
27ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11935296893431908193?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2e80835247f13fceb8a4da11f8f27f1fa1693dcf47c8d5f1699bda402eef405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 14:18:02 GMT
x-content-type-options: nosniff
age: 554037
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5887
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 20:35:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Feb 2023 14:18:02 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DFFD 124 KB
38 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame E8C9 5 KB
2 KB 19ms
19ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1644883919.cds203.ml1.hn,1644883919.cds223.ml1.c
access-control-allow-origin: *

GET
H2 200 ad Show response
v.lkqd.net/ Frame FCCD 2 KB
2 KB 495ms
248ms XHR
application/xml 146.20.128.150
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fextra.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c5=&c6=59871&rnd=13533570&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: b18b528928aa8b0ff1240596700de2159cfff22bd236b373d1c06e79024dfdf5

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:00 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://extra.globo.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1352

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 5E29 5 KB
2 KB 18ms
17ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1644883919.cds203.ml1.hn,1644883919.cds223.ml1.c
access-control-allow-origin: *

GET
H2 200 ad Show response
v.lkqd.net/ Frame 1A1C 180 B
355 B 342ms
112ms XHR
application/xml 146.20.128.150
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1135548&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fextra.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c5=&c6=59871&rnd=73781286&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:00 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://extra.globo.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 150

GET
H3 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkyFjWVAewA.woff2
fonts.gstatic.com/s/opensans/v27/ Frame DFFD 17 KB
17 KB 28ms
28ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkyFjWVAewA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3131314786063c25356e58697cbc14131dbb8d8b585e4a92b855f25d2eee09dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://extra.globo.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 23:23:37 GMT
x-content-type-options: nosniff
age: 521302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17360
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:15 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 23:23:37 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DFFD 0
0 63ms
63ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuHQep6pCn2PGPvSjU4GxIViyQR9skLHv04zOkuQBGTaS2IEuBPWGN488FVNDt3yHTGRNLYpp-OpnV2IzwQZInffTz7JI7fKf7_-TdE1r7lu3Co11bPvgXTCU56XC6YfmXGn-JS-zHhOc7wxjxSDosASDwRXfnvd8EuDOMV76gO9qfVcpMG1_CKQ0UAlW7tMjb4TyuLL7Ok9xdZaxFitG6XCCbC9vi0HEgjGN_arcOp8TE9NhnFgw7fQ07yzGGHE0_P7TNnOVmVaJSklZq3O4MyvwNpnA0dx7kxlIbENVFLwkchyJHjDsk5FUHTeeFNfhydJbxG3D0&sig=Cg0ArKJSzA9YjpQ-pamQEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:11:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
DATA 200
OK truncated
/ Frame DFFD 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0bdf4afb4cf632c7bdd89dcb6ec3ac093fdd34e9305913a66b4d28bc7528184

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1E8C 0
0 63ms
63ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcCdJL04qu7vzuaUcfoQdvLQH5BE5lLkE9KMFlQOqrg-fWf1fzm4ogSgQf8iUYrNB1_fjrlmcb9DwiC_EulLkFBy20JwCJIntRGtqzaSjtHfSFkzUllAp1P3umW3wZEI2MOsn_OIrZUmcDMlQS0kxGiT9id7dhz_aeuCJ-mQHNPOQLjtlQP9-34_LzZ6lg1pfJENre2So5msabVpaxasFFiZWy5fB-8cS5gm_04ndCcyKXRN5ZDtk9wOH7vj23OF5zhqW7jIU08uGWtg0Cd5nshtyE9CYgno_9V0BGGAIjg9iWyvd6djhyHegXdopazILfkapg&sig=Cg0ArKJSzPNH7MFSg7v6EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:11:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 css
fonts.googleapis.com/ Frame 1E8C 3 KB
626 B 35ms
35ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:700italic

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec9ad4872671a77bb72b759983ee8d0e6887999023f29c503251aa9d661275d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 23:49:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 00:11:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
H3 200 7217339257581864597
tpc.googlesyndication.com/simgad/ Frame 1E8C 47 KB
47 KB 28ms
27ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7217339257581864597?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22e4167e988a43563cac3fb12fdb17c695bad2ef64d39c31337267a4a3a44569

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 13:54:17 GMT
x-content-type-options: nosniff
age: 555462
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48081
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 19:22:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Feb 2023 13:54:17 GMT

GET
H3 200 9323068409964209128
tpc.googlesyndication.com/simgad/ Frame 1E8C 6 KB
6 KB 29ms
28ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9323068409964209128?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2e80835247f13fceb8a4da11f8f27f1fa1693dcf47c8d5f1699bda402eef405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 13:53:09 GMT
x-content-type-options: nosniff
age: 555530
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5887
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 19:23:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Feb 2023 13:53:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1E8C 124 KB
38 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
H2 200 cs
cs.lkqd.net/ Frame E8C9 43 B
309 B 353ms
111ms Image
image/gif 146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:00 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame E8C9 43 B
308 B 354ms
112ms Image
image/gif 146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:00 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame E8C9 43 B
308 B 355ms
114ms Image
image/gif 146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:00 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame E8C9 43 B
308 B 354ms
113ms Image
image/gif 146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:00 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame E8C9
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2937059457525651769

43 B
308 B

228ms
221ms

Image
image/gif

146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2937059457525651769
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:00 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2937059457525651769
pragma: no-cache
date: Tue, 15 Feb 2022 00:11:59 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 cs
cs.lkqd.net/ Frame 5E29 43 B
308 B 351ms
113ms Image
image/gif 146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:00 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 5E29 43 B
308 B 352ms
114ms Image
image/gif 146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:00 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 5E29 43 B
308 B 357ms
120ms Image
image/gif 146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:00 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 5E29 43 B
308 B 352ms
114ms Image
image/gif 146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:00 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 5E29
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3009117051563579705

43 B
308 B

226ms
219ms

Image
image/gif

146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3009117051563579705
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:00 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3009117051563579705
pragma: no-cache
date: Tue, 15 Feb 2022 00:11:59 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F6D0 0
0 65ms
65ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPwuwiu30D6gmbL-L8S59tYImzAl1HY-CjMuZFbkj9TyYmWjyfAsRp0SAEoO4mZsxHrZvYJqCxg85q-aIKw7P4-v78gH1fPigwnc7jlc_V6jhUr8rnrvx7FLtIjxWcTH3kBFk_R9DgiQjKjpCDWthcK1i5rON3zrsD0n_SM2QsxdI4WvcB2t4T__nCCjG88_kih55wkjoEyioBC08j4hEo-JMBGeDSiGOTdXtgEBo-si9Nrc0AJa2HtF7QWqxHwjci2qIm6MvHvRlPTHxi060SmSqfrYL5I11PvGSqFmrd6YGDIz9gfw0D9Ino5_3BWUbf1wE2&sig=Cg0ArKJSzIstzDNaNibkEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:11:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 css
fonts.googleapis.com/ Frame F6D0 3 KB
626 B 35ms
35ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:700italic

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec9ad4872671a77bb72b759983ee8d0e6887999023f29c503251aa9d661275d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 00:11:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 00:11:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
H3 200 4590754230659968999
tpc.googlesyndication.com/simgad/ Frame F6D0 82 KB
82 KB 28ms
27ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4590754230659968999?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0eacd5381648eb33e671175ec35ac5b120d24d7da11e4cf6673dac06a3d5ac7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 13:53:08 GMT
x-content-type-options: nosniff
age: 555531
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83838
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 19:33:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Feb 2023 13:53:08 GMT

GET
H3 200 9323068409964209128
tpc.googlesyndication.com/simgad/ Frame F6D0 6 KB
6 KB 26ms
26ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9323068409964209128?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2e80835247f13fceb8a4da11f8f27f1fa1693dcf47c8d5f1699bda402eef405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 13:53:09 GMT
x-content-type-options: nosniff
age: 555530
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5887
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 19:23:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Feb 2023 13:53:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F6D0 124 KB
38 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
H3 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkyFjWVAewA.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 1E8C 17 KB
17 KB 28ms
28ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkyFjWVAewA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3131314786063c25356e58697cbc14131dbb8d8b585e4a92b855f25d2eee09dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://extra.globo.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 23:23:37 GMT
x-content-type-options: nosniff
age: 521302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17360
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:15 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 23:23:37 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1E8C 0
0 63ms
62ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssDJo-yzWqAAIkpQBsNH-7HayVYS9XVh2DSQol9eZhnU81WRXSDWdCMO340cAiVeQeUDfAmcRsjOckEGcJ-L7OlCi6whSL2GCJNl8qR4ORZ4LXfLWQQQfKMt7TeAUfOBmK2vXRcfxcHBNmq4XbjIKoEGOw3S65mUXWBciyzjjOzNS7GfP2rBiygUwldnbakmkTg3pnJHDHdKqMYox7-qX20gJxZCAHagNoz2uuNylruHvSb10HsBbBEfMWpGGAzlWmbXcASiwitHRN7Wfs-bLYlzenXeis3SJ_JLKqH_Kt1T_dxLn-EGkSqnhxbAT9VV63qD-Eixlo&sig=Cg0ArKJSzJbMJ-aNK9YrEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:11:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
DATA 200
OK truncated
/ Frame 1E8C 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e589389b4846c13c743c77041e4b81c26a65cc7d43e26ed11935230875402949

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkyFjWVAewA.woff2
fonts.gstatic.com/s/opensans/v27/ Frame F6D0 17 KB
17 KB 28ms
28ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkyFjWVAewA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3131314786063c25356e58697cbc14131dbb8d8b585e4a92b855f25d2eee09dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://extra.globo.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 23:23:37 GMT
x-content-type-options: nosniff
age: 521302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17360
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:15 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 23:23:37 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F6D0 0
0 63ms
63ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYyZ1ZBz2tC6rLh6j6XMyeWW9dSTQiONbpN66ntl0P5V4Er7iKjNNr3zPeQBD95lGUWsNxZyB6AcKgXR5N2-2-3fSApNCMT2M0KndDe9xqoZqrtwOb6NHYdpoFtGo6oasKHPUhiM5B5Qz5lchyGw7sQw7oWOlr8s-Lg0nuJ-bpMKtsWt5tvR8Xqy_NtDhS-RKsfT6C54quHe5GoY7RPrWysVuwNAE9Ar8WVe3nI6B2TrayzW3j7r5eVGcSpnXKTFkDJqZUhuRsiNMjEK0uvsqAA1BOT18meK0IdYfvCzQQWYwmfrpdIPgxgODqDKM-YYlmFGI36Dc&sig=Cg0ArKJSzE_U2kXzb331EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:11:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
DATA 200
OK truncated
/ Frame F6D0 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a367c4de2984429c27a112b58a13c234a3ebbaad2e3ccf6f29ca4ac80da6155

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 54E5 0
0 63ms
62ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkcsRFb-3VZj4om11e55abK_O01ck0o_XhO9yBn-YgLv9j1mzBY0jpuAS5vxmg5szsn0wAvuOtHDHRiO2ltvTvQuLgJBORepoiC3m61HSc3vsX0UKnkrw4MD5X4JJzwaVv-4cZSsdQ-bvptIF1MGOYUsNqrb3SYgwTVShWTfKSJ92N6RT8CIYPvy71oKdvQjQYkPlkZ_MTQS8iG7DQAfDa3BJ4c6s-0x4_l7NZ7hsXbMb-Dis6qOwg4l8oa7EUxERbIyMrBMAjf-vAUdV9R9T2WELHW3DLtoMYRiY9pdz_bqD5JT6UQbKp9m15HGVLqd2mUnCt&sig=Cg0ArKJSzJfwDkXlTEWOEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:11:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 css
fonts.googleapis.com/ Frame 54E5 3 KB
626 B 33ms
33ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:700italic

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec9ad4872671a77bb72b759983ee8d0e6887999023f29c503251aa9d661275d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 00:11:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 00:11:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
H3 200 2799075611738569737
tpc.googlesyndication.com/simgad/ Frame 54E5 59 KB
59 KB 28ms
27ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2799075611738569737?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91697e16bd784ae65b47befe2709d9296b9745cf9291839bdc1298b118963be9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 14:05:49 GMT
x-content-type-options: nosniff
age: 554770
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60284
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 18:54:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Feb 2023 14:05:49 GMT

GET
H3 200 7467756921675858520
tpc.googlesyndication.com/simgad/ Frame 54E5 6 KB
6 KB 26ms
26ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7467756921675858520?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2e80835247f13fceb8a4da11f8f27f1fa1693dcf47c8d5f1699bda402eef405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 14:05:49 GMT
x-content-type-options: nosniff
age: 554770
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5887
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 18:55:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Feb 2023 14:05:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 54E5 124 KB
38 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:11:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 00:11:59 GMT

GET
H3 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkyFjWVAewA.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 54E5 17 KB
17 KB 28ms
28ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkyFjWVAewA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3131314786063c25356e58697cbc14131dbb8d8b585e4a92b855f25d2eee09dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://extra.globo.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 23:23:37 GMT
x-content-type-options: nosniff
age: 521303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17360
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:15 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 23:23:37 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 54E5 0
0 64ms
63ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7i8TDpTLYAQGO6SmTw7TRwsCHq_3-UIaAuHWyvT_KfBYV1zlsAAcOlbFMDMxnI6iblL8L0aZVZeb4XVCwlmoSsMdhVzXKhY_RHe6KRSf4KHmC-H3mqXfUbfOisYSqaCVXeSiI8Gisd5UVkL5ZHLroMY37iTP69wpcRZx0XLB8AcUMrv3NF0WHkcJ-6bidFi35CAVXxzQ6vFh8ny9LURaJkblGyb78ZGDpdWHyE9y7KmpwNQEtLy8agYNf5KmpHj_LTVcssyCjhWRbRo9I9jNk0WbCFdy1H54RCwZKItSRYU0XtfkKQWXb9pZbK2BL66i7FX46R3w&sig=Cg0ArKJSzFqyJqI9MBQFEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:12:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 15 Feb 2022 00:12:00 GMT

GET
DATA 200
OK truncated
/ Frame 54E5 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a2ebd6b58ccf306dee1486f799de725688afcc70bddb027ef1a9d36d21c2ef8

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

POST t
t.lkqd.net/ Frame 0922 0
0

OPTIONS t
t.lkqd.net/ Frame 0
0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 816E 0
0 64ms
63ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0XF_pdYNgUVTPzvsgZCYpsrD3X7VmPh-AfBTsXWeKV6TZWf2Q0z26vOwMXvtauVappq4T90If1TGBES6urbOO0bNkr7x-MAj0NGTp8_UUWioQDh_rNe06KqvYx0hs7J3tQDHxy--4tqZbnwPBLSx1C3hb9DfZj-9RTYXVUqHjbiqKt2D2rozf3sxfisoYFTeFWaaROigPZ1f3OJ9xpMif7YbmZa9OXakYtPY6DK0Xs_FADUEDUqdgV76I-vb0vIZoAJZOYTQ9feFO4Ww-6eA-Nh6LWK41OhNZMYTrIBLf4cWNsn9v1xIImheaOVUFUi8j9im1&sig=Cg0ArKJSzHRxckc44eLuEAE&uach_m=[UACH]&adurl=

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:12:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/ Frame 816E 19 KB
8 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

978a4e09113af1ad7a1240bd9239e18630abbf3819e74872d5c366105b487c4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7841
x-xss-protection: 0
server: cafe
etag: 5616804430205127715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 00:06:19 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/ Frame 816E 2 KB
1 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 23:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1697
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Feb 2022 23:43:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 816E 124 KB
38 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 00:12:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 816E 0
0 81ms
34ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR3XcApdD6PD_2SbwWSbfjFLn2o0jq1IBEXBp2OGWqVsh6imChOlQMMe6JQM_j0gnOgMcsiKbrEZmQhsmI9yOpOA8oJ4A
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 17986531562842308633
tpc.googlesyndication.com/simgad/ Frame 816E 141 KB
141 KB 28ms
28ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17986531562842308633

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc18369d60ce570e0b60bf16e5f97bc66eb69d4ba3fbe2faae5a4d54804599a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 12:30:33 GMT
x-content-type-options: nosniff
age: 560487
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144772
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 20:39:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Feb 2023 12:30:33 GMT

OPTIONS t
t.lkqd.net/ Frame 0
0

POST t
t.lkqd.net/ Frame EBE9 0
0

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame CC79 230 KB
61 KB 19ms
18ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:00 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 21:06:56 GMT
etag: "cca1f428155a1f13b17a4684f2c8ef1c"
x-hw: 1644883920.cds203.ml1.hn,1644883920.cds020.ml1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62015

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 816E 0
0 64ms
64ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss195WIYA9KitphKeBg7WPB1PFWr0qLjto_1GnC79rUhZTt2roi-xX3Z6HQi56YsPj66pT8bq8maMXWDS5Y5pT6bS3E3G8ijCtRLrv_gkH-ZBBrXCR51RAS0nBYkg7IIriuClc2U1WgFSEaHlzl68hnGSktPhntlKzCj1nQFg7qZRcEZFWilOGpCBn2oEw8eG6B982vf3jVlICfjncQx93cPpMWtE8MK5o0fh32mRuKL_4Fn_Z_YZLcFVKXAdqFHXJQFgOHzKuHRrVI93qE7bGlpAkILnY2tgVbCobjumLC-sVly8xuKoS-gOsoGYYmFB84nBj8xio&sig=Cg0ArKJSzMSThRofE6SSEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:12:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 15 Feb 2022 00:12:00 GMT

GET
DATA 200
OK truncated
/ Frame 816E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4024ee23a7ad173511bec9d5902c6a706f17f2694c21a2ca0831847acfbb02f6

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 98C4 5 KB
2 KB 19ms
18ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9

Response headers

date: Tue, 15 Feb 2022 00:12:00 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1644883920.cds203.ml1.hn,1644883920.cds223.ml1.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame CC79 46 KB
4 KB 153ms
152ms XHR
application/json 146.20.128.150
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fextra.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c5=&c6=59871&rnd=13533570&m=&rtv=1&thost=extra.globo.com
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: cdbcd99a9934fbbb3339141c9f06c0c8e27bfd58b9bd8c22b76e98397eeb5ceb

Request headers

Referer
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 15 Feb 2022 00:12:00 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://extra.globo.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 3955

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 342ms
112ms Preflight 146.20.128.150
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fextra.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c5=&c6=59871&rnd=13533570&m=&rtv=1&thost=extra.globo.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://extra.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 15 Feb 2022 00:12:00 GMT
content-length: 0
access-control-allow-origin: https://extra.globo.com
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 106ms
26ms Preflight 18.185.214.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.214.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-214-32.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://extra.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 15 Feb 2022 00:12:00 GMT
content-length: 0
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0648 0
0 64ms
63ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv01bJSd5VrkwWs-sMkmRfQzRWxc06XpsNnaBQQuVQScfJ2QgrjHN_-rdbJ0jQTP6mO0buHa9tDIM3fA0gKoCtanRIQMTrHej6ZTp_3oTyCPCw91RKeUX1E0jJw7y4X2gK1BcqzmUd5Y7ffzJI1ZU3nI6FmT1nGkhoYMgqzfPS5gsrSNjnrIDY8MyUQ5KehNDjVa4BL-NlfwXCN9lXM8fSmaZ6V6E-zlWAgkkiC7VX_Y8D5UOY5fxXyB-fQvD1_wn-E-KNn1qxgZNIq2FA3Ma5ifpdkhKt-1KxSXex_Wj6LFkSjMK2Jf8phpYBQr7k8PlK8PWfY&sig=Cg0ArKJSzNX4vNbqjeIDEAE&uach_m=[UACH]&adurl=

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:12:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/ Frame 0648 19 KB
8 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

978a4e09113af1ad7a1240bd9239e18630abbf3819e74872d5c366105b487c4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7841
x-xss-protection: 0
server: cafe
etag: 5616804430205127715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 00:06:19 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/ Frame 0648 2 KB
1 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 23:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1697
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Feb 2022 23:43:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0648 124 KB
38 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 00:12:00 GMT

GET
H3 200 15187806060486904385
tpc.googlesyndication.com/simgad/ Frame 0648 132 KB
132 KB 27ms
27ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15187806060486904385

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2fcf698cb793c1bb6fc096090cc0750dfc2df252140db912c02cc85ccfc32026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 15:19:08 GMT
x-content-type-options: nosniff
age: 550372
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135205
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 20:36:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Feb 2023 15:19:08 GMT

POST
H2 202 event Show response
prebid-a.rubiconproject.com/ 61 B
236 B 26ms
25ms XHR
application/json 18.185.214.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_extra.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.214.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-214-32.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 15 Feb 2022 00:12:00 GMT
content-length: 61
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json;charset=UTF-8

GET
H2 200 cs
cs.lkqd.net/ Frame 98C4 43 B
308 B 112ms
111ms Image
image/gif 146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:00 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 98C4 43 B
308 B 113ms
112ms Image
image/gif 146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:00 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 98C4 43 B
308 B 114ms
113ms Image
image/gif 146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:00 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 98C4 43 B
308 B 115ms
114ms Image
image/gif 146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:00 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 98C4
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3009117051563579705

43 B
308 B

111ms
111ms

Image
image/gif

146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3009117051563579705
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:00 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3009117051563579705
pragma: no-cache
date: Tue, 15 Feb 2022 00:11:59 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0648 0
0 64ms
64ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssODb02EEuXhBdLtWpGi2gjNIhMLn20sBukTNtxtA4TyzbcPcUgEQm1Lkg2kVpbFfl63qw9kJPdg1Qxc3_vHmrsr8YkWN7rgRoGfegt3t5BuxzYOnmwrsUtZtmoPv005e55VIgUe3vBFen-PN0IFnmyvsO_yGq6r5ABClFI7YAj9rdb-Me18mAatCTQoURRVHM-dFxzUoVzdZDNC8So6cGhzgUO_kejDkelWNiG3sDf8l_ALfpr0xbjziHvmkme4jU8yAcERTf5bxf3gDd0VfDxfXLiMrsnmpNXzLyqwzfh_51lN2Eb9VQrVI1ZN9-UXmErxbRajQw&sig=Cg0ArKJSzHSs3RqLjdPhEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:12:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 15 Feb 2022 00:12:00 GMT

GET
DATA 200
OK truncated
/ Frame 0648 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e0aa7d434bd63b39e952fbef17a3758451186ff98c304298746714b979c9425

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

POST t
t.lkqd.net/ Frame B6CD 0
0

OPTIONS t
t.lkqd.net/ Frame 0
0

GET
H2 200 optout_check Show response
beacon.krxd.net/ 78 B
237 B 52ms
52ms Script
text/javascript 52.49.5.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.globo.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.5.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-5-47.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 28bd32c39fcd86624af44163c6f0d8bced7b259f5f03a7742487a1a18d997301

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:00 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=38 t=1644883920
x-served-by: beacon-n004-dub-prod.krxd.net
content-type: text/javascript

GET
H2 200 get Show response
cdn.krxd.net/userdata/ 353 B
495 B 120ms
120ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/userdata/get?pub=5007d44e-09d1-49b7-8c99-6b1cc38c3cbc&technographics=1&callback=Krux.ns.globo.kxjsonp_userdata
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7e9e7e00b835fda7376457e3aa912a51c3718e07b5fc4503db715da955ebfdcd

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date: Tue, 15 Feb 2022 00:12:00 GMT
content-encoding: gzip
age: 0
x-served-by: userdata-a005-ash-prod.krxd.net, cache-mxp6922-MXP
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript
via: 1.1 varnish
cache-control: private, max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1644883921.597963,VS0,VE104
content-length: 266
x-cache-hits: 0, 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 102ms
42ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022020901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

018ea79ad5734f2b7015a96c63a4765dc48537478c2e66a35756d8fca51ee2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:12:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9726
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 49DD 42 B
174 B 111ms
60ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssdSMoqnTq0XHgTgZl0xuLFNxqpKdfXICESRA-N2G8riTCuiNwDDq-dTqABrf5pMoliP-zmS-EpKpzzRa9yhTfvV7qMI2MOOlGL_ElTnWKOw-ucH98N&sig=Cg0ArKJSzL7oW0zCR6qDEAE&id=lidar2&mcvt=1054&p=872,969,1172,1271&mtos=818,1054,1054,1054,1054&tos=818,236,0,0,0&v=20220214&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=628334461&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644883921211&rpt=81&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:12:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5007d44e-09d1-49b7-8c99-6b1cc38c3cbc Show response
consumer.krxd.net/consent/get/ 220 B
308 B 54ms
53ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_1
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 18df0ea3aa4c78c5b61a3b246ce8ed5c5812252dd4b1171b696d705942207ccb

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:00 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a011-dub-prod.krxd.net, cache-mxp6976-MXP
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1644883921.662616,VS0,VE38
content-length: 185
x-cache-hits: 0, 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 00:12:00 GMT

GET
H3 200 467226423720066 Show response
connect.facebook.net/signals/config/ 308 KB
87 KB 35ms
34ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/467226423720066?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

40ee4b760234054fa1944ccc1d7ca10ddc13291c92dda30669cee1bf5ada6c01

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89564
x-xss-protection: 0
pragma: public
x-fb-debug: 6mJyq78xA682ps7slFpuGONDd4uUC01fphgpNnYmuLuZoRMBL5LSbipYKP1HO4UZqtbBif7tOj7VO3XNeTAu0w==
x-frame-options: DENY
date: Tue, 15 Feb 2022 00:12:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9339 13 KB
5 KB 26ms
26ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Feb 2022 23:31:01 GMT
expires: Tue, 14 Feb 2023 23:31:01 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 2459
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CC9F 783 B
535 B 36ms
36ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d2e3d35f2efa9d94a39e43ca11fc07dcd5419ea525c5ecae318ff184ae8b390b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rXoABGyqlT83eKyPYgCtFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 15 Feb 2022 00:12:00 GMT
date: Tue, 15 Feb 2022 00:12:00 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-rXoABGyqlT83eKyPYgCtFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 41ms
41ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2098794280156062&ev=PageView&dl=https%3A%2F%2Fextra.globo.com%2F&rl=&if=false&ts=1644883922532&sw=1600&sh=1200&v=2.9.52&r=stable&ec=3&o=30&fbp=fb.1.1644883919002.138857693&it=1644883918783&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:00 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 15 Feb 2022 00:12:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 41ms
41ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=467226423720066&ev=PageView&dl=https%3A%2F%2Fextra.globo.com%2F&rl=&if=false&ts=1644883922533&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1644883919002.138857693&it=1644883918783&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:00 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 15 Feb 2022 00:12:00 GMT

GET
H2 204 pixel.gif
beacon.krxd.net/ 0
337 B 52ms
52ms Image
text/plain 52.49.5.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=sexqhznbn&_kpid=5007d44e-09d1-49b7-8c99-6b1cc38c3cbc&_kcp_s=Infoglobo&_kcp_d=extra.globo.com&_knifr=27&_kua_kx_tz=0&geo_country=it&geo_region=gr&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kxuser=w47uduku6&_kua_glbdt_utype=anonymous&_kua_dmp_globo_id=5279385924215879003&_kua_kx_tech_browser=Chrome%209&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=it&_kua_kx_geo_region=gr&_kua_kx_whistle=0&_kpa_meta_keywordsDELIM=%2C&_kpa_kx_context_terms=Nu7TXY_T%3A1%2CNu7TT62z%3A3%2CNu7TUgYP%3A1%2CNu7TXc5X%3A1&_kpa_title=Extra%20-%20Extra%20Online&_kpa_full_path=extra.globo.com%2F&_kpa_subdomain=extra&_kpa_domain=globo&_kpa_utag_editoria=capa&_kpa_utag_page_type=home&_kpa_utag_produto=Extra&_kpa_browser_name=Chrome&t_navigation_type=0&t_dns=6&t_tcp=672&t_http_request=-1&t_http_response=661&t_content_ready=3450&t_window_load=7328&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=w47uduku6&userdata_user=OqbfsrWQ%2Cw47uduku6&sview=1&kplt0=19929&kplt1=19930&kplt2=19936&kplt3=27202&kplt4=30153&kplt5=32767&kplt6=35254&kplt7=38352&kplt8=38515&kplt9=43900&kplt11=46183&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F5007d44e-09d1-49b7-8c99-6b1cc38c3cbc%2C86%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C66%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C123%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F5007d44e-09d1-49b7-8c99-6b1cc38c3cbc%2C56
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.5.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-5-47.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:00 GMT
cache-control: private, no-cache, no-store
x-request-time: D=53 t=1644883920
x-served-by: beacon-n011-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 av Show response
vidoomy-d.openx.net/v/1.0/ Frame 1066 48 B
345 B 92ms
36ms XHR
text/xml 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fextra.globo.com%2F&cb=965005671&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C817834771189020030752512119,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:12:00 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://extra.globo.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ Frame 1066 67 B
1 KB 138ms
41ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=http%3A%2F%2Fextra.globo.com%2F&cb=1945820333&player_width=400&player_height=225&regs[gdpr]=&user[consent]=&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C1697940048178347711890200307%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 00:12:00 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.001241
X-SpotX-Timing-SpotMarket: 0.004329
X-SpotX-Timing-Page-Mux: 0.000760
X-SpotX-Timing-Page-Require: 0.000337
X-fe: 087
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000002
Content-Length: 77
X-SpotX-Timing-Page: 0.008551
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000268
Last-Modified: Tue, 15 Feb 2022 00:12:00 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.004329
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://extra.globo.com
X-SpotX-Timing-Page-Misc: 0.001604
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000009
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ Frame 1066 67 B
1 KB 148ms
45ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=http%3A%2F%2Fextra.globo.com%2F&cb=789560098&player_width=400&player_height=225&regs[gdpr]=&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C81783477118902003071275161806%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 00:12:00 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000247
X-SpotX-Timing-SpotMarket: 0.005275
X-SpotX-Timing-Page-Mux: 0.000922
X-SpotX-Timing-Page-Require: 0.000352
X-fe: 049
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000003
Content-Length: 77
X-SpotX-Timing-Page: 0.008627
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000314
Last-Modified: Tue, 15 Feb 2022 00:12:00 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.005275
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://extra.globo.com
X-SpotX-Timing-Page-Misc: 0.001505
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000009
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 1066 986 B
864 B 152ms
28ms XHR
application/xml 2.21.141.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=http%3A%2F%2Fextra.globo.com%2F&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C8178347711890200307604084722%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-175.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 314ce513a2cbc1141a5d1f04cc5b89877b3213fbabb393e995fdb4c95747abd0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:12:01 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://extra.globo.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 606
expires: Tue, 15 Feb 2022 00:12:01 GMT

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 1066 987 B
864 B 150ms
28ms XHR
application/xml 2.21.141.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=http%3A%2F%2Fextra.globo.com%2F&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C17391930088178347711890200307%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-175.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 6cb2d7e78ec382d7997a07737aaa5a9eee98e7ca5ad4bad7990ef22285cae03b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:12:01 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://extra.globo.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 606
expires: Tue, 15 Feb 2022 00:12:01 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 1066 1 KB
2 KB 40ms
40ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C81783477118902003071424549897%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2ed5457c2a0bd5b32525e4aa37e7e431cabd0c7a7ade01bc48cccc80dfa0ef7d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 00:12:00 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://extra.globo.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1190
x-sticky-vk: 1644883920691040-351
Expires: Tue, 15 Feb 2022 00:12:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CC9F 0
0 118ms
74ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022020901&jk=3270257099969328&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 PUCLGob25V5To4ZA0QrG8QFJpfKRC6B4XbMmUjSZFR8.js Show response
pagead2.googlesyndication.com/bg/ Frame 9339 35 KB
13 KB 67ms
26ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PUCLGob25V5To4ZA0QrG8QFJpfKRC6B4XbMmUjSZFR8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d408b1a86f6e55e53a38640d10ac6f10149a5f2910ba0785db326523499151f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 22:57:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4481
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13483
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Feb 2023 22:57:19 GMT

GET
H3 200 integrator.js Show response
adservice.google.it/adsid/ 107 B
122 B 81ms
36ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.js?domain=extra.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:12:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 68ms
35ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=extra.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:12:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 248ms
247ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3270257099969328&correlator=2573143709124977&output=ldjh&eid=31061814%2C44758228&output=ldjh&gdfp_req=1&vrg=2022020901&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=85042905%2Cinfo.web.extra%2Chome%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&prev_scp=Info.Topico%3D%26Editora.random%3D10%26Editora.pos%3DTop&eri=1&cust_params=ognCluster%3D%26kuid%3D&cookie=ID%3Dea9c3b3085a38466%3AT%3D1644883919%3AS%3DALNI_MalIQFSJzvkCv-nqvGKDlksBel4rg&bc=31&abxe=1&dt=1644883922681&lmt=1644883922&dlt=1644883915875&idt=2709&frm=20&biw=1600&bih=1200&oid=2&adxs=970&adys=553&adks=436965826&ucis=e&ifi=14&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fextra.globo.com%2F&vis=1&scr_x=0&scr_y=0&psz=336x1439&msz=300x26&psts=AGkb-H8YO6F9V3d3wL49ZV0OZQnBQTxtnkWP35Do4XGS3j20E4mSLgxawlLeiHcGPavOnPEomKQ5v-04EeZTHOh4GGkv1ox-NsDH%2CAGkb-H87AIpWM1_I248gaWOQmQTTDXmqU9GroUtx9SNluhjJwlz8bSTOOAgoQF9UmzqI3yi_vrQVYQ8i7A3MMSrUooM0Jx9TE5Eo%2CAGkb-H88qq-kc9JSaO1BUGuZ8PX3uVXTT1EvK3N9bHIpFgDJ1JncKVaVYXms7J6LSSZ__3nliRK14VGvFTi3bvBWFLvm7HWg9-h1%2CAGkb-H_tnlq_j0pSH1QARYLHi_R-S-kcD_LfZ7LLh4CLuEIXn34rnI_4aGdsjy1sKaLrMMjsudZpj--ifn7jX_1EsHHdHW3ZfwMq%2CAGkb-H8Y3JGf8FpZZAunbuiu0VBwGWqvcbWESa9g015Jj9-BneRkWTOmPJ0pEab0n-Ij80plKYjjbEF6O3wgmD6UHUuG30FohHg6%2CAGkb-H8FLUsziN9AYRx2QrMJIxVMrkMXmJ276gio7mhPt4w84Bc0xIc3rqh1tQXFo9YTqpT1sJRjmFMDWq61DGrXvLxJogTA4_VL%2CAGkb-H9EiySAGBXDBGkzLcrakxXCk2a-wh9gZpsMmGIzapgCTbWhrJ6XIdsMfezmMhs_G-Xn3OxtuHJaxMaFis7bL8OhGryCrzQz%2CAGkb-H_F091kBazu0s4ZvRgccS9KtYvBn0jMjES4BNHsHHm6MoaVe66kM0EEje4HzYj8OQzu_Jg4lmzEeGEXvWUsLvGlMGxSJgld%2CAGkb-H8j8AogoSa7kIQRpZxqTKdaqfYeccw4c8wKdKarv7qkpfWk0VfuxO3oH3l0MMp25sozq626GGlgs26cyPZLZz9lxU0vfZJU%2CAGkb-H87rpM11pLWcSKSB-kYtcudjXIr5IwtMyucnrwQGd82LAA5Z5IoANNrd1u6uazRGUqli7H2MMj_yX0d2_Rkf9lRwKUzh9ub%2CAGkb-H_83CGA7YHyJRRfCBt7bJOidcVeaD3RXmZAY-TkbPmAKNbaoZRmJ5uVTOTaZU-hnarLK5mo3IfuOPGKUlBMk1zrW3aSjKHv%2CAGkb-H-bb_22niwlhRRnJW96otCFgOYhMe0AcZ25TiO8XKwXf4Uv1eyfnb2I-Www6i32EsGX4L7gnkHr82_e20rXkhusoWcZIq8J%2CAGkb-H8H1h8Uj8Z__B1EV5Ur0UHa5s81EBAS9lWnelUd7t77QgDYRBHeZPHqijis_uRX2FxKk4lBTJCDi_IeV6qZwGJHZLnjOHtq&ga_vid=1323511657.1644883919&ga_sid=1644883921&ga_hid=47975251&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f12131bd50f4c28e12255ea8b79982a4de6473ddf99b6a3493aa7c799880ec5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9176
x-xss-protection: 0
google-lineitem-id: 5906309686
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138381129613
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://extra.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 284ms
283ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3270257099969328&correlator=766296943519283&output=ldjh&eid=31061814%2C44758228&output=ldjh&gdfp_req=1&vrg=2022020901&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=85042905%2Cinfo.web.extra%2Chome%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&prev_scp=Info.Topico%3D%26Editora.random%3D10%26Editora.pos%3DMiddle&eri=1&cust_params=ognCluster%3D%26kuid%3D&cookie=ID%3Dea9c3b3085a38466%3AT%3D1644883919%3AS%3DALNI_MalIQFSJzvkCv-nqvGKDlksBel4rg&bc=31&abxe=1&dt=1644883922685&lmt=1644883922&dlt=1644883915875&idt=2709&frm=20&biw=1600&bih=1200&oid=2&adxs=970&adys=834&adks=1683993998&ucis=f&ifi=15&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fextra.globo.com%2F&vis=1&scr_x=0&scr_y=0&psz=336x1439&msz=300x26&psts=AGkb-H8YO6F9V3d3wL49ZV0OZQnBQTxtnkWP35Do4XGS3j20E4mSLgxawlLeiHcGPavOnPEomKQ5v-04EeZTHOh4GGkv1ox-NsDH%2CAGkb-H87AIpWM1_I248gaWOQmQTTDXmqU9GroUtx9SNluhjJwlz8bSTOOAgoQF9UmzqI3yi_vrQVYQ8i7A3MMSrUooM0Jx9TE5Eo%2CAGkb-H88qq-kc9JSaO1BUGuZ8PX3uVXTT1EvK3N9bHIpFgDJ1JncKVaVYXms7J6LSSZ__3nliRK14VGvFTi3bvBWFLvm7HWg9-h1%2CAGkb-H_tnlq_j0pSH1QARYLHi_R-S-kcD_LfZ7LLh4CLuEIXn34rnI_4aGdsjy1sKaLrMMjsudZpj--ifn7jX_1EsHHdHW3ZfwMq%2CAGkb-H8Y3JGf8FpZZAunbuiu0VBwGWqvcbWESa9g015Jj9-BneRkWTOmPJ0pEab0n-Ij80plKYjjbEF6O3wgmD6UHUuG30FohHg6%2CAGkb-H8FLUsziN9AYRx2QrMJIxVMrkMXmJ276gio7mhPt4w84Bc0xIc3rqh1tQXFo9YTqpT1sJRjmFMDWq61DGrXvLxJogTA4_VL%2CAGkb-H9EiySAGBXDBGkzLcrakxXCk2a-wh9gZpsMmGIzapgCTbWhrJ6XIdsMfezmMhs_G-Xn3OxtuHJaxMaFis7bL8OhGryCrzQz%2CAGkb-H_F091kBazu0s4ZvRgccS9KtYvBn0jMjES4BNHsHHm6MoaVe66kM0EEje4HzYj8OQzu_Jg4lmzEeGEXvWUsLvGlMGxSJgld%2CAGkb-H8j8AogoSa7kIQRpZxqTKdaqfYeccw4c8wKdKarv7qkpfWk0VfuxO3oH3l0MMp25sozq626GGlgs26cyPZLZz9lxU0vfZJU%2CAGkb-H87rpM11pLWcSKSB-kYtcudjXIr5IwtMyucnrwQGd82LAA5Z5IoANNrd1u6uazRGUqli7H2MMj_yX0d2_Rkf9lRwKUzh9ub%2CAGkb-H_83CGA7YHyJRRfCBt7bJOidcVeaD3RXmZAY-TkbPmAKNbaoZRmJ5uVTOTaZU-hnarLK5mo3IfuOPGKUlBMk1zrW3aSjKHv%2CAGkb-H-bb_22niwlhRRnJW96otCFgOYhMe0AcZ25TiO8XKwXf4Uv1eyfnb2I-Www6i32EsGX4L7gnkHr82_e20rXkhusoWcZIq8J%2CAGkb-H8H1h8Uj8Z__B1EV5Ur0UHa5s81EBAS9lWnelUd7t77QgDYRBHeZPHqijis_uRX2FxKk4lBTJCDi_IeV6qZwGJHZLnjOHtq&ga_vid=1323511657.1644883919&ga_sid=1644883921&ga_hid=47975251&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e80fa68ec7d21096210d0001fbcd423afabcf159e562d90458e90b021b6b7362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9184
x-xss-protection: 0
google-lineitem-id: 5906309686
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138381129613
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://extra.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 96 KB
26 KB 286ms
285ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3270257099969328&correlator=4037271941846266&output=ldjh&eid=31061814%2C44758228&output=ldjh&gdfp_req=1&vrg=2022020901&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=85042905%2Cinfo.web.extra%2Chome%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x100&prev_scp=Info.Topico%3D%26Editora.random%3D2%26Editora.pos%3DTop&eri=1&cust_params=ognCluster%3D%26kuid%3D&cookie=ID%3Dea9c3b3085a38466%3AT%3D1644883919%3AS%3DALNI_MalIQFSJzvkCv-nqvGKDlksBel4rg&bc=31&abxe=1&dt=1644883922687&lmt=1644883922&dlt=1644883915875&idt=2709&frm=20&biw=1600&bih=1200&oid=2&adxs=970&adys=876&adks=3886800983&ucis=g&ifi=16&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fextra.globo.com%2F&vis=1&scr_x=0&scr_y=0&psz=336x1439&msz=300x26&psts=AGkb-H8YO6F9V3d3wL49ZV0OZQnBQTxtnkWP35Do4XGS3j20E4mSLgxawlLeiHcGPavOnPEomKQ5v-04EeZTHOh4GGkv1ox-NsDH%2CAGkb-H87AIpWM1_I248gaWOQmQTTDXmqU9GroUtx9SNluhjJwlz8bSTOOAgoQF9UmzqI3yi_vrQVYQ8i7A3MMSrUooM0Jx9TE5Eo%2CAGkb-H88qq-kc9JSaO1BUGuZ8PX3uVXTT1EvK3N9bHIpFgDJ1JncKVaVYXms7J6LSSZ__3nliRK14VGvFTi3bvBWFLvm7HWg9-h1%2CAGkb-H_tnlq_j0pSH1QARYLHi_R-S-kcD_LfZ7LLh4CLuEIXn34rnI_4aGdsjy1sKaLrMMjsudZpj--ifn7jX_1EsHHdHW3ZfwMq%2CAGkb-H8Y3JGf8FpZZAunbuiu0VBwGWqvcbWESa9g015Jj9-BneRkWTOmPJ0pEab0n-Ij80plKYjjbEF6O3wgmD6UHUuG30FohHg6%2CAGkb-H8FLUsziN9AYRx2QrMJIxVMrkMXmJ276gio7mhPt4w84Bc0xIc3rqh1tQXFo9YTqpT1sJRjmFMDWq61DGrXvLxJogTA4_VL%2CAGkb-H9EiySAGBXDBGkzLcrakxXCk2a-wh9gZpsMmGIzapgCTbWhrJ6XIdsMfezmMhs_G-Xn3OxtuHJaxMaFis7bL8OhGryCrzQz%2CAGkb-H_F091kBazu0s4ZvRgccS9KtYvBn0jMjES4BNHsHHm6MoaVe66kM0EEje4HzYj8OQzu_Jg4lmzEeGEXvWUsLvGlMGxSJgld%2CAGkb-H8j8AogoSa7kIQRpZxqTKdaqfYeccw4c8wKdKarv7qkpfWk0VfuxO3oH3l0MMp25sozq626GGlgs26cyPZLZz9lxU0vfZJU%2CAGkb-H87rpM11pLWcSKSB-kYtcudjXIr5IwtMyucnrwQGd82LAA5Z5IoANNrd1u6uazRGUqli7H2MMj_yX0d2_Rkf9lRwKUzh9ub%2CAGkb-H_83CGA7YHyJRRfCBt7bJOidcVeaD3RXmZAY-TkbPmAKNbaoZRmJ5uVTOTaZU-hnarLK5mo3IfuOPGKUlBMk1zrW3aSjKHv%2CAGkb-H-bb_22niwlhRRnJW96otCFgOYhMe0AcZ25TiO8XKwXf4Uv1eyfnb2I-Www6i32EsGX4L7gnkHr82_e20rXkhusoWcZIq8J%2CAGkb-H8H1h8Uj8Z__B1EV5Ur0UHa5s81EBAS9lWnelUd7t77QgDYRBHeZPHqijis_uRX2FxKk4lBTJCDi_IeV6qZwGJHZLnjOHtq&ga_vid=1323511657.1644883919&ga_sid=1644883921&ga_hid=47975251&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db7e0d52867cf0110b0b900b9401a11e3447c458f6d6d4c09fc152d401c4305a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26131
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://extra.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
8 KB 254ms
254ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3270257099969328&correlator=2857902527307351&output=ldjh&eid=31061814%2C44758228&output=ldjh&gdfp_req=1&vrg=2022020901&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=85042905%2Cinfo.web.extra%2Chome%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600&prev_scp=Info.Topico%3D%26Editora.random%3D7%26Editora.pos%3DTop&eri=1&cust_params=ognCluster%3D%26kuid%3D&cookie=ID%3Dea9c3b3085a38466%3AT%3D1644883919%3AS%3DALNI_MalIQFSJzvkCv-nqvGKDlksBel4rg&bc=31&abxe=1&dt=1644883922690&lmt=1644883922&dlt=1644883915875&idt=2709&frm=20&biw=1600&bih=1200&oid=2&adxs=970&adys=1336&adks=673342213&ucis=h&ifi=17&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fextra.globo.com%2F&vis=1&scr_x=0&scr_y=0&psz=336x1439&msz=300x26&psts=AGkb-H8YO6F9V3d3wL49ZV0OZQnBQTxtnkWP35Do4XGS3j20E4mSLgxawlLeiHcGPavOnPEomKQ5v-04EeZTHOh4GGkv1ox-NsDH%2CAGkb-H87AIpWM1_I248gaWOQmQTTDXmqU9GroUtx9SNluhjJwlz8bSTOOAgoQF9UmzqI3yi_vrQVYQ8i7A3MMSrUooM0Jx9TE5Eo%2CAGkb-H88qq-kc9JSaO1BUGuZ8PX3uVXTT1EvK3N9bHIpFgDJ1JncKVaVYXms7J6LSSZ__3nliRK14VGvFTi3bvBWFLvm7HWg9-h1%2CAGkb-H_tnlq_j0pSH1QARYLHi_R-S-kcD_LfZ7LLh4CLuEIXn34rnI_4aGdsjy1sKaLrMMjsudZpj--ifn7jX_1EsHHdHW3ZfwMq%2CAGkb-H8Y3JGf8FpZZAunbuiu0VBwGWqvcbWESa9g015Jj9-BneRkWTOmPJ0pEab0n-Ij80plKYjjbEF6O3wgmD6UHUuG30FohHg6%2CAGkb-H8FLUsziN9AYRx2QrMJIxVMrkMXmJ276gio7mhPt4w84Bc0xIc3rqh1tQXFo9YTqpT1sJRjmFMDWq61DGrXvLxJogTA4_VL%2CAGkb-H9EiySAGBXDBGkzLcrakxXCk2a-wh9gZpsMmGIzapgCTbWhrJ6XIdsMfezmMhs_G-Xn3OxtuHJaxMaFis7bL8OhGryCrzQz%2CAGkb-H_F091kBazu0s4ZvRgccS9KtYvBn0jMjES4BNHsHHm6MoaVe66kM0EEje4HzYj8OQzu_Jg4lmzEeGEXvWUsLvGlMGxSJgld%2CAGkb-H8j8AogoSa7kIQRpZxqTKdaqfYeccw4c8wKdKarv7qkpfWk0VfuxO3oH3l0MMp25sozq626GGlgs26cyPZLZz9lxU0vfZJU%2CAGkb-H87rpM11pLWcSKSB-kYtcudjXIr5IwtMyucnrwQGd82LAA5Z5IoANNrd1u6uazRGUqli7H2MMj_yX0d2_Rkf9lRwKUzh9ub%2CAGkb-H_83CGA7YHyJRRfCBt7bJOidcVeaD3RXmZAY-TkbPmAKNbaoZRmJ5uVTOTaZU-hnarLK5mo3IfuOPGKUlBMk1zrW3aSjKHv%2CAGkb-H-bb_22niwlhRRnJW96otCFgOYhMe0AcZ25TiO8XKwXf4Uv1eyfnb2I-Www6i32EsGX4L7gnkHr82_e20rXkhusoWcZIq8J%2CAGkb-H8H1h8Uj8Z__B1EV5Ur0UHa5s81EBAS9lWnelUd7t77QgDYRBHeZPHqijis_uRX2FxKk4lBTJCDi_IeV6qZwGJHZLnjOHtq&ga_vid=1323511657.1644883919&ga_sid=1644883921&ga_hid=47975251&ga_fc=true&fws=0&ohw=0&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

020b70f64f3ae49b943007d72e547f8d3dc60f340bce817d8afd0a8f85a9262d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8528
x-xss-protection: 0
google-lineitem-id: 5770660547
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138360277617
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://extra.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS t
t.lkqd.net/ Frame 0
0

POST t
t.lkqd.net/ Frame B6CD 0
0

GET generate_204
tpc.googlesyndication.com/ Frame 9339 0
0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 61ms
60ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022020901&jk=3270257099969328&bg=!5uWl5aHNAAbAtJCDwLQ7ACkAdvg8WnFk7hgE2cwLGhO0zI6KtqLobPj8JR4FgEVDTZIFBBzz4If6SgIAAAB2UgAAAAJoAQeZAtEB1mpS_Hv5GLLBuDSpHvCiD-qMk1nm0NX3cQMu1ONvFS5c6nEZzXqSWuas8ja1iAoDm0MKjNE0twlLjLPpuE3kNBSEsNxzqS3CvNbPlRCN3G6HLwKB-BXojSPDjCM0_x05yP-6TT75LmC9J-vb4wSEcAZp9VVU1b5keX5NpazdTxjZPaaUVqC-XpTSGxUADw08qYrqE6nce1trD4makFZbtBmp_kN_dNRndopPwUbxb6QT6FUrxoH1cvHvilaZNJYcgqO0byT__1ZsKLCRzb4u1-o5QkCy677hyzqNjRqoYt7BdjOIUiu1S6uvyyayu0HNf-UjPUYYHKA5FI7j6pnmafQ6f6ourPVhVpgUuhlddG9pj3gKKZcIahdUZcFQlltdVPMdROqZtjdaq0ZYCE5Z4wkR5bNJzeX5Ut_mlTundhshUPiJE7VLNBGixPAyLJE-DIpSkz7Ley6jjclYaTR2Xro-cfYEjisXXlbOPKV13t963Uejd2G-Y4vEdbB--tx28Yc9s4fTaYLeNy_FVox-rH3tSP7g8bv5zkoK5ZfIEu6ktFqQz3Ms_KZxVFdPObP0V7fR8z4g5bDLX1_MuFrnkTiP0L__-HK5LpB26hI9AELzkCnE1mFTHFsBMp-RIdVNElA9Sv51dEmLESnDto1jDuw7ozFzNE2PQ5CFL0vlxM5Qpffd8ULjn8kafve1q0J1NYoPT5zO346QoprW-Uwpb4JTxhXXZC6laJAnNhulnLyQqi8KAMlPeAZ3a7pha72WOf-Uo5oSI5sOSv9OM_DZpeM3z7nfQz_HutnuD2YWverdTAD8QBzV9DkzhOseVuGASius5mpHO3uJ2wGfyXOdNchbby9X3Uv2fI11DBpva_rtKp_8sXcZjxEjAarfzcG0DdQVfGyEXGvTBP-M9BS4vDc4KO_tZ3wu_L_c_CDHpWeVIFR0ybPeyyVx0LTAQzUh

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:12:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2BCD 6 KB
3 KB 26ms
25ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Feb 2022 00:11:59 GMT
expires: Wed, 15 Feb 2023 00:11:59 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 43C4 0
0 67ms
66ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsudcMC7i-2RLaBhD-PZWed6DXrgwV1QkemIgX78ka8eVtGJvwgUtPahTDpW1aK3LPhVHSuPSZ9lptY8JhB6dK4ngN8tBQioYUxagfucv1-KrKlODhQScEU8cUeqbtvnAFCmsokHk-bqIzmcHSXOvNHHnSsyrI0otNOZnG5pP2Zc4Vqv371KS8kC57HY-3q4aXZlRYuAH2bgRTJAqcJVTkTIT84YVj8osUMBYQ3e2HRxsznboztAhLx-T_s3mKFrp69FxM9hRzmFm6BnnBdnx7QA0x2FLpPEwIAEzeP0miffP7RXlpMVSmC7JM9irv9Q_Gk32q5fotOb&sig=Cg0ArKJSzMu27K7gu2L4EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:12:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 43C4 80 KB
27 KB 39ms
39ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20e444ad9afddbb840d085e8d74dd17b33ff9b4aa2e1810b0bbbdf7931e2f415

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27173
x-xss-protection: 0
server: sffe
etag: "1132 / 563 of 1000 / last-modified: 1644879984"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 15 Feb 2022 00:12:01 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/157163/4983/ Frame 43C4 382 KB
114 KB 33ms
25ms Script
text/javascript 2.21.141.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4983/pwt.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-175.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4d4c883024307c7c11001a48be184187b55042a0bae3f7a69c0838fce3147d59

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:01 GMT
content-encoding: gzip
last-modified: Fri, 10 Dec 2021 01:36:05 GMT
server: Apache/2.2.15 (CentOS)
etag: "16a146e-5f76b-5d2c0bf19bd58"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=56078
accept-ranges: bytes
content-type: text/javascript
content-length: 115768
expires: Tue, 15 Feb 2022 15:46:39 GMT

GET
H/1.1 200
OK owHCMR.js Show response
s3.amazonaws.com/script-tags/ Frame 43C4 14 KB
14 KB 564ms
206ms Script
application/javascript 52.217.175.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/script-tags/owHCMR.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.175.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 85cf50a8a89c2a0327940e6a7bf5430d5e88572cb78dd8e2ce96707c9d1dd7fa

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 00:12:02 GMT
Last-Modified: Thu, 27 Jan 2022 19:32:06 GMT
Server: AmazonS3
x-amz-request-id: M5G798VXFT589SMD
ETag: "7ebf02f13e8b32bffbc7ba9bca4d374d"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 14383
x-amz-id-2: NF7GTqRHhIusEv46wKxro2hxglB+qzaq6O+UU4QaKgqfDsBakALBhN0i5wRUJ65W4/+LNgkE4hI=

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 43C4 124 KB
38 KB 264ms
264ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 00:12:01 GMT

GET
H3 200 container.html Show response
93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 90D9 6 KB
3 KB 26ms
25ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Feb 2022 00:11:59 GMT
expires: Wed, 15 Feb 2023 00:11:59 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5A0A 6 KB
3 KB 25ms
25ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Feb 2022 00:11:59 GMT
expires: Wed, 15 Feb 2023 00:11:59 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css2
fonts.googleapis.com/ Frame 2BCD 782 B
391 B 34ms
33ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=DM+Serif+Display&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2b01a47de40cec4bb5028f00cd518997027be47f211bedb95e675efbf406ff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 23:01:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 00:12:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 00:12:01 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 2BCD 22 KB
7 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com
URL: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 12:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Feb 2023 12:26:12 GMT

GET
H3 200 14511403809490444550
tpc.googlesyndication.com/simgad/ Frame 2BCD 49 KB
50 KB 27ms
27ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14511403809490444550?

Requested by

Host: 93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com
URL: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11a62ec71e1521c1642efc4523bf1a09e7ec08eece3d7df225f4f5341e87ef48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:08:39 GMT
x-content-type-options: nosniff
age: 443002
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50655
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 15:38:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 Feb 2023 21:08:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2BCD 124 KB
38 KB 246ms
246ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com
URL: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 00:12:01 GMT

GET
H3 200 pubads_impl_2022020901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 43C4 357 KB
120 KB 27ms
27ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a4fd9dc6db644313269ca0055f0cef11c1361c8879480f45393332ae2c8e027

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 22:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4485
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122359
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 09:36:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 14 Feb 2023 22:57:16 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 28ms
27ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=467226423720066&ev=Microdata&dl=https%3A%2F%2Fextra.globo.com%2F&rl=&if=false&ts=1644883923050&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20Extra%20-%20Extra%20Online%20%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22url%22%3A%22http%3A%2F%2Fextra.globo.com%2F%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22http%3A%2F%2Fextra.globo.com%2F%3Fs%3D%7Bsearch_term%7D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1644883919002.138857693&it=1644883918783&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 15 Feb 2022 00:12:01 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 90D9 782 B
391 B 34ms
33ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=DM+Serif+Display&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2b01a47de40cec4bb5028f00cd518997027be47f211bedb95e675efbf406ff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 00:12:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 00:12:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 00:12:01 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 90D9 22 KB
7 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com
URL: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 12:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Feb 2023 12:26:12 GMT

GET
H3 200 14511403809490444550
tpc.googlesyndication.com/simgad/ Frame 90D9 49 KB
50 KB 27ms
26ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14511403809490444550?

Requested by

Host: 93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com
URL: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11a62ec71e1521c1642efc4523bf1a09e7ec08eece3d7df225f4f5341e87ef48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:08:39 GMT
x-content-type-options: nosniff
age: 443002
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50655
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 15:38:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 Feb 2023 21:08:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 90D9 124 KB
38 KB 186ms
186ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com
URL: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 00:12:01 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5A0A 8 KB
888 B 36ms
35ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com
URL: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 23:05:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 00:12:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 00:12:01 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/ Frame 5A0A 1 KB
879 B 26ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com
URL: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 00:04:47 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5A0A 0
0 72ms
72ms Fetch
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CXEKa0O8KYonXPJDU3gON4oLoDtGy_qZokOuxwvwOZBABIJeX-CBg_YKRhOgRoAGs5LaZA8gBCakCQTjmeen4sj7gAgCoAwHIA5sEqgTpAU_QSq_uDlifympSv28-pYyWAddJD8i0NGYTVYNELvPvhMO8if7DPermXTDJfqJIiIYhDSDtdaA8AOdVSAEZXC5DU_V7snzj6gUe3gZLqcZZrbvvqgpMgdOaLwiR3koPcemwfV-2BTcLcNLmPJ6VMoXD97h3dUHEscur4ZVjoVXmQSBQu2zvuAoOXNV3By8Rv1kZeVV11CNDo4xeRABfwj_p8iRfuXvxzoGdbOin183Jb7YqZhkRRLR6PUx-ZbqVRN56l8exJKWqg4RaYpXiLq123MSfaaTsadH0oZN7Nj91SsWuIp9Wt8HpwATkpYXRnQPgBAGSBQQIBBgBkgUECAUYBKAGLoAH2cu-A6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEELHvBdIICQiA4YAQEAEYHYAKA8gLAZgMoand9KoDuBODBNgTDtAVAYAXAbIXHgocCAASFHB1Yi04ODI4NTg3MTQ5NDczNDM3GOHzIA&sigh=1i55M2INNLE&uach_m=[UACH]&template_id=515
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/ Frame 5A0A 19 KB
8 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/abg_lite_fy2019.js

Requested by

Host: 93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com
URL: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

978a4e09113af1ad7a1240bd9239e18630abbf3819e74872d5c366105b487c4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7841
x-xss-protection: 0
server: cafe
etag: 5616804430205127715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 00:06:19 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/ Frame 5A0A 2 KB
1 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/window_focus_fy2019.js

Requested by

Host: 93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com
URL: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 23:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1698
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Feb 2022 23:43:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5A0A 124 KB
38 KB 176ms
175ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com
URL: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 00:12:01 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/ Frame 5A0A 15 KB
6 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com
URL: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06b89615824177c02fe88a115183da6905bd3bb4d5136997ca35a0bdfa86f422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 23:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1326
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6395
x-xss-protection: 0
server: cafe
etag: 14935107822106690633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Feb 2022 23:49:55 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5A0A 0
0 32ms
32ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR3q2iKSjKyxgeEQGeGndL6uobEisBJUcYocxZIaAmFl0I15WxHBf82ZW6i27WdVW0ZKCyeXxFOKmY4ap5XSNFhHQ9pUg
Requested by: Host: 93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com
URL: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 ff20f166b0acb5bbc58563e896201b58.js Show response
www.gstatic.com/mysidia/ Frame 5A0A 27 KB
12 KB 98ms
29ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ff20f166b0acb5bbc58563e896201b58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com
URL: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60b6fb70c39877b90333526914dbc0d47052cd8c4c298c421aaee2f9d6b48bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 17:53:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11452
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 06:53:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 15 May 2022 17:53:32 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2BCD 0
0 63ms
63ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstozLJ2wQbHCVZne8H6gSQSwnPweOMb_Ev2owOc5QP1z84McX2B2t7FUvCCBXz7XJWTQpypoQ-SlKP8azxEKazaODq4U7eyz9MMvuRsEScYFdlp1z1vS6or4GPgWiYqlD8h4N0si0ISUhrAauAmReS6yeo0f6iNpe0eaOd1V--0AizT4AX7OAEdL8zt9UhAdohD2lGCAP1iIL6Buo1LpEf1sxRg59LdQaSJcU-LZnkkW4e4tTQx0KYNIsdRCaPu4CPyb1OPzURouaQGySsTv2NBGqvd7qvdYyj-rLCOjgWE4RFdbAI9873rfL2siI_atiblRyVH6RMY&sig=Cg0ArKJSzBoMKiDBcuR1EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com
URL: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:12:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 -nFnOHM81r4j6k0gjAW3mujVU2B2G_Bx0g.woff2
fonts.gstatic.com/s/dmserifdisplay/v9/ Frame 2BCD 24 KB
24 KB 29ms
28ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmserifdisplay/v9/-nFnOHM81r4j6k0gjAW3mujVU2B2G_Bx0g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Serif+Display&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73e3044bb6912706982542a9e9b15e7472bd53755cea6a0477c5e7c80c24c00d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:17:22 GMT
x-content-type-options: nosniff
age: 446079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24532
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:06:36 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 20:17:22 GMT

GET
H3 200 8842685381516536821
tpc.googlesyndication.com/simgad/ Frame 5A0A 3 KB
3 KB 26ms
26ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8842685381516536821?w=100&h=100

Requested by

Host: 93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com
URL: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e85d9479a69bbf8d10883bf5524e6d181c002ae9842d3ad2bb87b610af8e5e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 23:03:08 GMT
x-content-type-options: nosniff
age: 522533
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3354
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 10:24:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Feb 2023 23:03:08 GMT

GET
DATA 200
OK truncated
/ Frame 5A0A 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5A0A 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 90D9 0
0 64ms
64ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvh5E6W7Ifxl36up2zOLTFDos6BJlCQQpUVv9TGmQAZwjWIuQ92jIGSHSMgdYzn8R5pIbS0xSvBPbN5X5lgdGFG72o39G5TfDFPxZyf4SwEAxVsf3QbAbrw8O9yNjoxaqk1SywNCYoEzNSuOU1FiIUTtCpNYWM2vIN3-MckUmM6f_f_Ww3jautTWhgLp36C_zLoi8Qs-Xk7pvDHjN5hTfcgKmJ2LKTPiVWqLAWMXRtdK2HmMzHx3cqjNOeYvJX9Sk0rnRqY4c9H4_rwFMEHFi3LNsF6z96XFw4oDoU6cL-P1L33RYRZW1a1GjyRjGtfyhyPgyYBpqlW&sig=Cg0ArKJSzG2EZcyrDu8NEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com
URL: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:12:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7873 1 KB
749 B 25ms
25ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com
URL: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Mon, 14 Feb 2022 05:53:44 GMT
expires: Tue, 15 Feb 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 65897
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0648 42 B
64 B 106ms
62ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBs-1ggUyJGWl1D9C858bSObhzFd6qjoJVHYpeNAf34jtLRBoBkS2igPqozRUPalF5fSIQkJYY2MhL0M0v6SbGzRB9Q0IiwU8YmLL0sjH6q50VuLPf&sig=Cg0ArKJSzMpa6t-itBHsEAE&id=lidar2&mcvt=1004&p=59,315,149,1285&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20220214&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2475375514&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644883922093&rpt=63&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:12:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 -nFnOHM81r4j6k0gjAW3mujVU2B2G_Bx0g.woff2
fonts.gstatic.com/s/dmserifdisplay/v9/ Frame 90D9 24 KB
24 KB 28ms
28ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmserifdisplay/v9/-nFnOHM81r4j6k0gjAW3mujVU2B2G_Bx0g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Serif+Display&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73e3044bb6912706982542a9e9b15e7472bd53755cea6a0477c5e7c80c24c00d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:17:22 GMT
x-content-type-options: nosniff
age: 446079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24532
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:06:36 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 20:17:22 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7873
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBodwxkvdg-HheaVkrBaJVc&google_cver=1&google_push=AYg5qPJXwyaBy2B6mwVAm1Qc_9Bv72AOCFkDlpxkhtpYzYbU3EB2chz_Us2b4kD8eihQKq1atRlwm1A7jq4gqkyx...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJXwyaBy2B6mwVAm1Qc_9Bv72AOCFkDlpxkhtpYzYbU3EB2chz_Us2b4kD8eihQKq1atRlwm1A7jq4gqkyxYKrNh6HPbmbH

170 B
188 B

34ms
34ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJXwyaBy2B6mwVAm1Qc_9Bv72AOCFkDlpxkhtpYzYbU3EB2chz_Us2b4kD8eihQKq1atRlwm1A7jq4gqkyxYKrNh6HPbmbH

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:12:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 15 Feb 2022 00:12:01 GMT
Server: MT3 4133 baa842e master cdg-pixel-x13 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJXwyaBy2B6mwVAm1Qc_9Bv72AOCFkDlpxkhtpYzYbU3EB2chz_Us2b4kD8eihQKq1atRlwm1A7jq4gqkyxYKrNh6HPbmbH
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 15 Feb 2022 00:12:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 7873
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEO1jFmfcX5Zb-Ee7kkSIYqA&google_cver=1&google_push=AYg5qPLHTAqq2ztKcgOTGqNbMJxPG8FaiU8ZBGzQCbRaox2C8ahoyAb-9yPryH-yZuIymOY0iuiCavNdxI_uUUCk-sIjm6lfsWQ&r...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEO1jFmfcX5Zb-Ee7kkSIYqA&google_cver=1&google_push=AYg5qPLHTAqq2ztKcgOTGqNbMJxPG8FaiU8ZBGzQCbRaox2C8ahoyAb-9yPryH-yZuIymOY0iuiCavNdxI_uUUCk-sIjm6lfsWQ...

43 B
415 B

205ms
197ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEO1jFmfcX5Zb-Ee7kkSIYqA&google_cver=1&google_push=AYg5qPLHTAqq2ztKcgOTGqNbMJxPG8FaiU8ZBGzQCbRaox2C8ahoyAb-9yPryH-yZuIymOY0iuiCavNdxI_uUUCk-sIjm6lfsWQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLHTAqq2ztKcgOTGqNbMJxPG8FaiU8ZBGzQCbRaox2C8ahoyAb-9yPryH-yZuIymOY0iuiCavNdxI_uUUCk-sIjm6lfsWQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:12:01 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6dda527e9bb83747-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:12:01 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 48
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6dda527d59ea3747-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEO1jFmfcX5Zb-Ee7kkSIYqA&google_cver=1&google_push=AYg5qPLHTAqq2ztKcgOTGqNbMJxPG8FaiU8ZBGzQCbRaox2C8ahoyAb-9yPryH-yZuIymOY0iuiCavNdxI_uUUCk-sIjm6lfsWQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLHTAqq2ztKcgOTGqNbMJxPG8FaiU8ZBGzQCbRaox2C8ahoyAb-9yPryH-yZuIymOY0iuiCavNdxI_uUUCk-sIjm6lfsWQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 7873 70 B
264 B 53ms
52ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGXHinQSjdEo8eo5DUJ1us8&google_cver=1&google_push=AYg5qPJkt0PDXq8LxDnM1slZU3N98nRD_tY6EohCOWuDqDDYWE-ML9Te61r1YRtn7p0_UVv1T_Kq354NztuYb0S9fqsVJEiL6FiP
Requested by: Host: 93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com
URL: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:12:01 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 7873 0
191 B 47ms
46ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEOP5lrV6COBOvP4sdRlHZys&google_cver=1&google_push=AYg5qPLqlP1q4S8hlN1PW8UogvaRLAD0yg05pgAv_ZNV-gI5P3Dtj1uT3GobFKjUVdBZDND9tLB4Bk51e-OIQF_yAm9BRw5plVCS
Requested by: Host: 93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com
URL: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:12:00 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7873
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBhXeBEl6jlZnNjLnVLUlV8&google_cver=1&google_push=AYg5qPLxLP2DaaTFdGRo4--1qAz93H_DQWECk7g94F1HPIdcVqzt_p28a-PoZniMrX0izbj8bHtJ7i5ONMQ...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLxLP2DaaTFdGRo4--1qAz93H_DQWECk7g94F1HPIdcVqzt_p28a-PoZniMrX0izbj8bHtJ7i5ONMQe9jue64JhGAXnyFuf&google_hm=3HarF-cxRauFMOoPl_0afts

170 B
188 B

35ms
34ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLxLP2DaaTFdGRo4--1qAz93H_DQWECk7g94F1HPIdcVqzt_p28a-PoZniMrX0izbj8bHtJ7i5ONMQe9jue64JhGAXnyFuf&google_hm=3HarF-cxRauFMOoPl_0afts

Requested by

Host: 93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com
URL: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:12:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:12:01 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLxLP2DaaTFdGRo4--1qAz93H_DQWECk7g94F1HPIdcVqzt_p28a-PoZniMrX0izbj8bHtJ7i5ONMQe9jue64JhGAXnyFuf&google_hm=3HarF-cxRauFMOoPl_0afts
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7873
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAq2uwVknZP4OJyL8jCVmNg&google_cver=1&google_push=AYg5qPI-WRi7wpCLCwQEInrl2A3scxp69ZkRNW4FAQbyFRKxbSY6Bbd4YniaheI6UGz9ZDTXsCMP6ho35JODWwzygFnC...
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://x.bidswitch.net/sync?dsp_id=59&user_id=5c8cb361-38c2-4181-af8b-1f321d484a46&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPI-WRi7wpCLCwQEInrl2A3scxp69ZkRNW4FAQbyFRKxbSY6Bbd4YniaheI6UGz9ZDTXsCMP6ho35JODWwzygFnCfOJQqjI&google_hm=6pPa_kjSQcWbzl9rsz1Qhg==

170 B
188 B

36ms
35ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPI-WRi7wpCLCwQEInrl2A3scxp69ZkRNW4FAQbyFRKxbSY6Bbd4YniaheI6UGz9ZDTXsCMP6ho35JODWwzygFnCfOJQqjI&google_hm=6pPa_kjSQcWbzl9rsz1Qhg==

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:12:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPI-WRi7wpCLCwQEInrl2A3scxp69ZkRNW4FAQbyFRKxbSY6Bbd4YniaheI6UGz9ZDTXsCMP6ho35JODWwzygFnCfOJQqjI&google_hm=6pPa_kjSQcWbzl9rsz1Qhg==
Date: Tue, 15 Feb 2022 00:12:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET

pixel
cm.g.doubleclick.net/ Frame 7873
Redirect Chain

https://onetag-sys.com/sync/i,19/?google_gid=CAESEKZu0l2xmS7OBKVO_o4REPM&google_cver=1&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbURwqlmzd8BSMwSUIiSD6O-iFOu-XFyQtAZG_3gvyQBU-08LHBfBs3h2YOK73b-p50ZDJTqptd3J1ZIJKGcQffqdBsrvw

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7873 0
12 B 33ms
33ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K_-EpO0TZEAEeyl9Mj_A9itK5LWuopiwxqyv9_L7B6KXZj0AJx4OZWyK9lcydOUHZ63RtK

Requested by

Host: 93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com
URL: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:01 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 5A0A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3875d375412d8406e600f7f81ec4ad8827171bf41edc3a9c55dfdccc4ca60e74

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame 5A0A 28 KB
28 KB 28ms
28ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 00:52:22 GMT
x-content-type-options: nosniff
age: 343179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28196
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 17:53:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 11 Feb 2023 00:52:22 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 90D9 0
0 65ms
65ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKc-3J6zA7B2Eeq5cVQO3nOKqujBqn-PwePFn4H3Rsby_d82tUIrSvQF-H-5KYWsfhxblzwbgLexPs9AKvs3V1dP784GWE72khpnJFGqmLnXkwOh1127lXvTa1BSNya_uz6gTae2jKfN73U0PIC1wCxeJGi6pnOGyOun1xeVSJpm0XlZb5L3DGeV2l5K-4nhJpq57cSr2WVi4LeWTDGmZtxcg3qwwRuAkOErBjEAGzHc0i1xLNTt3eYQhALpmW8-KL5EMD_mPxGZBA9j1QtCScroUOh4iKL3YE7X9KW4xsOsJ9yc7lSJuO9nwrUfHpNen3le_Ac11pyOY&sig=Cg0ArKJSzGYX1LiQ5tbXEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:12:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 15 Feb 2022 00:12:01 GMT

GET
DATA 200
OK truncated
/ Frame 90D9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30039c2a31b086481d0fecb3625c0beb135a7630894c0dd7b6aa5eb4a8dee3c1

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2BCD 0
0 64ms
64ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRQhym5-HGBshsKtczGQ1K52Tclzwk5oh2N7tb_NSHdL-oVq6g9SRmtpHcnhmWIYFtCpXYRuDDz34pTEXVDqY5Djadt6JIqpICI6Kq4Sdy4T3DRhRCgDUzI36Bg-sIcIR2Jvi8TQUZo84bj-cEvOVhio4i8rFqMu2l2ZtH506DKcUtRzNI2Zx-f_eZs7oJwEbMq7RvC1YDgUwt6PhNax6YN_r3FueJ8dtDmlpY9ma4mgfdIy72_61Mi63xAVfk82gamL-cP3nfLQcBeXmOqx4vrCrizBdBWcs8gu61M3v6pS8jxHioghVQ7z8k1H6db22Ao8XtfDmE83I&sig=Cg0ArKJSzLHwmAMjZww8EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:12:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 15 Feb 2022 00:12:01 GMT

GET
DATA 200
OK truncated
/ Frame 2BCD 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c55e81b867d602997db4e079b1082a84e1a61836ba40872826b8c85c3b0422d7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ad Show response
v.lkqd.net/ Frame FCCD 2 KB
2 KB 113ms
113ms XHR
application/xml 146.20.128.150
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fextra.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c5=&c6=59871&rnd=57029587&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: c115da164c38138f67298d07072a37f1fc9d7164a214f98996aa4caf4d5db976

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:01 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://extra.globo.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1349

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 0A3C 230 KB
61 KB 18ms
18ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:01 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 21:06:56 GMT
etag: "cca1f428155a1f13b17a4684f2c8ef1c"
x-hw: 1644883921.cds203.ml1.hn,1644883921.cds020.ml1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62015

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame C0B8 5 KB
2 KB 18ms
18ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9

Response headers

date: Tue, 15 Feb 2022 00:12:01 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1644883921.cds203.ml1.hn,1644883921.cds223.ml1.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame 0A3C 46 KB
4 KB 153ms
153ms XHR
application/json 146.20.128.150
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fextra.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c5=&c6=59871&rnd=57029587&m=&rtv=1&thost=extra.globo.com
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 5a850ba4d03dfe52adab7bf5aea12621abe7abc8bda0f54512806e6cbd76eb1f

Request headers

Referer
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 15 Feb 2022 00:12:01 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://extra.globo.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 3952

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 111ms
111ms Preflight 146.20.128.150
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fextra.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c5=&c6=59871&rnd=57029587&m=&rtv=1&thost=extra.globo.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://extra.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 15 Feb 2022 00:12:01 GMT
content-length: 0
access-control-allow-origin: https://extra.globo.com
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET
H2 200 cs
cs.lkqd.net/ Frame C0B8 43 B
308 B 112ms
111ms Image
image/gif 146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:01 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame C0B8 43 B
308 B 114ms
113ms Image
image/gif 146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:01 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame C0B8 43 B
308 B 113ms
112ms Image
image/gif 146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:01 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame C0B8 43 B
308 B 114ms
113ms Image
image/gif 146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:01 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame C0B8
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3009117051563579705

43 B
308 B

111ms
111ms

Image
image/gif

146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3009117051563579705
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:01 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3009117051563579705
pragma: no-cache
date: Tue, 15 Feb 2022 00:12:01 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 43C4 134 KB
36 KB 127ms
49ms Script
application/javascript 108.156.255.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/owHCMR.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-255-177.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: GtBleBshAfJx9KFXwg43LDlo50FXi9le
content-encoding: gzip
etag: c1da564f59b83b9805e8df92eca012f5
age: 14
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 16E49VZYFFN5S9FCM5EK
date: Tue, 15 Feb 2022 00:12:02 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6eb77e673c2aa566dbadbc817458b976.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: HdQviLHZ0WWvuIImQx3DTXpANXe0ptve11AnUL145t_nQBG5WMK8Sw==

GET
DATA 200
OK truncated
/ Frame 43C4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1919b49214d67b9e25723bcde4c95c3eeb840f8c0d2362f8738ab005a7a92da4

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 43C4 430 B
886 B 101ms
101ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13894&site_id=160068&zone_id=1780802&size_id=10&rp_schain=1.0,1!hcodemedia.com,288,1,,,&rf=https%3A%2F%2Fextra.globo.com%2F&tg_i.adunit=extra.globo.com.dw.300x600.inter&tg_i.dfp_ad_unit_code=138871148%2C85042905%2Fextra.globo.com.dw.300x600.inter&tg_i.pbadslot=138871148%2C85042905%2Fextra.globo.com.dw.300x600.inter&tk_flint=pbjs_lite_v4.43.0&x_source.tid=b05599fe-131d-4b26-bc3e-202217245baa&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.06948668927219415
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4983/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 3b3532617a9948e3150f8212980134eec324e95db69cb76e80d43767db27d2c9

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 00:12:02 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://extra.globo.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 430
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 43C4 24 B
520 B 111ms
35ms XHR
application/json 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4983/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: aa8e8aea33b33f8de39e3a31e9efe01cc14934291b352ed2a4a9638f3caa0be0

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 15 Feb 2022 00:12:02 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://extra.globo.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 43C4 0
116 B 357ms
69ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4983/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://extra.globo.com
date: Tue, 15 Feb 2022 00:12:01 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 43C4 143 B
1 KB 133ms
133ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4983/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

6872348540f9a347d58acbeb953cbdfb72a5f065f9eaaf7010f1d9d63925a9b0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 00:12:02 GMT
X-Proxy-Origin: 192.145.127.219; 192.145.127.219; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 5b0b6b8f-a376-46b8-bb92-3c4aefa11b4a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://extra.globo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ Frame 43C4 308 B
542 B 163ms
50ms XHR
application/json 52.48.134.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931348&slot=%7Bid:/138871148/extra.globo.com.dw.300x600.inter,ss:%5B300.600%5D,p:/138871148/extra.globo.com.dw.300x600.inter%7D&wr=300.600&sr=1600.1200&url=https%253A%252F%252Fextra.globo.com%252F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4983/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.134.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-134-198.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7fba454536adbf20b32200955d2cd619fb855876130c3b2d775e6a5a272e064c

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 15 Feb 2022 00:12:02 GMT
x-server-name: app04.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://extra.globo.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

POST
H2 200 prebid Show response
prebid.media.net/rtb/ Frame 43C4 330 B
484 B 97ms
38ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU2410EL
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4983/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b424553233d50aa8756b7130c3f7beeb83b2966e77548dd2bbe5e52c580c7ab5

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:12:02 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://extra.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST t
t.lkqd.net/ Frame 02D0 0
0

OPTIONS t
t.lkqd.net/ Frame 0
0

GET
H3 200 av Show response
vidoomy-d.openx.net/v/1.0/ Frame 1066 48 B
77 B 61ms
41ms XHR
text/xml 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fextra.globo.com%2F&cb=805723254&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C35345901223366383941874794924,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:12:02 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://extra.globo.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ Frame 1066 67 B
1 KB 173ms
172ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=http%3A%2F%2Fextra.globo.com%2F&cb=1450099303&player_width=400&player_height=225&regs[gdpr]=&user[consent]=&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C1955727963534590122336638394%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 00:12:02 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000257
X-SpotX-Timing-SpotMarket: 0.132189
X-SpotX-Timing-Page-Mux: 0.000766
X-SpotX-Timing-Page-Require: 0.000298
X-fe: 138
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000023
Content-Length: 77
X-SpotX-Timing-Page: 0.135983
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000261
Last-Modified: Tue, 15 Feb 2022 00:12:02 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.009491
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://extra.globo.com
X-SpotX-Timing-Page-Misc: 0.002180
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.122698
X-SpotX-Timing-Page-URI: 0.000008
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ Frame 1066 67 B
1 KB 42ms
41ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=http%3A%2F%2Fextra.globo.com%2F&cb=825409117&player_width=400&player_height=225&regs[gdpr]=&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C3534590122336638394446428445%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 00:12:02 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000242
X-SpotX-Timing-SpotMarket: 0.004683
X-SpotX-Timing-Page-Mux: 0.000881
X-SpotX-Timing-Page-Require: 0.000375
X-fe: 112
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000003
Content-Length: 77
X-SpotX-Timing-Page: 0.007856
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000296
Last-Modified: Tue, 15 Feb 2022 00:12:02 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.004683
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://extra.globo.com
X-SpotX-Timing-Page-Misc: 0.001366
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000009
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 1066 986 B
863 B 43ms
37ms XHR
application/xml 2.21.141.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=http%3A%2F%2Fextra.globo.com%2F&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C3534590122336638394342571024%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-175.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2977799a1282db67ee342e5bb13e6fcc4a485f0818a83edd75ae8679cda482f6

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:12:02 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://extra.globo.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 605
expires: Tue, 15 Feb 2022 00:12:02 GMT

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 1066 987 B
862 B 42ms
38ms XHR
application/xml 2.21.141.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=http%3A%2F%2Fextra.globo.com%2F&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C13993045223534590122336638394%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-175.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ce0b78c82ab5cc5c3d75bbf54460f2cc8b4372d9a1985d9b10b820a872255321

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:12:02 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://extra.globo.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 604
expires: Tue, 15 Feb 2022 00:12:02 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 1066 1 KB
2 KB 39ms
36ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C3534590122336638394572589458%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 34005b094203788b72fec39d192039b867354dddd5dca72e3da6875374ce22b0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 00:12:02 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://extra.globo.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1188
x-sticky-vk: 1644883921838050-408
Expires: Tue, 15 Feb 2022 00:12:02 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 43C4 0
303 B 40ms
39ms XHR
text/plain 108.156.255.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fextra.globo.com&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-255-177.dus51.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:01 GMT
via: 1.1 6eb77e673c2aa566dbadbc817458b976.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-P2
x-cache: Hit from cloudfront
access-control-allow-origin: https://extra.globo.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: hQeKOhvpolbc3W_geZzsYC21G4mqzkN9WuOQnBGmX7HK65FXHVzOxg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 43C4 6 KB
3 KB 95ms
33ms XHR
application/javascript 108.156.255.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-255-177.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 62762
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 21 Jan 2022 02:54:57 GMT
server: AmazonS3
date: Mon, 14 Feb 2022 06:46:01 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: EHFvrCSQU6TKmOL3zTis5Xa3MfCVuDulkC26V07-b2SN3kHZ1Sey7g==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 43C4 0
0 63ms
62ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvOuEOdQ9w-0K7gJ4vxvCQe_raEWoTQSKVCLFxlhDi_INPAb5inboRq2b28PqhZjBc3h7zi7uz4NzQ9oFSNRnd_1uFmadDgCF7cLa3E2VYK3vj-RtpWHLLJ8siyEk9PV1tZ7BbzROebY3Spt4joDKqYYxFxyebiq3O2-O3RZE6exro207XZb4MiVR2p-BE3vkUOkViUZTdMuMmz8-JnQaYiNTOqjMJjrw8_H-YCRoWcYTu0WfNv-ST0NFVA_6NdzjWgDpJwWAaX_A1PC0NOGmuC0_u-qxt8KBg2q9Ay6vdC3TiXMZZH0QtsOb5cXMH-fTUScag9PQWg4AM&sig=Cg0ArKJSzOGqTXIitONjEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

server-108-156-255-177.dus51.r.cloudfront.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:12:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 15 Feb 2022 00:12:02 GMT

OPTIONS t
t.lkqd.net/ Frame 0
0

POST t
t.lkqd.net/ Frame 02D0 0
0

GET
H2 200 publishertag.prebid.113.js Show response
static.criteo.net/js/ld/ 85 KB
27 KB 114ms
39ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.113.js

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_extra.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:02 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 12:50:31 GMT
server: nginx
etag: W/"6138b197-1532d"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 16 Feb 2022 00:12:02 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame 43C4 23 B
492 B 72ms
72ms XHR
text/javascript 108.156.255.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fextra.globo.com%2F&pid=PTMuELgnL5hAv&cb=0&ws=300x600&v=7.73.0&t=2000&slots=%5B%7B%22sd%22%3A%22%2F138871148%2Fextra.globo.com.dw.300x600.inter%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F138871148%2C85042905%2Fextra.globo.com.dw.300x600.inter%22%7D%5D&schain=1.0%2C1!hcodemedia.com%2C288%2C1%2C%2C%2C&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.255.177 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:02 GMT
via: 1.1 6eb77e673c2aa566dbadbc817458b976.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-P2
x-amz-rid: XY7C4Y4RQNE7MZSZ5Y01
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://extra.globo.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: nBalBx-VUxv5DemZx7XpJM7hn8BELg7FdjRtoayeS6wYM3U2H7wh0A==

GET
H3 200 integrator.js Show response
adservice.google.it/adsid/ Frame 43C4 107 B
122 B 38ms
37ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.js?domain=extra.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 43C4 107 B
122 B 34ms
33ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=extra.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 43C4 21 KB
9 KB 180ms
179ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4363022857798348&correlator=4268199448008935&output=ldjh&eid=31061814%2C31063246%2C44758229&output=ldjh&gdfp_req=1&vrg=2022020901&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=138871148%3A85042905%2Cextra.globo.com.dw.300x600.inter&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&prev_scp=pwtdeal_ias%3DPMP_-_42_-_75337fc1f3ef87%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26fr%3Dfalse%26id%3De63c3fa1-8df3-11ec-9f55-061b2abdf756%26vw%3D40%252C50%252C60%26vw05%3D40%252C50%26ias-kw%3D%26pwtsid%3D75337fc1f3ef87%26pwtbst%3D1%26pwtecp%3D0.01%26pwtdid%3D42%26pwtpid%3Dias%26pwtpubid%3D157163%26pwtprofid%3D4983%26pwtverid%3D3%26pwtsz%3D100x200%26pwtplt%3Ddisplay%26amznbid%3D2%26amznp%3D2%26hcmviewable%3Dfalse&eri=1&cookie=ID%3Dea9c3b3085a38466%3AT%3D1644883919%3AS%3DALNI_MalIQFSJzvkCv-nqvGKDlksBel4rg&cdm=extra.globo.com&bc=31&abxe=1&dt=1644883924209&lmt=1644883924&dlt=1644883922979&idt=143&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=2&adxs=970&adys=1936&adks=3641700065&ucis=9t8f91vkfynb&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&nhd=1&url=https%3A%2F%2Fextra.globo.com%2F&top=https%3A%2F%2Fextra.globo.com%2F&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=1323511657.1644883919&ga_sid=1644883924&ga_hid=269334104&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34d008d34718e44365544fca004928dcf66baa2db26e68e56fc6bef44ada4b21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9417
x-xss-protection: 0
google-lineitem-id: 5771555176
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138360343862
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://extra.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 43C4 13 KB
10 KB 42ms
41ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022020901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1163a29cbb92e50d7195afd711136ae77b1b6aeae8839979f6d4ec677a762fe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9810
x-xss-protection: 0

GET
H2 200 container.html Show response
939939cf1f529e9952edbd8a2817e325.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F327 6 KB
3 KB 68ms
33ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://939939cf1f529e9952edbd8a2817e325.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 15 Feb 2022 00:12:02 GMT
expires: Wed, 15 Feb 2023 00:12:02 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 66FD 13 KB
5 KB 36ms
36ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=extra.globo.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 3724
date: Tue, 15 Feb 2022 00:12:02 GMT
content-length: 5147
strict-transport-security: max-age=31536000; preload;

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 90 KB
28 KB 100ms
34ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:02 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:35 GMT
server: nginx
etag: W/"61f7a623-16685"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 16 Feb 2022 00:12:02 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 43C4 17 KB
6 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 00:12:02 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 66FD
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=globo.com&sn=ChromeSyncframe&so=0&topUrl=extra.globo.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=VCL8cXxqRDk4dHFIVDZiUG5vQnhGQ3ZZVjl1K1YyanNDRDk3dy9oUjJLLzlJQ3dqbzlnMk5PVlluQjMzS3BKSCt1L2hlNWxuUVQ3R0c3blRGUnAxNEp0TXYyRDdWYWlLZWRieHhxcXJ0MXErVHluQmhVbGs3cW41QktJQz...

422 B
626 B

219ms
33ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=VCL8cXxqRDk4dHFIVDZiUG5vQnhGQ3ZZVjl1K1YyanNDRDk3dy9oUjJLLzlJQ3dqbzlnMk5PVlluQjMzS3BKSCt1L2hlNWxuUVQ3R0c3blRGUnAxNEp0TXYyRDdWYWlLZWRieHhxcXJ0MXErVHluQmhVbGs3cW41QktJQzY0alBMaXM0Zm5Denlqc0t0elFXUE1jMlM2TXVNSjNjcGptMWRMOU9VSjR5T3N3TkdvVnBDa2Z1MXM3WEJJRTByUklyWjBQUnJvQjM3VktTMzNETWtZQklOWllmaXlyUlJqSkp4dVdFb05NSmZJb0V1UFpsMXVvelVPN3o0ZkRETGtybThJclAyZzJaMW5PR25FREZoRnZhZmZ2Q3E2QT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

2ed8ced625931b853be0eddb4775f1964ab096adc55d99080dd7e84b097df950

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:12:02 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3546
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:12:02 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=VCL8cXxqRDk4dHFIVDZiUG5vQnhGQ3ZZVjl1K1YyanNDRDk3dy9oUjJLLzlJQ3dqbzlnMk5PVlluQjMzS3BKSCt1L2hlNWxuUVQ3R0c3blRGUnAxNEp0TXYyRDdWYWlLZWRieHhxcXJ0MXErVHluQmhVbGs3cW41QktJQzY0alBMaXM0Zm5Denlqc0t0elFXUE1jMlM2TXVNSjNjcGptMWRMOU9VSjR5T3N3TkdvVnBDa2Z1MXM3WEJJRTByUklyWjBQUnJvQjM3VktTMzNETWtZQklOWllmaXlyUlJqSkp4dVdFb05NSmZJb0V1UFpsMXVvelVPN3o0ZkRETGtybThJclAyZzJaMW5PR25FREZoRnZhZmZ2Q3E2QT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2410
content-length: 541
expires: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0E07 13 KB
5 KB 26ms
26ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Feb 2022 23:31:01 GMT
expires: Tue, 14 Feb 2023 23:31:01 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 2461
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 288C 783 B
534 B 37ms
37ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ca4287d8d405ba5d8e7bcb9f1cc2c97da67cad38f8abe8adaf2d9cf08e2671f2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vHEJ+CASB3C4eqn5onJNVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 15 Feb 2022 00:12:02 GMT
date: Tue, 15 Feb 2022 00:12:02 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-vHEJ+CASB3C4eqn5onJNVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 PUCLGob25V5To4ZA0QrG8QFJpfKRC6B4XbMmUjSZFR8.js Show response
pagead2.googlesyndication.com/bg/ Frame 0E07 35 KB
13 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PUCLGob25V5To4ZA0QrG8QFJpfKRC6B4XbMmUjSZFR8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d408b1a86f6e55e53a38640d10ac6f10149a5f2910ba0785db326523499151f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 22:57:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13483
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Feb 2023 22:57:19 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 288C 0
0 66ms
66ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022020901&jk=4363022857798348&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2BCD 42 B
64 B 62ms
61ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvGre4mvg2NoHQLsN1tf7V0as0XHgGPnfmj2Q4DUQc7a7PklpljJYNWAVlDTUOjX6j-rOIUFPpLi4YP9eLPYuFiJHrtPRipMTf0aoMlKaKNosZqQC5E&sig=Cg0ArKJSzMa-UvZ8GENAEAE&id=lidar2&mcvt=1001&p=553,970,803,1270&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220214&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=7&adk=436965826&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644883922960&rpt=391&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://93962f05851a6ae056e7aaab6a9db26b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:12:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9084 0
0 64ms
63ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfwmyyuVqR_TPjSwbi6eVdpJeDwjvCeArqqD_O-UcnX1coKYxi6e0Dvo92CLFj11yFni7OhUP9LFzjFBclmuqXDxVhRGAq5fdkg0-bV5FxuWgQDQV9sc-8aliJFJy4o-ZTY6kCON3u497x5b18Bv7fTMrMqYvKixEgxdRUgqrtD3MUTYNz1PI0H0Ce6m6-GxG4CWqkfyM9DC9uJqboEdj3v6Odx5CgGbsmJXAUJqGRnvZZIGxCbP1z5cIh5cPJ6e9moN0-Yd6rqxm1ulv2YvSPocClMrIx2gooUm7gf-P9xanlrxeZLut6-0TANQiJbw2ZDetJylhdBWnX5a7I&sig=Cg0ArKJSzKv2-5_pMzgxEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: extra.globo.com
URL: https://extra.globo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:12:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK a9floorcheck.js Show response
s3.amazonaws.com/script-tags/ Frame 9084 3 KB
3 KB 125ms
125ms Script
application/javascript 52.217.175.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/script-tags/a9floorcheck.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.175.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 00fcdbd28afe964a4bec63932d5f6348abd89e19ed1f990723a6ab9ca8701cc1

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 00:12:03 GMT
Last-Modified: Wed, 03 Apr 2019 18:47:26 GMT
Server: AmazonS3
x-amz-request-id: PM88B6G739JKAT8P
ETag: "2d4b0d964f2c5927dffbf65da033636a"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2655
x-amz-id-2: 5dPfTSx0e5ihnAo6L1IYf6svB28gwTScZqB6kB0BRL7eZHAwHXQ2udIxHnwtuStibsN0fZ7aZCM=

GET
H/1.1 200
OK prebidpubs.js Show response
s3.amazonaws.com/script-tags/ Frame 9084 311 KB
311 KB 266ms
138ms Script
application/javascript 52.217.175.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.175.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9c771d688cb34399f9f33f7d6ccd2a3ec17a9bb758923d736a3d1942510e963a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 00:12:03 GMT
Last-Modified: Tue, 03 Aug 2021 21:19:14 GMT
Server: AmazonS3
x-amz-request-id: PM8FJKDAHB6AXFXY
ETag: "5dbd5fb11fd60ffbccab312faa64a2fd"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 318400
x-amz-id-2: w/iG6vOld80WMBoalpwjSRH0kGIgNXzL5xFFLoCUeWlaLUR5+giUz9OSPuDBQ2aYUNdXTV6Jmh4=

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9084 124 KB
38 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 00:12:02 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0E07 0
10 B 26ms
25ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?DVrnbA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 ad Show response
v.lkqd.net/ Frame FCCD 2 KB
2 KB 114ms
114ms XHR
application/xml 146.20.128.150
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fextra.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c5=&c6=59871&rnd=88099734&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: bcd638ba282251615019eec38ad19cee22403517401ad3414370f80c4c7a792b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:02 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://extra.globo.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
trace-id: 0d3199bf43b1b106
content-length: 1353

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 9084 134 KB
36 KB 38ms
38ms Script
application/javascript 108.156.255.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/a9floorcheck.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-255-177.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: GtBleBshAfJx9KFXwg43LDlo50FXi9le
content-encoding: gzip
etag: c1da564f59b83b9805e8df92eca012f5
age: 14
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 16E49VZYFFN5S9FCM5EK
date: Tue, 15 Feb 2022 00:12:02 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6eb77e673c2aa566dbadbc817458b976.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: trAtnBw9osd-QEvKffS8_pF5cfHm4nK0atzkAM0MO9wAlYVQ274pfw==

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame D85F 230 KB
61 KB 19ms
18ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:02 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 21:06:56 GMT
etag: "cca1f428155a1f13b17a4684f2c8ef1c"
x-hw: 1644883922.cds203.ml1.hn,1644883922.cds020.ml1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62015

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 9084 0
301 B 40ms
39ms XHR
text/plain 108.156.255.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fextra.globo.com&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-255-177.dus51.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:01 GMT
via: 1.1 6eb77e673c2aa566dbadbc817458b976.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-P2
x-cache: Hit from cloudfront
access-control-allow-origin: https://extra.globo.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: h7m8xb98JLs0ImLwqORH-2VRe7LcCIM2deNeda-N8Uf5MIiufC4pQA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 9084 6 KB
3 KB 33ms
32ms XHR
application/javascript 108.156.255.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-255-177.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 62762
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 21 Jan 2022 02:54:57 GMT
server: AmazonS3
date: Mon, 14 Feb 2022 06:46:01 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: pi66hkgl00QBHx2_y0DgvDDvyMTndcxZCcKjjx42Oar8BynjN8CexQ==

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 9E7F 5 KB
2 KB 18ms
17ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9

Response headers

date: Tue, 15 Feb 2022 00:12:02 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1644883922.cds203.ml1.hn,1644883922.cds223.ml1.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame D85F 47 KB
4 KB 157ms
155ms XHR
application/json 146.20.128.150
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fextra.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c5=&c6=59871&rnd=88099734&m=&rtv=1&thost=extra.globo.com
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 929144165d8d13efb51cc6563cc741e168d09b07bf9a12c05f06abc24ce98e8f

Request headers

Referer
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 15 Feb 2022 00:12:03 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://extra.globo.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 4296

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 111ms
111ms Preflight 146.20.128.150
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fextra.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c5=&c6=59871&rnd=88099734&m=&rtv=1&thost=extra.globo.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://extra.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 15 Feb 2022 00:12:02 GMT
content-length: 0
access-control-allow-origin: https://extra.globo.com
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET
H2 200 cs
cs.lkqd.net/ Frame 9E7F 43 B
308 B 112ms
111ms Image
image/gif 146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:02 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 9E7F 43 B
308 B 113ms
113ms Image
image/gif 146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:02 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 9E7F 43 B
308 B 114ms
114ms Image
image/gif 146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:02 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 9E7F 43 B
308 B 115ms
115ms Image
image/gif 146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:02 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 9E7F
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3009117051563579705

43 B
308 B

111ms
111ms

Image
image/gif

146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3009117051563579705
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:03 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3009117051563579705
pragma: no-cache
date: Tue, 15 Feb 2022 00:12:02 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

POST t
t.lkqd.net/ Frame CC61 0
0

OPTIONS t
t.lkqd.net/ Frame 0
0

GET
H3 200 av Show response
vidoomy-d.openx.net/v/1.0/ Frame 1066 48 B
77 B 36ms
36ms XHR
text/xml 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fextra.globo.com%2F&cb=478775162&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C8539210679731236000298351280,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:12:03 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://extra.globo.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ Frame 1066 67 B
1 KB 43ms
43ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=http%3A%2F%2Fextra.globo.com%2F&cb=511064498&player_width=400&player_height=225&regs[gdpr]=&user[consent]=&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C14724844778539210679731236000%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 00:12:03 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000230
X-SpotX-Timing-SpotMarket: 0.004208
X-SpotX-Timing-Page-Mux: 0.000762
X-SpotX-Timing-Page-Require: 0.000336
X-fe: 087
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000002
Content-Length: 77
X-SpotX-Timing-Page: 0.006829
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000285
Last-Modified: Tue, 15 Feb 2022 00:12:03 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.004208
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://extra.globo.com
X-SpotX-Timing-Page-Misc: 0.000998
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000008
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ Frame 1066 67 B
1 KB 42ms
42ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=http%3A%2F%2Fextra.globo.com%2F&cb=1161419435&player_width=400&player_height=225&regs[gdpr]=&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C85392106797312360001220274478%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 00:12:03 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000271
X-SpotX-Timing-SpotMarket: 0.005248
X-SpotX-Timing-Page-Mux: 0.000878
X-SpotX-Timing-Page-Require: 0.000357
X-fe: 016
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000003
Content-Length: 77
X-SpotX-Timing-Page: 0.008678
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000306
Last-Modified: Tue, 15 Feb 2022 00:12:03 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.005248
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://extra.globo.com
X-SpotX-Timing-Page-Misc: 0.001604
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000011
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 1066 985 B
862 B 35ms
35ms XHR
application/xml 2.21.141.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=http%3A%2F%2Fextra.globo.com%2F&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C853921067973123600015574256%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-175.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 75f6074952d4e7e9bd9f5ae38eaeac03e7bece690a4d4d87da22f39e927a6753

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:12:03 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://extra.globo.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 604
expires: Tue, 15 Feb 2022 00:12:03 GMT

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 1066 986 B
863 B 35ms
35ms XHR
application/xml 2.21.141.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=http%3A%2F%2Fextra.globo.com%2F&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C5835218578539210679731236000%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-175.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4129d22a3d704aa5bd45f074be8089f84c5dc017d68a58b9a9b2d7cba09cf64c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:12:03 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://extra.globo.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 605
expires: Tue, 15 Feb 2022 00:12:03 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 1066 1 KB
2 KB 36ms
36ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C85392106797312360001199861859%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: de8d212514dfb6fb03b40a5661c257f410c3a17dd8e59ce837715aa26b3e9c65

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 00:12:03 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://extra.globo.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1190
x-sticky-vk: 1644883922833070-371
Expires: Tue, 15 Feb 2022 00:12:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 43C4 0
20 B 62ms
62ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022020901&jk=4363022857798348&bg=!ammlaS3NAAbAtJCDwLQ7ACkAdvg8Wqgb2drs02lhh0l30zP9YH76ECETW_7_u44KWPIUqURlNM-wogIAAABjUgAAAARoAQeZAtaZ31AogrQrCjK0M4eGBvVKTKxNksIymEvnG1mv7TcmgkidBNYcMIk4hlwIu0wgSuFIWu3vmvElkg05f26-RmLpUhxuMlisdBzaAGPP89agfS88XddACvIS7rgiGnCStuDwgxABnh2PWc1xAwZpjvgoVabkAPZDHEB4aTkH-l3ZpN5vCgk2rKsL3JISUyqf91pX0rL-iW1xvGuqpuoHV6iR6ECTv7deUrRbLWgHgYnbkS-YGpuLd17nbSnKYbWFkxda2a4yDdTX0j_HjO-1c7Qzl8ULS6CFzIg0epCDjAe5Jl0clZrpBJxLIpJz9bbpxV5KKTZh-qJ7x-vYC1gf6dTwNAcJO61wi6-1e83L8YUQdDygGgpJ3NdtNkg2SNmbeQtgwg_nLFZP1Qt5jnW77MqiMdfodmXisp9UxT1HzHh2EuOdaUNQ9rCF1vJHwpu4g4LDcR6Ndy5DJbIls9ESOcsYlI5JJT4HwZj_2VInY_JZRLaKig2qSbW1t-javfUhkCjfy5mft6x_5k3E5YNRVO3ELLKB8_68Rk9tO3NUBdJP_k643rxnzo-5jRk3sSrTyuPy9023Gynwj7gy4fCMXzPFktJwDKNIUmT5jDU-scyKms7D82iXcq7F5wscL53BTdk-cyxeyKwXmRyf8khzz3h1omhBx3ro-pv1aTLix0rl5cAKrwJ7bvl9DbCcKyZBleX9_7BjYjO6D5jdRsfhUlfF5lq4r5ledKSSuSPeeAb90vK440Rl6UCgpjFY6K7JyI9z-bLLwiqTYo0MBkNuoZOsLJHO0CrmUBJnw7H84EyVcT2wbT1VifZ1uxVZXXXdlEe_BVilBe1MI-4-rFMGNOR9MuwkEyfaD1Xe23aAK2LZQRafF3YBgordto7S50J0NkM7Mgzwy4uU0RqdKUyQbOvLlGobvbzvqFSvC4UXCPtMyuhk2XqBP9CWcv5i-pSjlC16YARK-f8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:12:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS t
t.lkqd.net/ Frame 0
0

POST t
t.lkqd.net/ Frame CC61 0
0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 9084 241 B
697 B 93ms
92ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13894&site_id=160068&zone_id=1780802&size_id=10&rp_schain=1.0,1!hcodemedia.com,288,1,,,&rf=https%3A%2F%2Fextra.globo.com%2F&kw=%2F138871148%2Fextra.globo.com.dw.300x600.inter&tk_flint=pbjs_lite_v4.43.3&x_source.tid=4e746c8e-712b-460e-bacd-bc3a9855349a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.08494555828729622
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 12dcc4cbeeaa2f98978ab9e5f1d6466b829911a66ab96f4d02aa291fe3ce2bcd

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 00:12:03 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://extra.globo.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 9084 144 B
1 KB 123ms
123ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

65b99a46746e98c84f86c3abb11963490556e84c16e8c8d1b5aae125b78a4ee0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 00:12:03 GMT
X-Proxy-Origin: 192.145.127.219; 192.145.127.219; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: d0f26f37-b7ee-424b-93b9-dbb17c9cb47f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://extra.globo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 9084 0
60 B 71ms
71ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://extra.globo.com
date: Tue, 15 Feb 2022 00:12:03 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 9084 23 B
519 B 40ms
40ms XHR
application/json 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.3
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 73f7a46efba10198db3695a9e0563c749b68f4a7502c976554735e6d65f7a279

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 15 Feb 2022 00:12:03 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://extra.globo.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 23

GET
DATA 200
OK truncated
/ Frame 9084 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbf061a2d1d678f95fde2e2b91a68bb4ba241c6bf81af92bcb10f0e3d422fc0c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9084 0
0 63ms
63ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRNtmlMVapBwmj5sLExfH69wSoYaxpoxjj6iKRyXt3Ve4lIQonktzQ3Td-LSIkYeUBd71DrGH1B-7qd-FoaJKpqzfckWsZmdfFYjZ7TOt3q4Ok0AJ-GX12cLfOcgpACjmgtPbWFzc6koMFbFhJca25E84Gp3JwalRAYAB-UUdljnKm3AOI4Aw_QCjfOTH87F_ijIfj_HEdxbt-E3GS8f900kEiWL6sZQqeZXh6XexHG7pvziNoakwKgtiQHxQcKiN1obqTPAcDxiAqy_39csFCNkPBjchKLfIlPtjGmSYeLJyUcTWDLS5u3bUoK9l8A_eBjtSVHNlCEeOB8sAJroQ&sig=Cg0ArKJSzDH4V7GtwyuFEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

server-108-156-255-177.dus51.r.cloudfront.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 00:12:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 15 Feb 2022 00:12:03 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame 9084 23 B
494 B 77ms
77ms XHR
text/javascript 108.156.255.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fextra.globo.com%2F&pid=ECCVhCTmSQ5Pr&cb=0&ws=300x600&v=7.73.0&t=1000&slots=%5B%7B%22sd%22%3A%22%2F138871148%2Fextra.globo.com.dw.300x600.inter%22%2C%22s%22%3A%5B%22300x600%22%5D%7D%5D&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.255.177 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:03 GMT
via: 1.1 6eb77e673c2aa566dbadbc817458b976.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-P2
x-amz-rid: 58CHQJTQQ86ZVAJXFMX5
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://extra.globo.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: JyvG5_I_jF4DSTCStjOSBLtr30sYMpsqgPr6mwBv6jDvsWlBC4sMPA==

GET
H/1.1 200
OK 300x600_blue_ENG.jpg
hcode-marketing.s3.amazonaws.com/generic_cr/ Frame C02A 106 KB
107 KB 465ms
119ms Image
image/jpeg 52.217.99.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hcode-marketing.s3.amazonaws.com/generic_cr/300x600_blue_ENG.jpg
Requested by: Host: extra.globo.com
URL: https://extra.globo.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.99.92 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9de15ad1ba58800e9fe56908b2639692c704c1c119b5222bbf7717546cf734ca

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 00:12:04 GMT
Last-Modified: Thu, 24 Jun 2021 22:30:50 GMT
Server: AmazonS3
x-amz-request-id: CJHHV2TJH95HT3AH
ETag: "acede5742c3ddc36221b2fffd80f49f5"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 109021
x-amz-id-2: Rzf0t5Jkk3WiNlhUJ1j2k6dXwwoTAl0opBWnV3jKvs4MKudx8Epp+2naoI6+91B/E4Ghk1HRXyE=

POST
H2 200 OpportunityServlet
am-vid-events.taboola.com/ 1 B
120 B 43ms
42ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-vid-events.taboola.com/OpportunityServlet
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_2_0/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://extra.globo.com
date: Tue, 15 Feb 2022 00:12:03 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1

GET
H2 200 ad Show response
v.lkqd.net/ Frame FCCD 2 KB
2 KB 121ms
121ms XHR
application/xml 146.20.128.150
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fextra.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c5=&c6=59871&rnd=76359813&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 794572f5c14061555f7b0a16b6cc03a42f03075c07d5a639e99ef9b565413e9f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:03 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://extra.globo.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1353

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
1 KB 93ms
93ms XHR
application/json 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=309&height=173&pubid=169497&tagid=953497&crid=6205575&noaop=3&sortOrderType=0&cb=1644883925574&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1355&pt=-1437518049&tz=0&viewable=true&ddast=V7_dcCFgPn5NnwxUCv7QTn5NnwxUCv7QUAAAAGBuIHHcRY8EYUynJGI812y-FoMtkslpPZYLCZzWZD6CDGgjeiUJYzGmm2Ww5Hk8lksRouBsPFajGYQoawzH7fQch3uwwPn8sgKrreFrvDafa8AQNNp8PnuterjKfLw64z-y1-u8bv9ssBAAAA4AHAC_YQ4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADAKGxQgMAjaPAXJa73x8AAA8KIAAAAhgkAAW_qSUAKj3FJwAAAAAAAAAALP____8xA_R9ozID-0olPQAPPgAPRAWqRYwAAAAAgCP_to8mdUJlUQUAQJBuBXAFABDgp4-rCxEGAAAAMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEbPTC04IYUOzVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKxOIXbD2WA3GWwmswMAAAC4-____9cDCcPMsnJtTBbHxLDc-CaG4XIzHI5sI49pZrPYHN6Lqno8X7vKZunLEJbZ7zsI-W6X4eFzGURF19tidzjNnvtN2GK0mkw2y-FsuZgMhqPhaLQ_gRwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0Rhgwj38bkG61Fo4XNLVr5lmuFybVwC1aLlcflsvk2HsNa9PqYnoPRbjXaeFEwwGMvgot0ojI5TX_Lw2f2W_xulfF0eVjEEs3JIp3ILvuGYWZZuTYmi2NiWG58E8NwuRkOR7aRxzSzWWwOf8kw8m1MvtFaNFrY3KKVb7lWmFwLt2C1WHlcLptv4zGsRa-P6TkY7Vajjb8xG42Gw81yMds3ZqPRcLhZLmb7DpPpmfqcjbbNOeWRSWzR6Fg7Mx8ULoPFu5iYdt_O8CC7VoxOlWWcLOiMfr_f7_f7_X6_32_Qeg5mg8I3Ps4k47X2YN0cZwaxwaCIJYLTRToR-t0ui1gieVqkE81u5ZqMHA6XyTAarGyOkWlimW0Gm9XENty4jDOLWKI0XaQTvUT9x4dYTuaK0WqumOzmksVylQAAAAAAAAAAljBn3gQAAADgNJjdbDdaLRdA4i9TFxgEAAAAAABgl6HNBg9W9nOhuPFjiTI5TX_Lw2f2W_xulfF0eVgZQMJNlHmzZ4JYq9WyBgAAEMAGAAAI4NbNW8AaJAc!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2768325&dpubid=376745&abtst=adh5c-1_vA!iiq8c_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vB!pblc_vE!spa2_vA!t45!t45!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fextra.globo.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.5.5/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b393f5f71467af6eed49a1dc2c98aa30ee9b4e9b4780dcc47b2107db5f8df087

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: text/plain

Response headers

date: Tue, 15 Feb 2022 00:12:03 GMT
content-encoding: gzip
access-control-allow-origin: https://extra.globo.com
machineid: 1474
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-mxp6946-MXP
pragma: no-cache
server: nginx
x-timer: S1644883924.827425,VS0,VE65
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 8235 230 KB
61 KB 19ms
18ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:03 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 21:06:56 GMT
etag: "cca1f428155a1f13b17a4684f2c8ef1c"
x-hw: 1644883923.cds203.ml1.hn,1644883923.cds020.ml1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62015

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 2EF9 52 KB
17 KB 56ms
15ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_extra.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 14 Feb 2022 04:03:19 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 15 Feb 2022 00:12:03 GMT
Age: 72524
X-Served-By: cache-lga21964-LGA, cache-mxp6935-MXP
X-Cache: HIT, HIT
X-Cache-Hits: 1, 481079
X-Timer: S1644883924.987048,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame DD18 281 B
554 B 33ms
32ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_extra.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 15 Feb 2022 00:12:03 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame AE24 5 KB
2 KB 18ms
17ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9

Response headers

date: Tue, 15 Feb 2022 00:12:03 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1644883923.cds203.ml1.hn,1644883923.cds223.ml1.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame 8235 46 KB
4 KB 206ms
206ms XHR
application/json 146.20.128.150
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fextra.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c5=&c6=59871&rnd=76359813&m=&rtv=1&thost=extra.globo.com
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: d13ba3e502419ad5f4f20da2b88260b3c6b1939881c096c7166295413de11440

Request headers

Referer
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 15 Feb 2022 00:12:04 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://extra.globo.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 3955

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 239ms
239ms Preflight 146.20.128.150
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fextra.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c5=&c6=59871&rnd=76359813&m=&rtv=1&thost=extra.globo.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://extra.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 15 Feb 2022 00:12:04 GMT
content-length: 0
access-control-allow-origin: https://extra.globo.com
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame DD18 32 KB
10 KB 37ms
36ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 60bd98f878ee40135821356c2c8984e898c8bfdcd458f0a77ef6980a6c536643

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 00:12:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59027
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9704
Expires: Tue, 15 Feb 2022 16:35:50 GMT

GET
H2 200 cs
cs.lkqd.net/ Frame AE24 43 B
308 B 112ms
111ms Image
image/gif 146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:04 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame AE24 43 B
308 B 113ms
112ms Image
image/gif 146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:04 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame AE24 43 B
308 B 114ms
114ms Image
image/gif 146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:04 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame AE24 43 B
308 B 115ms
114ms Image
image/gif 146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:04 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame AE24
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3009117051563579705

43 B
308 B

111ms
111ms

Image
image/gif

146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3009117051563579705
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:04 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3009117051563579705
pragma: no-cache
date: Tue, 15 Feb 2022 00:12:03 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2EF9 0
735 B 25ms
25ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 00:12:04 GMT
X-Proxy-Origin: 192.145.127.219; 192.145.127.219; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 9a3045ac-7ef0-4fe9-a407-f4f105152757
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST t
t.lkqd.net/ Frame DA37 0
0

OPTIONS t
t.lkqd.net/ Frame 0
0

POST
H2 200 wl Show response
t.pubmatic.com/ Frame 43C4 17 B
182 B 149ms
32ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=157163
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4983/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://extra.globo.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:12:04 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://extra.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H3 200 av Show response
vidoomy-d.openx.net/v/1.0/ Frame 1066 48 B
77 B 43ms
43ms XHR
text/xml 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fextra.globo.com%2F&cb=1303651696&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C6364263679706666849538545832,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:12:04 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://extra.globo.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ Frame 1066 67 B
1 KB 46ms
45ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=http%3A%2F%2Fextra.globo.com%2F&cb=120079368&player_width=400&player_height=225&regs[gdpr]=&user[consent]=&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C7820793136364263679706666849%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 00:12:04 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000287
X-SpotX-Timing-SpotMarket: 0.005532
X-SpotX-Timing-Page-Mux: 0.000872
X-SpotX-Timing-Page-Require: 0.000396
X-fe: 029
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000004
Content-Length: 77
X-SpotX-Timing-Page: 0.008878
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000325
Last-Modified: Tue, 15 Feb 2022 00:12:04 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.005532
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://extra.globo.com
X-SpotX-Timing-Page-Misc: 0.001450
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000011
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ Frame 1066 67 B
1 KB 41ms
40ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=http%3A%2F%2Fextra.globo.com%2F&cb=1912916237&player_width=400&player_height=225&regs[gdpr]=&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C6364263679706666849720187728%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 00:12:04 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000282
X-SpotX-Timing-SpotMarket: 0.004613
X-SpotX-Timing-Page-Mux: 0.000788
X-SpotX-Timing-Page-Require: 0.000315
X-fe: 108
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000003
Content-Length: 77
X-SpotX-Timing-Page: 0.007407
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000247
Last-Modified: Tue, 15 Feb 2022 00:12:04 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.004613
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://extra.globo.com
X-SpotX-Timing-Page-Misc: 0.001149
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000009
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 1066 986 B
862 B 28ms
28ms XHR
application/xml 2.21.141.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=http%3A%2F%2Fextra.globo.com%2F&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C6364263679706666849912721262%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-175.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 61f2dfa123c5d9eab3473a166520cfd1f03162a318daac9d75156145b54802a6

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:12:04 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://extra.globo.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 604
expires: Tue, 15 Feb 2022 00:12:04 GMT

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 1066 987 B
862 B 29ms
29ms XHR
application/xml 2.21.141.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=http%3A%2F%2Fextra.globo.com%2F&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C20635519516364263679706666849%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-175.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e84e86392dedabb58b03ca9595f9e0f6526bcc7ac205230c52118fda3b5863a6

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:12:04 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://extra.globo.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 604
expires: Tue, 15 Feb 2022 00:12:04 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 1066 1 KB
2 KB 37ms
37ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C63642636797066668491139416248%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d7bcf894d91618b32be0d2c224b91037a4984c720d04b0b17f51db4bfc4cd917

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 00:12:04 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://extra.globo.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1190
x-sticky-vk: 1644883924409003-398
Expires: Tue, 15 Feb 2022 00:12:04 GMT

OPTIONS t
t.lkqd.net/ Frame 0
0

POST t
t.lkqd.net/ Frame DA37 0
0

GET
H2 200 p
sb.scorecardresearch.com/ 64 B
441 B 39ms
38ms Image
image/gif 108.157.4.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=425925&ns_st_ec=1&ns_st_cn=1&ns_st_ev=end&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1644883926
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-121.dus51.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:04 GMT
via: 1.1 8080d8bfc581f6befaaa7736f6d0003e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: XlwqOwLua49hYoL78IGxVN26b4473BKuS_tr_9XnB-uJLSh1oe9wqw==

GET
H2 200 ad Show response
v.lkqd.net/ Frame FCCD 2 KB
2 KB 114ms
113ms XHR
application/xml 146.20.128.150
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fextra.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c5=&c6=59871&rnd=96820966&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 284878d524fcc2311c80413440f14b83da5cf8679b63732e1c8822fa51563a82

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:05 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://extra.globo.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1353

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2EF9 0
735 B 27ms
27ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 00:12:05 GMT
X-Proxy-Origin: 192.145.127.219; 192.145.127.219; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 65e0316a-e927-4fd1-b843-8ad80762c892
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame FBE5 230 KB
61 KB 18ms
18ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:05 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 21:06:56 GMT
etag: "cca1f428155a1f13b17a4684f2c8ef1c"
x-hw: 1644883925.cds203.ml1.hn,1644883925.cds020.ml1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62015

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame A567 5 KB
2 KB 18ms
18ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9

Response headers

date: Tue, 15 Feb 2022 00:12:05 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1644883925.cds203.ml1.hn,1644883925.cds223.ml1.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame FBE5 46 KB
4 KB 148ms
148ms XHR
application/json 146.20.128.150
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fextra.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c5=&c6=59871&rnd=96820966&m=&rtv=1&thost=extra.globo.com
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 5859ed7cc2f55408633e8786e4910a5d1a7db412216853f29634030a48010617

Request headers

Referer
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 15 Feb 2022 00:12:05 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://extra.globo.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 3956

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 111ms
111ms Preflight 146.20.128.150
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fextra.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c5=&c6=59871&rnd=96820966&m=&rtv=1&thost=extra.globo.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://extra.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 15 Feb 2022 00:12:05 GMT
content-length: 0
access-control-allow-origin: https://extra.globo.com
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET
H2 200 cs
cs.lkqd.net/ Frame A567 43 B
308 B 111ms
111ms Image
image/gif 146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:05 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame A567 43 B
308 B 112ms
112ms Image
image/gif 146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:05 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame A567 43 B
308 B 113ms
112ms Image
image/gif 146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:05 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame A567 43 B
308 B 112ms
112ms Image
image/gif 146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:05 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame A567
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3009117051563579705

43 B
308 B

111ms
111ms

Image
image/gif

146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3009117051563579705
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:05 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3009117051563579705
pragma: no-cache
date: Tue, 15 Feb 2022 00:12:04 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

POST t
t.lkqd.net/ Frame 03C0 0
0

OPTIONS t
t.lkqd.net/ Frame 0
0

GET
H3 200 av Show response
vidoomy-d.openx.net/v/1.0/ Frame 1066 48 B
77 B 37ms
37ms XHR
text/xml 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fextra.globo.com%2F&cb=709490613&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C78534937919370491031075251869,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:12:05 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://extra.globo.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ Frame 1066 67 B
1 KB 97ms
97ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=http%3A%2F%2Fextra.globo.com%2F&cb=1950013449&player_width=400&player_height=225&regs[gdpr]=&user[consent]=&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C82764877853493791937049103%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 00:12:05 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000277
X-SpotX-Timing-SpotMarket: 0.056468
X-SpotX-Timing-Page-Mux: 0.000980
X-SpotX-Timing-Page-Require: 0.000337
X-fe: 021
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000027
Content-Length: 77
X-SpotX-Timing-Page: 0.061346
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000278
Last-Modified: Tue, 15 Feb 2022 00:12:05 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.014047
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://extra.globo.com
X-SpotX-Timing-Page-Misc: 0.002970
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.042421
X-SpotX-Timing-Page-URI: 0.000009
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ Frame 1066 67 B
1 KB 40ms
39ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=http%3A%2F%2Fextra.globo.com%2F&cb=1125910934&player_width=400&player_height=225&regs[gdpr]=&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C7853493791937049103788256126%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 00:12:05 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000231
X-SpotX-Timing-SpotMarket: 0.004290
X-SpotX-Timing-Page-Mux: 0.000759
X-SpotX-Timing-Page-Require: 0.000283
X-fe: 125
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000002
Content-Length: 77
X-SpotX-Timing-Page: 0.007081
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000266
Last-Modified: Tue, 15 Feb 2022 00:12:05 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.004290
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://extra.globo.com
X-SpotX-Timing-Page-Misc: 0.001241
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000009
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 1066 986 B
862 B 29ms
29ms XHR
application/xml 2.21.141.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=http%3A%2F%2Fextra.globo.com%2F&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C7853493791937049103926141045%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-175.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 578c28e7c39d84409ccfe3a5db78f8e811e0cde4af72c07ef8eb2a91a37e02bc

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:12:05 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://extra.globo.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 604
expires: Tue, 15 Feb 2022 00:12:05 GMT

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 1066 987 B
863 B 34ms
33ms XHR
application/xml 2.21.141.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=http%3A%2F%2Fextra.globo.com%2F&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C20106465437853493791937049103%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-175.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: bad2a42341178bb80f585353f8ed525dd50181a20794bc0b2735cfe3dfe550d4

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 00:12:05 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://extra.globo.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 605
expires: Tue, 15 Feb 2022 00:12:05 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 1066 1 KB
2 KB 37ms
36ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C78534937919370491031360461931%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cab4446f7a53118323b19882e81730f98464d71658f83c93319275ae37830507

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 00:12:05 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://extra.globo.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1190
x-sticky-vk: 1644883925242033-419
Expires: Tue, 15 Feb 2022 00:12:05 GMT

OPTIONS t
t.lkqd.net/ Frame 0
0

POST t
t.lkqd.net/ Frame 03C0 0
0

GET
H2 200 ad Show response
v.lkqd.net/ Frame FCCD 2 KB
2 KB 113ms
113ms XHR
application/xml 146.20.128.150
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fextra.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c5=&c6=59871&rnd=46049102&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 21c9549ccf826e53bf84bbf89af8efefad065ba2714b42648d37b484e33e0640

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:06 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://extra.globo.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1355

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame DF1E 230 KB
61 KB 19ms
18ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:06 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 21:06:56 GMT
etag: "cca1f428155a1f13b17a4684f2c8ef1c"
x-hw: 1644883926.cds203.ml1.hn,1644883926.cds020.ml1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62015

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame E75B 5 KB
2 KB 17ms
17ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9

Response headers

date: Tue, 15 Feb 2022 00:12:06 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1644883926.cds203.ml1.hn,1644883926.cds223.ml1.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame DF1E 47 KB
4 KB 177ms
177ms XHR
application/json 146.20.128.150
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fextra.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c5=&c6=59871&rnd=46049102&m=&rtv=1&thost=extra.globo.com
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 3dfb7920639029ae7fa7fd92ce625ce6965d7668bfddf593410903b84f32732b

Request headers

Referer
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 15 Feb 2022 00:12:06 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://extra.globo.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 4298

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 111ms
111ms Preflight 146.20.128.150
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fextra.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c5=&c6=59871&rnd=46049102&m=&rtv=1&thost=extra.globo.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://extra.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 15 Feb 2022 00:12:06 GMT
content-length: 0
access-control-allow-origin: https://extra.globo.com
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET
H2 200 cs
cs.lkqd.net/ Frame E75B 43 B
308 B 113ms
112ms Image
image/gif 146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:06 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame E75B 43 B
308 B 111ms
110ms Image
image/gif 146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:06 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame E75B 43 B
308 B 113ms
112ms Image
image/gif 146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:06 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame E75B 43 B
308 B 113ms
112ms Image
image/gif 146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:06 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame E75B
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3009117051563579705

43 B
308 B

111ms
111ms

Image
image/gif

146.20.128.178
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3009117051563579705
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.178 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:12:06 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3009117051563579705
pragma: no-cache
date: Tue, 15 Feb 2022 00:12:05 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 3FC0 281 B
554 B 32ms
31ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 15 Feb 2022 00:12:06 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6388 15 KB
6 KB 25ms
25ms Document
text/html 2.21.141.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-175.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=75242
expires: Tue, 15 Feb 2022 21:06:08 GMT
date: Tue, 15 Feb 2022 00:12:06 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame C75C 52 KB
17 KB 16ms
15ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://extra.globo.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 14 Feb 2022 04:03:19 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 15 Feb 2022 00:12:06 GMT
Age: 72527
X-Served-By: cache-lga21964-LGA, cache-mxp6935-MXP
X-Cache: HIT, HIT
X-Cache-Hits: 1, 481084
X-Timer: S1644883926.483542,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame C75C 0
735 B 25ms
24ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS