urlscan.io logo urlscan.io
SecurityTrails logo

oglobo.globo.com Open in urlscan Pro
201.7.177.244  Public Scan

Go To Rescan Add Verdict Report
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-d...
Submission Tags: falconsandbox
Submission: On April 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 126 IPs in 12 countries across 92 domains to perform 467 HTTP transactions. The main IP is 201.7.177.244, located in Brazil and belongs to Globo Comunicacao e Participacoes SA, BR. The main domain is oglobo.globo.com. The Cisco Umbrella rank of the primary domain is 58997.
TLS certificate: Issued by R3 on March 12th 2023. Valid for: 3 months.
This is the only time oglobo.globo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 201.7.177.244 28604 (Globo Com...)
32 186.192.90.3 28604 (Globo Com...)
9 2a00:1450:400... 15169 (GOOGLE)
3 2a04:4e42::622 54113 (FASTLY)
4 2606:4700::68... 13335 (CLOUDFLAR...)
7 201.7.177.167 28604 (Globo Com...)
7 186.192.91.5 28604 (Globo Com...)
2 186.192.91.9 28604 (Globo Com...)
1 151.139.128.10 20446 (STACKPATH...)
3 35.190.14.224 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
2 23.0.93.68 16625 (AKAMAI-AS)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2606:4700::68... 13335 (CLOUDFLAR...)
7 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
5 65.9.66.122 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
6 23.35.236.201 16625 (AKAMAI-AS)
6 52.216.10.205 16509 (AMAZON-02)
3 147.75.83.64 54825 (PACKET)
1 5 13.32.99.23 16509 (AMAZON-02)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
6 34.246.143.122 16509 (AMAZON-02)
5 162.19.138.117 16276 (OVH)
1 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 9 2a02:2638:3::c 44788 (ASN-CRITE...)
1 178.250.1.11 44788 (ASN-CRITE...)
2 35.211.79.33 15169 (GOOGLE)
12 13.224.192.181 16509 (AMAZON-02)
2 34.254.57.28 16509 (AMAZON-02)
2 147.75.84.158 54825 (PACKET)
2 104.18.24.185 13335 (CLOUDFLAR...)
2 13 185.83.142.19 29990 (ASN-APPNEX)
2 34.107.148.139 396982 (GOOGLE-CL...)
4 185.64.189.112 62713 (AS-PUBMATIC)
4 216.52.2.6 30282 (AS-INAPCD...)
4 2602:803:c003... 26667 (RUBICONPR...)
1 35.244.159.8 15169 (GOOGLE)
4 184.30.134.95 16625 (AKAMAI-AS)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
8 3.232.54.224 14618 (AMAZON-AES)
2 162.19.138.119 16276 (OVH)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
4 65.9.99.209 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
10 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 146.75.116.193 54113 (FASTLY)
2 2 2600:1f18:730... 14618 (AMAZON-AES)
2 34.195.36.0 14618 (AMAZON-AES)
2 185.64.190.82 62713 (AS-PUBMATIC)
10 2a00:1450:400... 15169 (GOOGLE)
2 2600:1901:0:8... 15169 (GOOGLE)
1 52.205.24.151 14618 (AMAZON-AES)
10 23.37.42.132 16625 (AKAMAI-AS)
3 151.101.129.108 54113 (FASTLY)
1 3 185.64.190.78 62713 (AS-PUBMATIC)
1 1 185.29.134.244 30419 (MEDIAMATH...)
7 185.64.189.110 62713 (AS-PUBMATIC)
1 1 193.0.160.130 54312 (ROCKETFUEL)
6 185.64.190.80 62713 (AS-PUBMATIC)
1 1 178.250.1.9 44788 (ASN-CRITE...)
2 2 213.155.156.165 1299 (TWELVE99 ...)
1 1 2620:116:800d... 16509 (AMAZON-02)
9 11 172.217.18.2 15169 (GOOGLE)
1 2 34.247.20.4 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 52.7.221.164 14618 (AMAZON-AES)
3 4 37.157.6.253 198622 (ADFORM)
1 35.204.158.49 396982 (GOOGLE-CL...)
7 3.33.220.150 16509 (AMAZON-02)
4 4 69.173.144.165 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
3 5 69.173.144.139 26667 (RUBICONPR...)
2 4 52.46.155.104 16509 (AMAZON-02)
2 4 54.239.33.158 16509 (AMAZON-02)
1 4 2a05:d018:d29... 16509 (AMAZON-02)
1 1 34.110.201.227 396982 (GOOGLE-CL...)
3 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
10 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:239... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
20 151.101.193.44 54113 (FASTLY)
2 35.244.153.86 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 35.198.44.170 396982 (GOOGLE-CL...)
1 34.214.230.120 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 186.192.81.117 28604 (Globo Com...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.201.123.184 396982 (GOOGLE-CL...)
1 18.66.97.105 16509 (AMAZON-02)
1 34.235.225.153 14618 (AMAZON-AES)
1 2a04:4e42:400... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.250.107.128 16509 (AMAZON-02)
1 35.241.9.51 15169 (GOOGLE)
1 104.19.150.54 13335 (CLOUDFLAR...)
7 34.107.254.252 396982 (GOOGLE-CL...)
3 198.47.127.20 62713 (AS-PUBMATIC)
8 141.226.228.48 200478 (TABOOLA-AS)
1 52.216.208.233 16509 (AMAZON-02)
1 8.43.72.97 26667 (RUBICONPR...)
2 185.89.210.90 29990 (ASN-APPNEX)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 52.70.48.11 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
1 141.226.224.32 200478 (TABOOLA-AS)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 1 54.145.221.84 14618 (AMAZON-AES)
5 5 54.194.239.185 16509 (AMAZON-02)
1 1 185.86.138.152 201081 (SMARTADSE...)
1 1 198.148.27.139 19189 (PULSEPOINT)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.122 42697 (NETIC-AS)
2 2 141.94.171.215 16276 (OVH)
1 1 3.71.149.231 16509 (AMAZON-02)
3 3 3.120.68.67 16509 (AMAZON-02)
2 2 3.122.84.165 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 98.98.134.241 21859 (ZEN-ECN)
2 104.18.11.47 ()
1 2.18.235.93 ()
2 8 185.80.39.216 ()
1 1 70.42.32.255 ()
1 1 34.95.81.168 ()
1 2 54.228.21.106 ()
467 126
2    201.7.177.244 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
oglobo.globo.com
32    186.192.90.3 (Rio de Janeiro, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-90-3.prt.globo.com
s3.glbimg.com
9    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
3    2a04:4e42::622 (United States)

ASN54113 (FASTLY, US)
fast.appcues.com
4    2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
7    201.7.177.167 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
static.infoglobo.com.br
7    186.192.91.5 (Rio de Janeiro, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-91-5.prt.globo.com
barra.globo.com
s.glbimg.com
2    186.192.91.9 (Rio de Janeiro, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-91-9.prt.globo.com
s2.glbimg.com
1    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
cdn.petametrics.com
3    35.190.14.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.14.190.35.bc.googleusercontent.com
query.petametrics.com
24    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    23.0.93.68 (Munich, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-0-93-68.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
2    2606:4700::6811:bab1 (United States)

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
2    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
6    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
www.googletagservices.com
5    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
5f8d30e863cbf3471191a33651e10ff7.safeframe.googlesyndication.com
b774b7a62013a922a4e2d4e5e43d8c2a.safeframe.googlesyndication.com
0888e00a708091e2c6bb64e9954cefd0.safeframe.googlesyndication.com
4    2a02:26f0:480:392::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.cxense.com
2    2606:4700::6810:2a41 (United States)

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
7    2606:4700::6811:b6b1 (United States)

ASN13335 (CLOUDFLARENET, US)
buy.tinypass.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
5    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
5    65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:2250:3e00:a:e047:752:b361 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
6    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    52.216.10.205 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
3    147.75.83.64 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
p1cluster.cxense.com
comcluster.cxense.com
id.cxense.com
5    13.32.99.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-23.fra60.r.cloudfront.net
sb.scorecardresearch.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
6    34.246.143.122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-143-122.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
id.crwdcntrl.net
5    162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
id5-sync.com
1    2606:4700:e0::ac40:640c (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
9    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    35.211.79.33 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 33.79.211.35.bc.googleusercontent.com
horizon.globo.com
horizon-track.globo.com
12    13.224.192.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-181.fra2.r.cloudfront.net
c.amazon-adsystem.com
2    34.254.57.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-57-28.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
2    147.75.84.158 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
13    185.83.142.19 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
4    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    216.52.2.6 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
4    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
4    184.30.134.95 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-134-95.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
4    2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
8    3.232.54.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-54-224.compute-1.amazonaws.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
2    162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
lb.eu-1-id5-sync.com
2    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
4    65.9.99.209 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-99-209.prg50.r.cloudfront.net
aax.amazon-adsystem.com
1    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
10    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    146.75.116.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
2    2600:1f18:730:b120:ab75:64db:b6e2:17e3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
2    34.195.36.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-36-0.compute-1.amazonaws.com
rp4.liadm.com
2    185.64.190.82 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
10    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
lexicon.33across.com
1    52.205.24.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-24-151.compute-1.amazonaws.com
idx.liadm.com
10    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
7    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
6    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    213.155.156.165 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
11    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
cm.g.doubleclick.net
2    34.247.20.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-20-4.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    52.7.221.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-221-164.compute-1.amazonaws.com
a.audrte.com
4    37.157.6.253 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
dmp.adform.net
c1.adform.net
1    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
7    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
5    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    54.239.33.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    2a05:d018:d29:3605:ba5:3c85:9cb8:2168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    34.110.201.227 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 227.201.110.34.bc.googleusercontent.com
id.globo.com
3    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
10    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
10    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
3    2606:4700:10::6816:1c97 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.targeting.voxus.com.br
targeting.voxus.com.br
1    2a00:1450:4001:830::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gadasource.storage.googleapis.com
2    2600:9000:2396:2000:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    2606:4700:10::6816:35fc (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.quantummetric.com
20    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
widget.perfectmarket.com
trc.taboola.com
vidstat.taboola.com
imprammp.taboola.com
2    35.244.153.86 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 86.153.244.35.bc.googleusercontent.com
cocoon.globo.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
2    35.198.44.170 (São Paulo, Brazil)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 170.44.198.35.bc.googleusercontent.com
usergate.globo.com
1    34.214.230.120 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-214-230-120.us-west-2.compute.amazonaws.com
ivccf.ivcbrasil.org.br
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    186.192.81.117 (Rio de Janeiro, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-81-117.prt.globo.com
horizon-schemas.globo.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2606:4700::6810:ef3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
usr.navdmp.com
cdn.navdmp.com
1    35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com
tags.t.tailtarget.com
1    18.66.97.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-105.fra56.r.cloudfront.net
hb.undertone.com
1    34.235.225.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-225-153.compute-1.amazonaws.com
ping.chartbeat.net
1    2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
1    2606:4700::6812:1af (United States)

ASN13335 (CLOUDFLARENET, US)
d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
1    34.250.107.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-107-128.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co
1    104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
7    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
3    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
8    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
1    52.216.208.233 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
hcode-marketing.s3.amazonaws.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
targeting.voxus.tv
1    52.70.48.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-48-11.compute-1.amazonaws.com
api.voxus.tv
1    2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)
onesignal.com
1    2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    85.114.159.93 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    54.145.221.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-221-84.compute-1.amazonaws.com
sync.srv.stackadapt.com
5    54.194.239.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-239-185.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    185.86.138.152 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.51.122 (Norresundby, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    141.94.171.215 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh
pixel.onaudience.com
1    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    3.120.68.67 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-68-67.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    3.122.84.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-84-165.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
1    2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
2    104.18.11.47 (None, )

ASN- ()
js-sec.indexww.com
cdn.indexww.com
1    2.18.235.93 (None, )

ASN- ()
contextual.media.net
8    185.80.39.216 (None, )

ASN- ()
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
1    70.42.32.255 (None, )

ASN- ()
b1sync.zemanta.com
1    34.95.81.168 (None, )

ASN- ()
euexchangesync.digitaleast.mobi
2    54.228.21.106 (None, )

ASN- ()
dpm.demdex.net
Apex Domain
Subdomains		 Transfer
40 glbimg.com
s3.glbimg.com — Cisco Umbrella Rank: 89416
s2.glbimg.com — Cisco Umbrella Rank: 76514
s.glbimg.com — Cisco Umbrella Rank: 106225
1 MB
36 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
494 KB
31 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 725
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 729
t.pubmatic.com — Cisco Umbrella Rank: 4613
image6.pubmatic.com — Cisco Umbrella Rank: 1037
simage2.pubmatic.com — Cisco Umbrella Rank: 976
image2.pubmatic.com — Cisco Umbrella Rank: 1377
simage4.pubmatic.com — Cisco Umbrella Rank: 1660
image4.pubmatic.com — Cisco Umbrella Rank: 1704
366 KB
28 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1073
trc.taboola.com — Cisco Umbrella Rank: 839
vidstat.taboola.com — Cisco Umbrella Rank: 3230
am-trc-events.taboola.com — Cisco Umbrella Rank: 11067
imprammp.taboola.com — Cisco Umbrella Rank: 9813
am-match.taboola.com — Cisco Umbrella Rank: 10983
am-vid-events.taboola.com — Cisco Umbrella Rank: 9840
pips.taboola.com — Cisco Umbrella Rank: 1900
cds.taboola.com — Cisco Umbrella Rank: 2362
312 KB
26 rubiconproject.com
ads.rubiconproject.com — Cisco Umbrella Rank: 3003
fastlane.rubiconproject.com — Cisco Umbrella Rank: 677
eus.rubiconproject.com — Cisco Umbrella Rank: 798
token.rubiconproject.com — Cisco Umbrella Rank: 795
pixel.rubiconproject.com — Cisco Umbrella Rank: 447
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1475
178 KB
24 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 361
aax.amazon-adsystem.com — Cisco Umbrella Rank: 455
s.amazon-adsystem.com — Cisco Umbrella Rank: 376
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 994
254 KB
19 googlesyndication.com
5f8d30e863cbf3471191a33651e10ff7.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
b774b7a62013a922a4e2d4e5e43d8c2a.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
0888e00a708091e2c6bb64e9954cefd0.safeframe.googlesyndication.com
82 KB
18 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 319
acdn.adnxs.com — Cisco Umbrella Rank: 806
secure.adnxs.com — Cisco Umbrella Rank: 604
67 KB
13 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1550
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1323
sync.crwdcntrl.net — Cisco Umbrella Rank: 1149
id.crwdcntrl.net
60 KB
12 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
region1.google-analytics.com — Cisco Umbrella Rank: 1718
21 KB
11 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 442
mug.criteo.com — Cisco Umbrella Rank: 1686
dis.criteo.com — Cisco Umbrella Rank: 941
9 KB
11 globo.com
oglobo.globo.com — Cisco Umbrella Rank: 58997
barra.globo.com — Cisco Umbrella Rank: 270543
horizon.globo.com — Cisco Umbrella Rank: 87836
id.globo.com — Cisco Umbrella Rank: 219320
cocoon.globo.com — Cisco Umbrella Rank: 130334
usergate.globo.com — Cisco Umbrella Rank: 121260
horizon-schemas.globo.com — Cisco Umbrella Rank: 90751
horizon-track.globo.com — Cisco Umbrella Rank: 70587
108 KB
10 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 344
94 KB
10 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
342 KB
10 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 768
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
8 KB
10 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1319
id5-sync.com — Cisco Umbrella Rank: 612
87 KB
9 google.com
adservice.google.com — Cisco Umbrella Rank: 130
www.google.com — Cisco Umbrella Rank: 16
ampcid.google.com — Cisco Umbrella Rank: 2680
3 KB
9 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 9775
cdn.tinypass.com — Cisco Umbrella Rank: 7704
buy.tinypass.com — Cisco Umbrella Rank: 8485
159 KB
9 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 322
164 KB
8 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 3232
api.permutive.com — Cisco Umbrella Rank: 2596
19 KB
8 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 1019
2 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 451
2 KB
7 amazonaws.com
s3.amazonaws.com
hcode-marketing.s3.amazonaws.com — Cisco Umbrella Rank: 168682
1021 KB
7 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 5988
p1cluster.cxense.com — Cisco Umbrella Rank: 13497
comcluster.cxense.com — Cisco Umbrella Rank: 6880
id.cxense.com — Cisco Umbrella Rank: 11290
76 KB
7 google.de
adservice.google.de — Cisco Umbrella Rank: 5261
ampcid.google.de — Cisco Umbrella Rank: 43848
www.google.de — Cisco Umbrella Rank: 3425
2 KB
7 infoglobo.com.br
static.infoglobo.com.br — Cisco Umbrella Rank: 389514
74 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 825
3 KB
5 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689
ups.analytics.yahoo.com — Cisco Umbrella Rank: 402
2 KB
5 liadm.com
rp.liadm.com — Cisco Umbrella Rank: 2091
rp4.liadm.com — Cisco Umbrella Rank: 5523
idx.liadm.com — Cisco Umbrella Rank: 3099
3 KB
5 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 218
4 KB
5 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3572
onesignal.com — Cisco Umbrella Rank: 1047
83 KB
4 adform.net
dmp.adform.net — Cisco Umbrella Rank: 3752
c1.adform.net — Cisco Umbrella Rank: 908
3 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3102
3 KB
4 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 3273
38 KB
4 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1680
69 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 883
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 238
195 KB
4 petametrics.com
cdn.petametrics.com — Cisco Umbrella Rank: 19597
query.petametrics.com — Cisco Umbrella Rank: 20070
49 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 427
1 KB
3 voxus.tv
targeting.voxus.tv — Cisco Umbrella Rank: 158402
api.voxus.tv — Cisco Umbrella Rank: 150342
21 KB
3 navdmp.com
tag.navdmp.com — Cisco Umbrella Rank: 25684
usr.navdmp.com — Cisco Umbrella Rank: 29308
cdn.navdmp.com — Cisco Umbrella Rank: 8329
6 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 2090
mab.chartbeat.com — Cisco Umbrella Rank: 3436
25 KB
3 voxus.com.br
cdn.targeting.voxus.com.br — Cisco Umbrella Rank: 234297
targeting.voxus.com.br — Cisco Umbrella Rank: 83948
12 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24171
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 30620
898 B
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 4186
a.ad.gt — Cisco Umbrella Rank: 4166
4 KB
3 media.net
prebid.media.net — Cisco Umbrella Rank: 1912
contextual.media.net
10 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 3166
google-bidout-d.openx.net — Cisco Umbrella Rank: 3148
767 B
3 appcues.com
fast.appcues.com — Cisco Umbrella Rank: 12891
129 KB
2 demdex.net
dpm.demdex.net
2 KB
2 indexww.com
js-sec.indexww.com
cdn.indexww.com
2 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 5985
1 KB
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3590
972 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1965
1 KB
2 perfectmarket.com
widget.perfectmarket.com — Cisco Umbrella Rank: 3999
34 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
gadasource.storage.googleapis.com — Cisco Umbrella Rank: 150383
25 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 6958
562 B
2 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1915
351 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1293
806 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1379
435 B
2 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 982
1 KB
2 piano.io
c2.piano.io — Cisco Umbrella Rank: 7114
5 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 474
3 KB
1 digitaleast.mobi
euexchangesync.digitaleast.mobi
269 B
1 zemanta.com
b1sync.zemanta.com
309 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 985
187 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4856
104 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3683
383 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 866
706 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 774
790 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1009
940 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2062
524 B
1 prmutv.co
d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co — Cisco Umbrella Rank: 251480
394 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 807
337 B
1 permutive.app
d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app — Cisco Umbrella Rank: 139573
254 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1521
201 B
1 undertone.com
hb.undertone.com — Cisco Umbrella Rank: 4595
560 B
1 tailtarget.com
tags.t.tailtarget.com — Cisco Umbrella Rank: 85943
11 KB
1 ivcbrasil.org.br
ivccf.ivcbrasil.org.br — Cisco Umbrella Rank: 228906
461 B
1 quantummetric.com
cdn.quantummetric.com — Cisco Umbrella Rank: 2240
76 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 733
648 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1223
610 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1063
588 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1325
795 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 744
737 B
1 imgur.com
i.imgur.com — Cisco Umbrella Rank: 5166
270 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 9534
3 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 3991
2 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 763
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 3353
8 KB
0 ipify.org Failed
api.ipify.org Failed
0 rlcdn.com Failed
api.rlcdn.com Failed
0 zqtk.net Failed
aps.zqtk.net Failed
467 92
Domain Requested by
32 s3.glbimg.com oglobo.globo.com
s3.glbimg.com
static.infoglobo.com.br
s.glbimg.com
barra.globo.com
buy.tinypass.com
www.googletagmanager.com
24 securepubads.g.doubleclick.net s3.glbimg.com
securepubads.g.doubleclick.net
oglobo.globo.com
www.googletagservices.com
14 cdn.taboola.com oglobo.globo.com
cdn.taboola.com
client
13 ib.adnxs.com 2 redirects ads.pubmatic.com
s3.amazonaws.com
acdn.adnxs.com
s3.glbimg.com
12 c.amazon-adsystem.com s3.amazonaws.com
c.amazon-adsystem.com
11 cm.g.doubleclick.net 9 redirects oglobo.globo.com
10 cdnjs.cloudflare.com buy.tinypass.com
10 www.googletagmanager.com s3.glbimg.com
www.googletagmanager.com
10 eus.rubiconproject.com s3.amazonaws.com
eus.rubiconproject.com
am-match.taboola.com
imprammp.taboola.com
ads.pubmatic.com
10 www.google-analytics.com oglobo.globo.com
www.google-analytics.com
10 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
oglobo.globo.com
www.googletagservices.com
9 gum.criteo.com 1 redirects static.criteo.net
s3.amazonaws.com
cdn.taboola.com
ads.pubmatic.com
9 cdn.ampproject.org oglobo.globo.com
s3.glbimg.com
8 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
7 api.permutive.com s3.glbimg.com
7 match.adsrvr.org ads.pubmatic.com
oglobo.globo.com
am-match.taboola.com
imprammp.taboola.com
ssum-sec.casalemedia.com
7 simage2.pubmatic.com ads.pubmatic.com
7 buy.tinypass.com cdn.tinypass.com
buy.tinypass.com
7 static.infoglobo.com.br oglobo.globo.com
static.infoglobo.com.br
6 am-trc-events.taboola.com oglobo.globo.com
6 image2.pubmatic.com ads.pubmatic.com
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
oglobo.globo.com
6 s3.amazonaws.com securepubads.g.doubleclick.net
6 ads.pubmatic.com securepubads.g.doubleclick.net
s3.amazonaws.com
ads.pubmatic.com
6 s.glbimg.com oglobo.globo.com
s.glbimg.com
5 match.prod.bidr.io 5 redirects
5 pixel.rubiconproject.com 3 redirects oglobo.globo.com
5 id5-sync.com cdn.id5-sync.com
s3.amazonaws.com
ads.pubmatic.com
5 bcp.crwdcntrl.net tags.crwdcntrl.net
5 sb.scorecardresearch.com 1 redirects oglobo.globo.com
cdn.taboola.com
5 tags.crwdcntrl.net securepubads.g.doubleclick.net
oglobo.globo.com
5 cdn.id5-sync.com securepubads.g.doubleclick.net
oglobo.globo.com
5 adservice.google.com securepubads.g.doubleclick.net
5 adservice.google.de securepubads.g.doubleclick.net
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 pr-bh.ybp.yahoo.com 1 redirects am-match.taboola.com
imprammp.taboola.com
ads.pubmatic.com
4 aax-eu.amazon-adsystem.com 2 redirects oglobo.globo.com
ads.pubmatic.com
4 s.amazon-adsystem.com 2 redirects oglobo.globo.com
ssum-sec.casalemedia.com
4 token.rubiconproject.com 4 redirects
4 a.audrte.com 3 redirects ads.pubmatic.com
4 aax.amazon-adsystem.com c.amazon-adsystem.com
4 cdn.hadronid.net oglobo.globo.com
4 secure.cdn.fastclick.net oglobo.globo.com
4 fastlane.rubiconproject.com ads.pubmatic.com
s3.amazonaws.com
4 ap.lijit.com ads.pubmatic.com
s3.amazonaws.com
4 hbopenbid.pubmatic.com ads.pubmatic.com
s3.amazonaws.com
4 www.googletagservices.com securepubads.g.doubleclick.net
4 cdn.cxense.com cdn.tinypass.com
cdn.cxense.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 x.bidswitch.net 3 redirects
3 c1.adform.net 2 redirects ads.pubmatic.com
3 image6.pubmatic.com 1 redirects ads.pubmatic.com
3 acdn.adnxs.com s3.amazonaws.com
ads.pubmatic.com
3 www.google.com tpc.googlesyndication.com
oglobo.globo.com
3 query.petametrics.com oglobo.globo.com
3 onesignal.com cdn.onesignal.com
s3.glbimg.com
3 fast.appcues.com oglobo.globo.com
fast.appcues.com
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 ads.creative-serving.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 targeting.voxus.tv targeting.voxus.com.br
targeting.voxus.tv
2 secure.adnxs.com oglobo.globo.com
2 simage4.pubmatic.com ads.pubmatic.com
2 targeting.voxus.com.br s3.glbimg.com
cdn.targeting.voxus.com.br
2 trc.taboola.com s3.glbimg.com
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
2 usergate.globo.com s3.glbimg.com
2 region1.google-analytics.com www.googletagmanager.com
2 cocoon.globo.com s3.glbimg.com
2 static.chartbeat.com oglobo.globo.com
2 cr.frontend.weborama.fr 2 redirects
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 lexicon.33across.com s3.amazonaws.com
2 t.pubmatic.com ads.pubmatic.com
2 rp4.liadm.com oglobo.globo.com
2 rp.liadm.com 2 redirects
2 id.hadron.ad.gt cdn.hadronid.net
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
s3.amazonaws.com
2 prebid.media.net ads.pubmatic.com
2 htlb.casalemedia.com ads.pubmatic.com
2 prebid.a-mo.net ads.pubmatic.com
2 pixel.adsafeprotected.com ads.pubmatic.com
2 oajs.openx.net 1 redirects oglobo.globo.com
2 c2.piano.io cdn.tinypass.com
2 cdn.jsdelivr.net ads.rubiconproject.com
securepubads.g.doubleclick.net
2 ads.rubiconproject.com s3.glbimg.com
ads.rubiconproject.com
2 s2.glbimg.com oglobo.globo.com
2 cdn.onesignal.com oglobo.globo.com
cdn.onesignal.com
2 oglobo.globo.com s3.glbimg.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 euexchangesync.digitaleast.mobi 1 redirects
1 b1sync.zemanta.com 1 redirects
1 contextual.media.net ads.pubmatic.com
1 js-sec.indexww.com ads.pubmatic.com
1 id.crwdcntrl.net ads.pubmatic.com
1 pixel-sync.sitescout.com ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 image4.pubmatic.com ads.pubmatic.com
1 ups.analytics.yahoo.com 1 redirects
1 mwzeom.zeotap.com ads.pubmatic.com
1 bh.contextweb.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 cds.taboola.com s3.glbimg.com
1 pips.taboola.com s3.glbimg.com
1 api.voxus.tv s3.glbimg.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 hcode-marketing.s3.amazonaws.com oglobo.globo.com
1 am-vid-events.taboola.com oglobo.globo.com
1 am-match.taboola.com vidstat.taboola.com
1 imprammp.taboola.com vidstat.taboola.com
1 vidstat.taboola.com cdn.taboola.com
1 horizon-track.globo.com s3.glbimg.com
1 0888e00a708091e2c6bb64e9954cefd0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cdn.permutive.com s3.glbimg.com
1 d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co s3.glbimg.com
1 beacon.krxd.net tag.navdmp.com
1 cdn.navdmp.com tag.navdmp.com
1 d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app s3.glbimg.com
1 mab.chartbeat.com s3.glbimg.com
1 usr.navdmp.com tag.navdmp.com
1 ping.chartbeat.net oglobo.globo.com
1 hb.undertone.com ads.pubmatic.com
1 tags.t.tailtarget.com s3.glbimg.com
1 tag.navdmp.com s3.glbimg.com
1 www.google.de oglobo.globo.com
1 horizon-schemas.globo.com s3.glbimg.com
1 stats.g.doubleclick.net s3.glbimg.com
1 ivccf.ivcbrasil.org.br oglobo.globo.com
1 ampcid.google.de s3.glbimg.com
1 cdn.quantummetric.com oglobo.globo.com
1 gadasource.storage.googleapis.com oglobo.globo.com
1 cdn.targeting.voxus.com.br www.googletagmanager.com
1 ampcid.google.com s3.glbimg.com
1 fonts.googleapis.com buy.tinypass.com
1 id.globo.com 1 redirects
1 px.ads.linkedin.com oglobo.globo.com
1 um.simpli.fi ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 dis.criteo.com 1 redirects
1 p.rfihub.com 1 redirects
1 sync.mathtag.com 1 redirects
1 idx.liadm.com s3.amazonaws.com
1 i.imgur.com oglobo.globo.com
1 b774b7a62013a922a4e2d4e5e43d8c2a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 a.ad.gt cdn.hadronid.net
1 google-bidout-d.openx.net oa.openxcdn.net
1 horizon.globo.com oglobo.globo.com
1 mug.criteo.com oglobo.globo.com
1 id.cxense.com cdn.cxense.com
1 comcluster.cxense.com cdn.cxense.com
1 www.npttech.com static.infoglobo.com.br
1 p1cluster.cxense.com cdn.cxense.com
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.tinypass.com experience.tinypass.com
1 5f8d30e863cbf3471191a33651e10ff7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 experience.tinypass.com static.infoglobo.com.br
1 cdn.petametrics.com oglobo.globo.com
1 barra.globo.com oglobo.globo.com
0 api.ipify.org Failed s3.glbimg.com
0 api.rlcdn.com Failed s3.amazonaws.com
0 aps.zqtk.net Failed oglobo.globo.com
467 170
Subject Issuer Validity Valid
oglobo.globo.com
R3		 2023-03-12 -
2023-06-10		 3 months crt.sh
s3.glbimg.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-05-21 -
2023-05-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
fast.appcues.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-01 -
2023-12-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-03 -
2023-06-02		 a year crt.sh
*.infoglobo.com.br
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-11-01 -
2023-11-01		 a year crt.sh
barra.globo.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-06-04 -
2023-06-04		 a year crt.sh
*.glbimg.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-05-29 -
2023-05-30		 a year crt.sh
cdn.liftigniter.com
R3		 2023-02-26 -
2023-05-27		 3 months crt.sh
*.liftigniter.com
R3		 2023-04-08 -
2023-07-07		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.cxense.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-13		 a year crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2023-03-27 -
2024-03-26		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-03-30 -
2023-06-28		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-02-25 -
2023-05-26		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2022-12-06 -
2023-12-05		 a year crt.sh
*.scorecardresearch.com
Amazon RSA 2048 M02		 2023-03-01 -
2024-01-28		 a year crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
horizon.globo.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-10-22 -
2023-10-23		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
*.a-mo.net
R3		 2023-04-13 -
2023-07-12		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
*.hadronid.net
GTS CA 1P5		 2023-04-11 -
2023-07-10		 3 months crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-13 -
2024-03-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-04-13 -
2023-07-12		 3 months crt.sh
*.liadm.com
Amazon RSA 2048 M01		 2023-02-21 -
2023-10-29		 8 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
voxus.com.br
Cloudflare Inc ECC CA-3		 2023-04-08 -
2024-04-07		 a year crt.sh
*.storage.googleapis.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
cocoon.globo.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-25 -
2023-09-26		 a year crt.sh
usergate.globo.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-05-13 -
2023-05-13		 a year crt.sh
*.ivcbrasil.org.br
Amazon RSA 2048 M01		 2023-02-08 -
2023-06-29		 5 months crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-27 -
2023-10-29		 a year crt.sh
horizon-schemas.globo.com
RapidSSL TLS RSA CA G1		 2023-03-15 -
2024-03-15		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-10 -
2023-07-10		 a year crt.sh
*.undertone.com
Amazon RSA 2048 M02		 2023-03-01 -
2023-10-01		 7 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2023-03-11 -
2023-06-09		 3 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.prmutv.co
R3		 2023-03-14 -
2023-06-12		 3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
api.permutive.com
R3		 2023-04-17 -
2023-07-16		 3 months crt.sh
horizon-track.globo.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-10-23 -
2023-10-24		 a year crt.sh
*.s3.amazonaws.com
Amazon		 2022-09-21 -
2023-08-26		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
api.voxus.tv
Amazon RSA 2048 M01		 2023-03-19 -
2024-04-17		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh

This page contains 51 frames:

Primary Page: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Frame ID: 7FD8EB875C2B0A4D1759F5C340118FE1
Requests: 207 HTTP requests in this frame

Frame: https://5f8d30e863cbf3471191a33651e10ff7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8D20C330B4F7B8C51CD348F47EFE4D85
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 479819AA3D64566F307CE6A5BDB95195
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcnXpNX9GinzV-6aTGK23zvVmetBoeCVpdTS0dtSh6CGdJquEiweWG3992VTG7ezc0hzZmNeWh-8QvFEqx_csgcAlOdSBKzrhAEHjhDREEm4DAJSdFDCQt8DfbSJMR824xZHiFXLC9-Vp3WdoNTqNh2F2hLoYd-yuzApTZg12K6U_JH9Xzwo0f-WfX2JU2VRjmQ1NXZEsO7KN_FWG8-jYT2qg-sl45E2yhHh-2wDFkM1huZIaznPg1AynE0D2lBTvoPYH_ZBI20z1nst_JOLJwK5Ylgds1tDRyZQK4nR415CIcMJWf_2vyU4X68nOkIhLH9jOOSjDWyiMIjNbLUzMLfYWhYw0FeYc9TplUAdsTuJx2&sai=AMfl-YR8OdRoSCQxXpcGKAY89zjdSE3VNOv8o8f8sdvPq1ia5vLe0qo03hczpyxKjKF6krm4hiaA5dA6y-iDOhSwQZUFx4uLJ3iBprj-mNrS8ZWObQGWv7Gucgc_CpX79dbxC2GRGPVmsxajJzizIrv5&sig=Cg0ArKJSzK1CUXajm4KXEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 1080744DA3EACFA59A4B1BE071FDA7DA
Requests: 43 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=oglobo.globo.com
Frame ID: 3CD3E688C2DB01E64A7269569FCD8091
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: D63385CA2F73B38ACACAAC26161746A6
Requests: 1 HTTP requests in this frame

Frame: https://b774b7a62013a922a4e2d4e5e43d8c2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 50C97A70CED3FAA45EBF76CC8843397A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIBf7hXftft1yLiNtAnXb6AW8MggFkPkfhbw_TL46BGElYkGG9seCtvx9w4rOwzzlnFzaKzwPmg_vD86PgEd3m1OxPgrB29s3NKWZmUfPzdoKLC6c6ymAhLRKj9DSZsLBZingMq3WszJ6B6HJXo-fnYh9m_PVvZBa78kGGTsvFMOZclrl7NyAkfZkQWPwvqFLYFwyI6AFua1fakzesmV7Z5ZsjFOBF9UXT1rAaxuPltyD97j7V5bQFFMOZaUlBmMkO-SswZxEa6K_1z8dweLWciAHDWv0pAWMkEav3z-X0DqxmHsD9IuA_RC59YNtrVZdY6RScc18DKzks3lJhcn201nMjtLYeSQ&sai=AMfl-YQ0bDDsEIMe-N8MlArcq__i-NLqP4rBnCaoSiQgBb4YoESy24Vi0lWoiZzT0jKkbcBN4qz5k2ce2L3Tg9r8G3pyZ4aj6eyK0qlTsDziJKbADsdr95hAJthbrwhCAfE&sig=Cg0ArKJSzIYX0qOkjRBlEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6F312362F7A7B7FDC4219B2B94B0883A
Requests: 29 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FAA3680E616274B38A6C770FE8EABD1F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 33E4EF4BCE2046194C780F6710D15C80
Requests: 2 HTTP requests in this frame

Frame: https://i.imgur.com/OQER25S.png
Frame ID: CFC91997971D91C9168EE2199C861A06
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Frame ID: 2ECFE2AF658154FC2F102215671CF62C
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 399A6CB75510C664384C6058D372D82D
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9B7916C18A1582F27B5DDA17D73D2CDE
Requests: 3 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c5e36440-226f-4800-bacb-9b0604c28d1c&gdpr=0&gdpr_consent=
Frame ID: 7F8AD4132009B6BF1229C56358BA27E0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210824591752155
Frame ID: 56ED8A76B2A21F4B4298F38ADA7F4160
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 4AC82A509686986C0DA946E3EF1BA237
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5256627883620175868
Frame ID: FFF0CC4617C1E7BE33C3FC6A1B91CAD5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=iKQ3vYyiNeuTqTboiaQu74-oYOmTo2e9i6E-IWiC
Frame ID: E503E5A672F7856C624585F5E8281A76
Requests: 1 HTTP requests in this frame

Frame: https://oglobo.globo.com/login-callback.ghtml
Frame ID: 0D66F1388C6880116C9D408CA82090C8
Requests: 2 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTSXB1FQGFV1&templateVariantId=OTVO3AKU5N2PV&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_bd8fd1780b11a0e65b95-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Frame ID: 8F412A688A5D4559B6DD03F18F7C6470
Requests: 19 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-P4R423
Frame ID: CBD4FADD92D88F95E2CF816863753AE4
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-NXVN776&ancestors=GTM-P4R423&restrictions=&gtm.url=https%3A%2F%2Foglobo.globo.com%2F
Frame ID: 3EB0CB5ADBBCE68A1E0E8447E996168E
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-WSJ4QJD&ancestors=GTM-P4R423&restrictions=&gtm.url=https%3A%2F%2Foglobo.globo.com%2F
Frame ID: 0767028D4145E33B078B465B56B51E2C
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-M3GJS46&ancestors=GTM-P4R423&restrictions=&gtm.url=https%3A%2F%2Foglobo.globo.com%2F
Frame ID: C10303968FC4F289A982B4D20F5EB168
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4JXgZHGuSozax8tDaWglLmVihScdiSxNi-eK44yJDgDXFxHlavH0fPANO2K6QGS71eX-Y_B58OvQlBuwyJii32aWwN-NBw2HydYT0QPeAvHBm3bas9YQUpG8H60JbFZo_RfMHJBfQaio14NMn2aBr2D7iaASGQ6I815HpMIwHahuIGzstNa_eI3nktWMs2CuOmDQPx5P6EJoyS6ZjKtxo0Rk-AlTNS_VYabwoKo_bVYZp78ZlKpzKjXfz705yNP4XB-yT5nNtMXWAa4VUYWHbOwtKuPHZKKxaPhDFoFrFyfvpZvZzk-5ah1E0fUljgMf0qoVV_2v_jAiv_4UovuCe7Q8vL4Fm5YEMou4CkCOONMMw&sai=AMfl-YQGZHd3BtflR3nL_SoUVdCRLBR1Fvh2AiVgc3stoI0-bs-rRw6dnVisou06R_SBBuZCYaogDVAoUMby_qmAjIhTCb_fA9KEdZqKP5IRUKutRyGvjVieJMzpH38SwFQ&sig=Cg0ArKJSzAnT4NKlGG6VEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 3752705C056D1863F9C56126F056085B
Requests: 37 HTTP requests in this frame

Frame: https://0888e00a708091e2c6bb64e9954cefd0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 95CA1A8A84A19CF2CE2FA9B45CA9382F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8B1B7163B0E8CFF2D92B8E4A96C521F4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AC6F6FF70C185718E1311FFCCB47D9CE
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstXEmXSZC3iMFiqAY9acCEe2QMEYyuQaiDKgJhv6z1EQJnUbCudYDbjt5tutcL_G6wYSOdjQOeysE-6quWk7dT_DHnxguLWQ_2dTaJ2kGdAvZvhsNm1WqDz36Nhi-7SXh3KsJ5Q3V9ZQ4AM9dJOc3nkpotoE7sgIq5h1ivJL1VzK28eg9_2pJ24wC7x3Uae5x4473wutEdkLEiPSYXPDg9cA5V73suw88VOPtifmiuRyX3-cDaEJDW4qpomuTZicBMPFNXyKymrtqn9d5DCT_IqL7ZeXqjeuvMpBESOPuBKKqlVNQ5It1O2oxZYtiZZPArOL63wsTLiTrpUwstwDcE6CwVpKzl0EPHM4Axnyg&sai=AMfl-YROZBuQ9FwnHVA86Q7me7mppcDgIXpzw5kKtPE6YUOwQeqaUcd9IIHcRy4pKvGtpQ8v1OLvYk6JJ00hdhIXFIp5bQxF-apShThhiIZlp_5Qg_6OCM9NaDbcaphfZ08&sig=Cg0ArKJSzC-Vyu1vvO0XEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2EE156314FF5DAAB1C59C63ACF98C5D5
Requests: 25 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8ITECLAZwwcG5xfOkFRDggoNzi-dJKygAAABgYID-AMlMbBvbzLhZCzYz51o0ctnWEuPK5lasBrPRbjSbbHwrIyCZiW1jmxk3a8Fm5lyLRi7bWmJc2dyK1WA22o1mk41vZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwROoul0-Fz3er3P7Lf47Tqz3-K3a_xuv8Ts93n-Yofr8ndLHZaT0-0X_D2nv2Qw2ewFo73Q4fG6LJ-3wu1yeBxut-xhdprcGpfl9LQ5PQ6T3_Jwyx1ukctleOteFrfC8Pe8RS-76WF62h5ukcutMD0cr5db47S4LHeX6enx23VG09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcTgIy9_sedn9AQAAAAAEAAAAAAmAAt7TEgAfZzMn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8huf7_g5bEqYBECiyLMAIAAACQLae9cWSSTlCxqPL__99vBeAKAEDAoabhIkMW3UGJtzAAAAAGYxboYfH7zQ67xu92mf________9_M_9n_tEINemFpwl6uFZQ8wsIALDmFxAAgI26AQB4IwAn6BC0YjBYHYXYDWeD3WQwnM0OAAAAwJ3___9_PSBhc6yMk5nFNxyMlovdxGNzbiwzy8jkmDg8E9_Ie3B-7zcZndqM-oQIy-z3HRSU09NjdhlERdfbYnc4zZ6D-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_A7GYDNBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYKx1cpj8m0Ma9nEsXCLlpPdWjibWdai5cgyc80WhtnC5ha9PqaLZ7nwzRxbJBiQuRfJ0yKdqCazyco32I0MG9vGtrIYVwuXYTYz2TyLiWG3WU3EEs3JIp3ILvuGzbEyTmYW33AwWi52E4_NubHMLCOTY-LwTHwjf2218ph8G8NaNnEs3KLlZLcWzmaWtWg5ssxcs4VhtrC5Ra-P6eJZLnwzx74xGy6Wk9Fustg3ZsPFcjLaTRb7Dp3hu_qcjbLtOeVR-ay26dRacxgULoPF-5OYFtPu7CA6-Y5OlfakLOqMfr_f7_f7_X6_32_Qeg5mg8L3HVqH48j148wuvgexwaCIJYKLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ0nSRTvQSs9_n-YsdrsvfLXVYTk63X_D3nP6SwWSzF4z2QofH67J83gq3y-FxuN2yh9lpcmtcltPT5vQ4TH7Lwy13uEUul-Gte1ncCsPf8xa97KaH6Wl7uEUut8L0cLxebo3T4rLcXaanx2_XGU1vs0UsEZwu0onoZTxd1H_kIIvdXLEYzSWL4VyyWyUAAAAAAAAAAEswzXQTAAAAACeD2a2Wu9U6HchgNRxsVssFIPFnqetnWuvdTjfBeNdIegX39rexULHGHpsok9P0tzx8Zr_F79b7zH6L38oAJNxEmW32GUGs1WpZAwAAEMAGAAAQwE033gSQRXH_____4wAAAMjIoQcAAEC_D4jJ1MzMzMyMH0EOZ6P9A1Ah1mq1ut1Yq9UC!&cmcv=&pix=undefined&cb=1681924722198&uv=3266&tms=1681924722198&abt=nonrv_vA!nrlc_vA!preload1_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=3b6c6f83-03f9-4de6-b8ef-150647462c7e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: DF0164A30CDDF7DA73C55C079BFC6492
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8ITECLAZwwcG5xfOkFRDggoNzi-dJKygAAABgYID-AMlMbBvbzLhZCzYz51o0ctnWEuPK5lasBrPRbjSbbHwrIyCZiW1jmxk3a8Fm5lyLRi7bWmJc2dyK1WA22o1mk41vZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwROoul0-Fz3er3P7Lf47Tqz3-K3a_xuv8Ts93n-Yofr8ndLHZaT0-0X_D2nv2Qw2ewFo73Q4fG6LJ-3wu1yeBxut-xhdprcGpfl9LQ5PQ6T3_Jwyx1ukctleOteFrfC8Pe8RS-76WF62h5ukcutMD0cr5db47S4LHeX6enx23VG09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcTgIy9_sedn9AQAAAAAEAAAAAAmAAt7TEgAfZzMn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8huf7_g5bEqYBECiyLMAIAAACQLae9cWSSTlCxqPL__99vBeAKAEDAoabhIkMW3UGJtzAAAAAGYxboYfH7zQ67xu92mf________9_M_9n_tEINemFpwl6uFZQ8wsIALDmFxAAgI26AQB4IwAn6BC0YjBYHYXYDWeD3WQwnM0OAAAAwJ3___9_PSBhc6yMk5nFNxyMlovdxGNzbiwzy8jkmDg8E9_Ie3B-7zcZndqM-oQIy-z3HRSU09NjdhlERdfbYnc4zZ6D-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_A7GYDNBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYKx1cpj8m0Ma9nEsXCLlpPdWjibWdai5cgyc80WhtnC5ha9PqaLZ7nwzRxbJBiQuRfJ0yKdqCazyco32I0MG9vGtrIYVwuXYTYz2TyLiWG3WU3EEs3JIp3ILvuGzbEyTmYW33AwWi52E4_NubHMLCOTY-LwTHwjf2218ph8G8NaNnEs3KLlZLcWzmaWtWg5ssxcs4VhtrC5Ra-P6eJZLnwzx74xGy6Wk9Fustg3ZsPFcjLaTRb7Dp3hu_qcjbLtOeVR-ay26dRacxgULoPF-5OYFtPu7CA6-Y5OlfakLOqMfr_f7_f7_X6_32_Qeg5mg8L3HVqH48j148wuvgexwaCIJYKLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ0nSRTvQSs9_n-YsdrsvfLXVYTk63X_D3nP6SwWSzF4z2QofH67J83gq3y-FxuN2yh9lpcmtcltPT5vQ4TH7Lwy13uEUul-Gte1ncCsPf8xa97KaH6Wl7uEUut8L0cLxebo3T4rLcXaanx2_XGU1vs0UsEZwu0onoZTxd1H_kIIvdXLEYzSWL4VyyWyUAAAAAAAAAAEswzXQTAAAAACeD2a2Wu9U6HchgNRxsVssFIPFnqetnWuvdTjfBeNdIegX39rexULHGHpsok9P0tzx8Zr_F79b7zH6L38oAJNxEmW32GUGs1WpZAwAAEMAGAAAQwE033gSQRXH_____4wAAAMjIoQcAAEC_D4jJ1MzMzMyMH0EOZ6P9A1Ah1mq1ut1Yq9UC!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 2B2E8BB6E05139910F5717C944354571
Requests: 3 HTTP requests in this frame

Frame: https://hcode-marketing.s3.amazonaws.com/generic_cr/728x90_blue_ENG.jpg
Frame ID: C6599883735CB436CF20F210194DEC02
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: F9F4024D25A3EBC42F90B7B8FA750945
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 91CA235A78B07829107F89009B516F96
Requests: 3 HTTP requests in this frame

Frame: https://targeting.voxus.tv/a/index_nckv4.html?12943a233&client%3DO%20Globo%26website_id%3D2057%26obj%3D238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47%26type%3Dpageview
Frame ID: D4E4EAC1FF68D463D1B4A8A9AD18AC5A
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: AC1E510E572DD39D09C3EFDB506FB418
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2EA07EFA639CF73FBB49E4CC19010EA3
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Frame ID: 235A72D97A375242C5EE9C2EBC4C1E79
Requests: 11 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=B24DA5CD-B69F-4A6D-9475-72B74C0E6EEE&gdpr=0&gdpr_consent=
Frame ID: 647BA399217F2A7977533A81CECD4471
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=B24DA5CD-B69F-4A6D-9475-72B74C0E6EEE&redir=true&gdpr=0&gdpr_consent=
Frame ID: 01B78567FB3A4534F5EE8D37C20E9067
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7908508821806482549&gdpr=0&gdpr_consent=
Frame ID: 4D8A16BA890B1738596EAC6C35C4A0BC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7223811688219539596&gdpr=0&gdpr_consent=
Frame ID: 0AA78C498CF015B09114B7DB9FCA1AA1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=0INoe5JwVz9c6yAyaNKsLNly2hs&gdpr=0&gdpr_consent=
Frame ID: D7C3A9A64AA74C91F37400A2FF4D25D3
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADMd07IgEUAABvHbKi2SQ&gdpr=0&gdpr_consent=
Frame ID: 1E914DDFDEB3C1DB175AF205BBE4F16D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E28A4E18D65B5AC0E6D9358CC2155BA0
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: FA05CBCBDEB052BB98B09189B89627B4
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2410EL&prvid=2034%2C2033%2C2030%2C157%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C2045%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C173%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: BF43D4DCE3A726695DBD4C62ED35DADA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: FB747FE7B32057AC40CBF2EBBA6E9961
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Frame ID: 5DDC13E7B7DB49EA468677AA1610F4F2
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Foglobo.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 7FE56B1E293100B9BB3F50DF89FFFB11
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hackers ameaçam Valid Certificadora na 'deep web' após tentativa de ataque cibernético | Lauro Jardim | O Globo

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • tag\.navdmp\.com
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

467
Requests

92 %
HTTPS

35 %
IPv6

92
Domains

170
Subdomains

126
IPs

12
Countries

6517 kB
Transfer

18457 kB
Size

132
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82
  • https://sb.scorecardresearch.com/c2/6035227/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 85
  • https://oajs.openx.net/esp?url=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&rid=esp&cc=1
Request Chain 94
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=globo.com&sn=ChromeSyncframe&so=0&topUrl=oglobo.globo.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=EcdbuXxXaElzYVZLVFA2ZmpudWQxOG1DWk96NGk0NDE4OXlObGdQeWsxMVdQTXVCK2pJT3hNdGZ2MmNyVm9VbGNUUnc1UDNvRnZRYkorMXRrZjAzUEt5d2tmWFRQWTBSVjQzN0ppVGI3dVR6dUJZeUp4T0lnK05pcEF2cWpsWndpcG5Lam5CN1I0Wmlmem5Xc2VDZjh0MGJnOUo2bTZjK3hZcXU3N0IzaVZGSnBHeEpVTmYrZmVpUTYrbGp4bjRkK0JNKzNJNHd5R1ZBc3ZJMWtyRHNnMC9ha3MycXZkdGZ2MWkzZ0djVGhKdCsxQjRaRFYwOGhNcUxaYnZyaWdXamM5c0xLRDBtd1Ezd3ZCdEJaQmZIZ1l3dkpmQT09fA&cppv=2
Request Chain 160
  • https://rp.liadm.com/j?dtstmp=1681924716685&se=e30&duid=da5812f14a1e--01gyd8cxmq0s4ny3sb0820zp3v&pu=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&wpn=prebid HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1681924716685&se=e30&duid=da5812f14a1e--01gyd8cxmq0s4ny3sb0820zp3v&pu=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&wpn=prebid&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjEw&n3pc=true
Request Chain 186
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c5e36440-226f-4800-bacb-9b0604c28d1c&gdpr=0&gdpr_consent=
Request Chain 187
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210824591752155
Request Chain 188
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 189
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5256627883620175868
Request Chain 190
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=iKQ3vYyiNeuTqTboiaQu74-oYOmTo2e9i6E-IWiC
Request Chain 191
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sk2lzbafSm2UdXK3TA5u7g%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 193
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=4218019108 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=B24DA5CD-B69F-4A6D-9475-72B74C0E6EEE
Request Chain 194
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=B24DA5CD-B69F-4A6D-9475-72B74C0E6EEE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZTJmWG1lUi1YS3NSeC1XQkItNmpzMFhSUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=5986731816154314662&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 195
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjI0REE1Q0QtQjY5Ri00QTZELTk0NzUtNzJCNzRDMEU2RUVF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 196
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJKq2_EIAcAJTS_tzFUhQMQ&google_cver=1
Request Chain 198
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5986731816154314662
Request Chain 200
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGNYJRNC-6-FY2U
Request Chain 202
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENBMi8M4nHFJ6Z1whoeGvaY&google_cver=1
Request Chain 203
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWQ5ZDIyMTRmMTQwNTcyYjZhNDQxNWJhZWU0ZTIxZWVhMTVjZGY5ZA
Request Chain 204
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7byVB91ES5yhejcoG-IBbQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7byVB91ES5yhejcoG-IBbQ
Request Chain 205
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Wxfuz_mMTwi8Uo1BNpd1mA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Wxfuz_mMTwi8Uo1BNpd1mA
Request Chain 206
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEdOWUpSTkMtNi1GWTJV HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKc6RRPKBca43qkXbC-eMfw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdOWUpSTkMtNi1GWTJV&google_push=
Request Chain 207
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Cv_BSAb2iZkdHCID2apTrw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-01.63g5E2oJKdCHl8dtcdVubbVvf14pr8cUXfw--~A
Request Chain 210
  • https://id.globo.com/auth/realms/globo.com/protocol/openid-connect/auth?client_id=oglobo%40apps.globoid&redirect_uri=https%3A%2F%2Foglobo.globo.com%2Flogin-callback.ghtml&state=721e3d26-e0f8-4bfd-83e1-99d84575c7de&response_mode=fragment&response_type=code&scope=openid&nonce=48a0d611-d150-4090-962b-68128f4017b4&prompt=none&code_challenge=SpfK7bZ_5zefjNY0NAtonFb1TbzpFo8C7eYpSwmrdtU&code_challenge_method=S256 HTTP 302
  • https://oglobo.globo.com/login-callback.ghtml
Request Chain 411
  • https://rp.liadm.com/j?dtstmp=1681924722540&se=e30&duid=da5812f14a1e--01gyd8cxmq0s4ny3sb0820zp3v&pu=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&wpn=prebid HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1681924722540&se=e30&duid=da5812f14a1e--01gyd8cxmq0s4ny3sb0820zp3v&pu=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&wpn=prebid&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjEw
Request Chain 442
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7908508821806482549&gdpr=0&gdpr_consent=
Request Chain 443
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7223811688219539596&gdpr=0&gdpr_consent=
Request Chain 444
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=0INoe5JwVz9c6yAyaNKsLNly2hs&gdpr=0&gdpr_consent=
Request Chain 445
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFETWQwN0lnRVVBQUJ2SGJLaTJTUQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADMd07IgEUAABvHbKi2SQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7113393577030880893&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADMd07IgEUAABvHbKi2SQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D7113393577030880893%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=7113393577030880893&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADMd07IgEUAABvHbKi2SQ&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADMd07IgEUAABvHbKi2SQ&gdpr=0&gdpr_consent=
Request Chain 447
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B24DA5CD-B69F-4A6D-9475-72B74C0E6EEE&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B24DA5CD-B69F-4A6D-9475-72B74C0E6EEE&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 448
  • https://pixel.onaudience.com/?partner=214&mapped=B24DA5CD-B69F-4A6D-9475-72B74C0E6EEE&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=8d4043c439c80e93/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Request Chain 449
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B24DA5CD-B69F-4A6D-9475-72B74C0E6EEE&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-0MNW9jFE2uVCPPVpBQRjF_6pHB67DRs-~A&gdpr=0
Request Chain 451
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=79c5a257-bf32-4967-a5d3-8b1f9b288fc3&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=79c5a257-bf32-4967-a5d3-8b1f9b288fc3&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=2ab7044c-56e1-4d56-ad31-35cd6e9b254b&ssp=pubmatic&expires=30&user_group=5&bsw_param=79c5a257-bf32-4967-a5d3-8b1f9b288fc3 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=79c5a257-bf32-4967-a5d3-8b1f9b288fc3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 467
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Foglobo.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Foglobo.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 468
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZEAid1LCFrVdU29_5IADRQAAFKEAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHPXXX0KnvChfItkIbrrryg&google_cver=1
Request Chain 471
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZEAid1LCFrVdU29-5IADRQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBotB10K4DICIqEYdA86Th0&google_cver=1
Request Chain 472
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 473
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=db29058c-9427-4654-ad17-a57eeaf1cde4
Request Chain 474
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZEAid1LCFrVdU29-5IADRQAA%265281?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZEAid1LCFrVdU29-5IADRQAA%265281
Request Chain 475
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7908508821806482549

467 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
oglobo.globo.com/blogs/lauro-jardim/post/2023/04/ 		368 KB
88 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
201.7.177.244 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
d0ec1c807fc04cea11330336828b4047e4671044fa099619c6c57da123a51481
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=10
content-encoding
gzip
content-length
89035
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Wed, 19 Apr 2023 17:18:30 GMT
expires
Wed, 19 Apr 2023 17:18:40 GMT
http_x_forwarded_proto
https
redirect_https
https
show-page-version
0
vary
X-Forwarded-Proto, User-Agent, Accept-Encoding
via
2.0 CachOS
wall-blocked-session
0
wall-subscription-level
0
wall-usl-status
x-bip
31348289 wall 1
x-cache-status
HIT
x-content-type-options
nosniff
x-location-rule
show_services
x-mobile
desktop
x-request-id
12eafbed-b3e4-46b6-8c18-498263de84ca
x-served-from
oglobo-router-gcp, Show Services GCP
x-thanos
0A825C65
x-xss-protection
1; mode=block
bold.woff2
s3.glbimg.com/cdn/fonts/opensans/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/bold.woff2
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
c7c63b43903d698f7c8b28360ce19c81b574db3288a8db01a29ac72ffba1327b

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:31 GMT
x-openstack-request-id
tx93b14d9cf8e841efbc131-00636e37b3
last-modified
Tue, 25 Jun 2019 17:35:22 GMT
x-thanos
0AB54008
etag
8593a5a07cf620d4512fcb71cbcd07a6
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484121.35690
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10284
x-trans-id
tx93b14d9cf8e841efbc131-00636e37b3
x-request-id
00d231d7-5c26-47f9-990f-689f16ea1bcd
semibold.woff2
s3.glbimg.com/cdn/fonts/opensans/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/semibold.woff2
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
3211f0105eedb5873f087c4d715050124d6891cd2746f9e28b78759a80a818ca

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:31 GMT
x-openstack-request-id
tx33a1884badd14e0f81099-006426db4b
last-modified
Tue, 25 Jun 2019 17:36:47 GMT
x-thanos
0AB54008
etag
365c53275ca5dad1584b7e0bd3a46c1e
vary
Accept-Encoding, Origin
content-type
application/font-woff2
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484206.27623
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16172
x-trans-id
tx33a1884badd14e0f81099-006426db4b
x-request-id
0b274698-5b7d-4cdf-9568-bc34ecaf3772
regular.woff2
s3.glbimg.com/cdn/fonts/opensans/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/regular.woff2
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:31 GMT
x-openstack-request-id
txe56610cd07654d66a4b84-00636e37b3
last-modified
Tue, 25 Jun 2019 17:36:35 GMT
x-thanos
0AB54008
etag
4124088fdd8c315a6d096b65b6cbf428
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484194.26376
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10352
x-trans-id
txe56610cd07654d66a4b84-00636e37b3
x-request-id
ee4316e2-9104-4404-af5f-86d07c74653d
light.woff2
s3.glbimg.com/cdn/fonts/opensans/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/light.woff2
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
a51690a59260fd30a04d20955e8e5432f7f05f90c13f04c953789d67548a66b8

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:31 GMT
x-openstack-request-id
tx9d92b08ddbf94cc48175b-00633f430d
last-modified
Tue, 25 Jun 2019 17:36:08 GMT
x-thanos
0AB54008
etag
98b6233d6ac91b3538d60fee0ce3393b
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484167.30297
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10200
x-trans-id
tx9d92b08ddbf94cc48175b-00633f430d
x-request-id
8ca9ea94-91d4-4f28-bd25-889b6bad72d0
WhitmanDisplay-Regular.woff
s3.glbimg.com/v1/AUTH_63fc83ece6e4451e89f8750cafb76fa2/fonts/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_63fc83ece6e4451e89f8750cafb76fa2/fonts/WhitmanDisplay-Regular.woff
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
6113aa6c8b4abb8f3d9de3e13214876879785bf25ad316ec487578e4111509e6

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:31 GMT
x-openstack-request-id
tx3d31992ee55d4e9cb8b76-0064402208
last-modified
Thu, 02 Jun 2022 18:21:47 GMT
x-thanos
0AB54008
etag
b9129bf94b84c4417a6d58f0bc219623
vary
Accept-Encoding, Origin
content-type
application/font-woff
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1654194106.76960
cache-control
public, max-age=180
accept-ranges
bytes
content-length
22664
x-trans-id
tx3d31992ee55d4e9cb8b76-0064402208
x-request-id
04c98055-7f70-442e-bddd-95dcbb66637b
v0.js
cdn.ampproject.org/ 		277 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f19edb39fafced74139e21e8bb2ecbd792611ffcbeaa8875920bf0905c0deacc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 19 Apr 2023 17:18:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72846
x-xss-protection
0
server
sffe
etag
"51121eee2eb710b4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 19 Apr 2023 17:18:30 GMT
lib-pub-relay-oglobo-latest.js
s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/oglobo/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/oglobo/prod/lib-pub-relay-oglobo-latest.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
8900135ccc26cae8634c6c7e4fcba0a6ad86e166167aa82a551cd9cf38841cd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:31 GMT
content-encoding
gzip
x-openstack-request-id
tx595a7c099dd549b9ac6c0-006440223f
last-modified
Tue, 07 Mar 2023 22:33:21 GMT
x-thanos
0AB47186
vary
Accept-Encoding, Origin
x-object-meta-mtime
1678227573.000000
content-type
application/javascript
x-timestamp
1678228400.99917
cache-control
public, max-age=180
x-trans-id
tx595a7c099dd549b9ac6c0-006440223f
x-request-id
f3a81b09-66cf-4cc5-88d2-1480a4f50e1b
110142.js
fast.appcues.com/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.appcues.com/110142.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
b437936df752ea91990758a8c417ef66b753557e50b63ab4c72d641137c58a2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:31 GMT
content-encoding
gzip
via
1.1 varnish
age
36
x-cache
HIT
content-length
4943
x-request-id
F1dllM-yC3lcg87GlMTi
x-served-by
cache-hhn-etou8220048-HHN
server
Cowboy
x-timer
S1681924711.478472,VS0,VE1
vary
accept-encoding, Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=120,public
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
1
amp-social-share-0.1.js
cdn.ampproject.org/v0/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-social-share-0.1.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
437a61ae60b332b7aa9eec651bdcb824de8ad3d0c9997314d48c80c6ba235c33
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 19 Apr 2023 17:18:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4798
x-xss-protection
0
server
sffe
etag
"1746d84b11a02242"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 19 Apr 2023 17:18:31 GMT
amp-timeago-0.1.js
cdn.ampproject.org/v0/ 		37 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-timeago-0.1.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b88cf0b3d88825c7bce9b274b2ec763d78bacc30ad95d7c77e4b8562a26eafb1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 19 Apr 2023 17:18:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9141
x-xss-protection
0
server
sffe
etag
"93c8405c15fe0a76"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 19 Apr 2023 17:18:31 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/v0/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-fit-text-0.1.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f770ca0db2495f24252f0ed6f642e4320c484fd5c68949d1857e51dafd515f69
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 19 Apr 2023 17:18:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2515
x-xss-protection
0
server
sffe
etag
"11672cf6501e51d0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 19 Apr 2023 17:18:31 GMT
amp-bind-0.1.js
cdn.ampproject.org/v0/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-bind-0.1.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba2f47230e67665c0044b9ead574f0ce3a6c982af3e0c54cce6904f891a55810
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 19 Apr 2023 17:18:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16270
x-xss-protection
0
server
sffe
etag
"fa6c45222b7a21d9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 19 Apr 2023 17:18:31 GMT
amp-lightbox-gallery-0.1.js
cdn.ampproject.org/v0/ 		65 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-lightbox-gallery-0.1.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e10ab13ae88e0c4bfc4ddc931d5dde37640603a81af789bc9a38a3ab95f98ef
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 19 Apr 2023 17:18:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19091
x-xss-protection
0
server
sffe
etag
"1d2315e6ace0f2a7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 19 Apr 2023 17:18:31 GMT
amp-carousel-0.1.js
cdn.ampproject.org/v0/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-carousel-0.1.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98fce106d7c6b926de1944f849015d04d38bd96ff1eada0b5242b8f109c8d9c9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 19 Apr 2023 17:18:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11539
x-xss-protection
0
server
sffe
etag
"953de2d62b450688"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 19 Apr 2023 17:18:31 GMT
amp-video-0.1.js
cdn.ampproject.org/v0/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-video-0.1.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0d28b0af4819cee4c4f5ec77b7c7508ac1781e48207952356c9d1600f4ddbc8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 19 Apr 2023 17:18:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15937
x-xss-protection
0
server
sffe
etag
"113e970c80dc9b4a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 19 Apr 2023 17:18:31 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:31 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
3108
etag
W/"06f50014011c1fcd9e21b6b0481979de"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7ba6cea6a9bf2bbb-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 22 Apr 2023 17:18:31 GMT
tiny.js
static.infoglobo.com.br/paywall/js/ 		249 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/js/tiny.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
Apache /
Resource Hash
a8950847ef18ff6e965b5b5e567fa02a37a56072cddddab8408d8c56c809bd0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 17:07:41 GMT
Content-Encoding
gzip
Age
685
grace
none
X-Cache
HIT
Connection
Keep-Alive
Content-Length
56306
Last-Modified
Tue, 18 Apr 2023 17:30:04 GMT
Server
Apache
ETag
"a035cad3-3e25e-5f99fa8671f00"
vary
X-Forwarded-Proto
Content-Type
text/javascript
Access-Control-Allow-Origin
*
cache-control
public, max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
X-Cache-Hits
5459
barra-globocom.min.css
barra.globo.com/gl/ba/oidcprodutos/css/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://barra.globo.com/gl/ba/oidcprodutos/css/barra-globocom.min.css
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
d01b2cf5b15e8ea0ef57c0ccc66a390b354d8dbc11410035fb73eb12ab3ee514
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-location-rule
barra-gcs
date
Wed, 19 Apr 2023 17:18:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
2.0 CachOS
x-bip
305833775 ra09 20 09
age
76654
x-cache-status
HIT
content-length
4317
x-xss-protection
1; mode=block
x-request-id
3dada286-208c-4af9-bfd0-2e59824af34e
last-modified
Tue, 29 Nov 2022 16:28:44 GMT
x-thanos
0AB4D01D
etag
W/"c580509368f67b01edaa2d4f8057bbbe"
vary
Accept-Encoding, Origin
x-served-from
estaticos-gcp-prod
content-type
text/css; charset=utf-8
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Wed, 19 Apr 2023 20:00:57 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:31 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2762
etag
W/"2cf94922e2d551e8dc7c38c022a9a3ca"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7ba6cea6da102bbb-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 22 Apr 2023 17:18:31 GMT
web
onesignal.com/api/v1/sync/2a12022a-47ec-4502-80a3-1a5412d58b50/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/2a12022a-47ec-4502-80a3-1a5412d58b50/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cae5fd6442ffda05560ee657d96ecb6b0a7db06b6fbcdaf9c2a425c3477c6bbc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
584
cf-polished
origSize=6388
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
d70902e3-34ed-4c74-8b0e-2fb6a527941f
x-runtime
0.028578
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"5b1e4d665cc5adcf474173959a821e90"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
7ba6cea77b0e2bbb-FRA
access-control-allow-headers
SDK-Version
expires
Wed, 19 Apr 2023 18:18:31 GMT
lauro-jardim-1-.png
s2.glbimg.com/wJYZH0Fb1Bbla48I7oqi_HyxsWA=/600x0/filters:quality(70)/i.s3.glbimg.com/v1/AUTH_da025474c0c44edd99332dddb09cabe8/internal_photos/bs/2022/X/e/JeXWaeRJAa2U2ECz0NMg/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/wJYZH0Fb1Bbla48I7oqi_HyxsWA=/600x0/filters:quality(70)/i.s3.glbimg.com/v1/AUTH_da025474c0c44edd99332dddb09cabe8/internal_photos/bs/2022/X/e/JeXWaeRJAa2U2ECz0NMg/lauro-jardim-1-.png
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
ab1f0e0de7e9825232678592a37c79f1c0fb167aaefdf6cc1f46396c60314222

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:32 GMT
via
2.0 CachOS
x-bip
459822795 ra09 20 06
age
2519511
x-cache-server
thumbor/nginx-cache
content-length
21906
x-cached
HIT
x-request-id
8c630459-417d-4fc5-a74e-9f81b585325f
x-forwarded-host
s2.glbimg.com
x-thanos
0AB4D019
etag
"533e4aead90d19b2a7c87eddac292044817012ed"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 20 Apr 2023 13:26:36 GMT
programming-g369f66bd2-1920.jpg
s2.glbimg.com/Z1iNoUDZSBu-TFLafDaTzpNxaQ8=/0x0:1920x1280/924x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_da025474c0c44edd99332dddb09cabe8/internal_photos/bs/2022/A/e/0KyrvtTfKYAxvzAO39bA/ 		172 KB
172 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/Z1iNoUDZSBu-TFLafDaTzpNxaQ8=/0x0:1920x1280/924x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_da025474c0c44edd99332dddb09cabe8/internal_photos/bs/2022/A/e/0KyrvtTfKYAxvzAO39bA/programming-g369f66bd2-1920.jpg
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
6efa2e2abd9f75fd168f031e5679ada41dbc1477f8e6015b29e4a3da7bca4889

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:32 GMT
via
2.0 CachOS
x-bip
460706013 ra09 20 06
age
75570
x-cache-server
thumbor/nginx-cache
content-length
175760
x-cached
HIT
x-request-id
463783e6-cf5c-4747-8698-7a3899281b4d
x-forwarded-host
s2.glbimg.com
x-thanos
0AB4D019
etag
"8ebda2e840f00d6f775d35f2fd519fa0c9e59ca7"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 18 May 2023 20:15:22 GMT
WhitmanDisplay-ExtraBold.woff2
s3.glbimg.com/v1/AUTH_63fc83ece6e4451e89f8750cafb76fa2/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_63fc83ece6e4451e89f8750cafb76fa2/fonts/WhitmanDisplay-ExtraBold.woff2
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
99cc9e872f073562fd2d2ba78857f8fb53d85a39f729b22fd181c1bdb493ec52

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:32 GMT
x-openstack-request-id
tx835152269a2d44d8bbd04-0064402241
last-modified
Tue, 08 Feb 2022 14:05:53 GMT
x-thanos
0AB54008
etag
597fdc03d01129a0559c376539929752
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1644329152.83682
cache-control
public, max-age=180
accept-ranges
bytes
content-length
16520
x-trans-id
tx835152269a2d44d8bbd04-0064402241
x-request-id
d6abfcfe-c309-46e0-8785-15401ab30083
WhitmanDisplay-Semibold.woff2
s3.glbimg.com/v1/AUTH_63fc83ece6e4451e89f8750cafb76fa2/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_63fc83ece6e4451e89f8750cafb76fa2/fonts/WhitmanDisplay-Semibold.woff2
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
b926d84ed56f2239b061936da7b714dd10be0033a097264948c588f2d8c451d7

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:32 GMT
x-openstack-request-id
tx8d13eb03a243461484190-0064402238
last-modified
Mon, 22 Aug 2022 18:33:25 GMT
x-thanos
0AB54008
etag
114250105c0b630ecdbbce6ca29a1f6e
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1661193204.59691
cache-control
public, max-age=180
accept-ranges
bytes
content-length
16140
x-trans-id
tx8d13eb03a243461484190-0064402238
x-request-id
c293a447-2bfe-4d3a-8d44-33981078b129
2v84n8g15c1895dv.js
cdn.petametrics.com/ 		166 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.petametrics.com/2v84n8g15c1895dv.js?ts=467201
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
f4db490ba98201d5a7c18933561eeedc303c324880b4312285964fa8569c67b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:32 GMT
content-encoding
gzip
x-amz-version-id
aD__iy6gUG8R2hMsoIRkWjn7yWZ4cmW.
last-modified
Thu, 30 Mar 2023 03:36:43 GMT
server
AmazonS3
x-amz-request-id
YQKQDNJQPE3D3ZZP
etag
"6071a7974c78966962812694629b98b2"
x-amz-server-side-encryption
AES256
x-hw
1681924712.cds322.fr8.hn,1681924712.cds150.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, s-maxage=31536000
accept-ranges
bytes
content-length
49642
x-amz-id-2
isdk0hQwGEjhandns+9XO3ENdP4DvePi4W795we7L6V5ZmZtro3qTIRg8Hm+k5M8pfissQRAx85WfItVwufP8A==
truncated
/ 		727 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3945a98e43cd2167bfa9e8385ffa54335b9a393fa66af78f9b9deba11bd87470

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		738 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03bd05cfb6d0789c54678927cfbd8d3ab3c9b721cee69b3dec80dc9c521149dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f1e7751de7211682870afa390d8383cddbf7845eb9d83b700752bc26602a782

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		695 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa3ebe966a050c4716fb681161db8c5e3c966e7eef21dbc7dae3a79fd33bd535

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
georgia.ttf
s3.glbimg.com/v1/AUTH_63fc83ece6e4451e89f8750cafb76fa2/fonts/ 		215 KB
215 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_63fc83ece6e4451e89f8750cafb76fa2/fonts/georgia.ttf
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
38dffcaf1fac89492f7c56c600a14daf36ae42f7c21985cd4134ae113124a58f

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:32 GMT
x-openstack-request-id
tx27ee330fe173407bb0c11-006440221b
last-modified
Wed, 23 Mar 2022 16:12:09 GMT
x-thanos
0AB54008
etag
ca8446d58eb8315c7a458caf81c6ed86
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1648051928.19231
cache-control
public, max-age=180
accept-ranges
bytes
content-length
219712
x-trans-id
tx27ee330fe173407bb0c11-006440221b
x-request-id
48aca5ba-b87c-4090-a047-f2f54fac76f3
georgiab.ttf
s3.glbimg.com/v1/AUTH_63fc83ece6e4451e89f8750cafb76fa2/fonts/ 		203 KB
203 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_63fc83ece6e4451e89f8750cafb76fa2/fonts/georgiab.ttf
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
72a6cd94fab6c179392075d3fb361e269cdddfad41bb7ab385fa22a37e49a900

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:32 GMT
x-openstack-request-id
tx2ee8e702bdaf4fa7a5bfd-006440220f
last-modified
Wed, 23 Mar 2022 16:12:09 GMT
x-thanos
0AB54008
etag
27836f0c46bfb03982e86c4ed5c8cc45
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1648051928.21230
cache-control
public, max-age=180
accept-ranges
bytes
content-length
207476
x-trans-id
tx2ee8e702bdaf4fa7a5bfd-006440220f
x-request-id
19b8531d-265c-464b-8adf-3fc98383e27e
__activity.gif
query.petametrics.com/v3/2v84n8g15c1895dv/8fdf29e2-f4f6-407f-8679-12ba9476d458/ 		35 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/2v84n8g15c1895dv/8fdf29e2-f4f6-407f-8679-12ba9476d458/__activity.gif?e=pageview&ct=Hackers+amea%C3%A7am+Valid+Certificadora+na+%27deep+web%27+ap%C3%B3s+tentativa+de+ataque+cibern%C3%A9tico&ccu=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&tspl=3108&blst=2948&ist=3096&iet=3099&bdst=2948&bdet=3091&bcttt=4&ts=1681924712509&jsk=2v84n8g15c1895dv&jsv=20230329&cu=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&uid=8fdf29e2-f4f6-407f-8679-12ba9476d458&sid=fcb2fd78-f8e6-46ad-d354-fd478627270a&pvid=10d40167-5f42-42de-8bd7-cb8deabbe874&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F112.0.5615.121+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=9&saveData=false&ctyp=unknown&tzo=0&sdk=bc-pixel
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 19 Apr 2023 17:18:32 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
lib-pub-core-oglobo-latest.js
s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/oglobo/prod/ 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/oglobo/prod/lib-pub-core-oglobo-latest.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/oglobo/prod/lib-pub-relay-oglobo-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
087a53d2f4c3e96b44c2f552af7a3bf4936788b41a209a9d9c4c14487f484549

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:32 GMT
content-encoding
gzip
x-openstack-request-id
txaec49930adbb4879aa0e4-0064402233
last-modified
Wed, 19 Apr 2023 16:10:39 GMT
x-thanos
0AB47186
vary
Accept-Encoding, Origin
x-object-meta-mtime
1681920383.000000
content-type
application/javascript
x-timestamp
1681920638.26111
cache-control
public, max-age=180
x-trans-id
txaec49930adbb4879aa0e4-0064402233
x-request-id
f8b46cbc-209d-4ea9-a6a6-22b6e54ddd48
5fd442d424590f5725ed0f000b163e1b.css
s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/5fd442d424590f5725ed0f000b163e1b.css
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
98dd6e08f9ddd9fc19be6911c5b2ab872f737c6a8011f6e08e1c6cb7bce40a07

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:32 GMT
content-encoding
gzip
x-openstack-request-id
tx4d3dab9c392e49b9b2360-0064386e69
content-length
1305
x-trans-id
tx4d3dab9c392e49b9b2360-0064386e69
x-request-id
031b955c-d4d4-4d84-bc22-eef5f1047613
last-modified
Thu, 15 Sep 2022 14:27:18 GMT
x-thanos
0AB54008
etag
440a623587e624acb7c4b75db6ee6cd7
vary
Accept-Encoding, Origin
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
x-object-meta-cache-control, content-language, cache-control, expires, last-modified, etag, x-timestamp, pragma, x-trans-id, x-container-meta-cache-control, content-type, x-openstack-request-id, authorization
x-timestamp
1663252037.69823
cache-control
public, max-age=604800
accept-ranges
bytes
truncated
/ 		436 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93f45bd0df53776d65c03af696f72e8857a3049863b07852ba2998ecce3160a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		507 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2faeb72dc6c6dd034ad0fe3a1326105213eb42cc9fdde9560f645ee2dd1c4c2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
opensans-light-webfont.woff
s.glbimg.com/gl/ba/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/gl/ba/fonts/opensans-light-webfont.woff
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
dea42e0f179347a75dd9fa41636bd1fa1ae92397bcde89a1389eeb8c0ace0fca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-location-rule
barra-gcs
date
Wed, 19 Apr 2023 17:18:33 GMT
via
2.0 CachOS
x-content-type-options
nosniff
x-bip
170859093 ra09 20 03
age
56146
x-cache-status
HIT
content-length
20184
x-xss-protection
1; mode=block
x-request-id
03ab49dc-59d9-4392-bdd9-d2c6d1569099
last-modified
Tue, 29 Nov 2022 16:28:43 GMT
x-thanos
0AB4D012
etag
"d6cc1c50b230a5c61bb684e07f3e0e98"
vary
Origin
x-served-from
estaticos-gcp-prod
content-type
font/woff
access-control-allow-origin
https://oglobo.globo.com
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 20 Apr 2023 01:42:47 GMT
barra-globocom.min.js
s.glbimg.com/gl/ba/js/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/gl/ba/js/barra-globocom.min.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
b81ad1210bf4276e2651563c487f1116410f97232fcf37a85c09dffa25edda2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-location-rule
barra-gcs
date
Wed, 19 Apr 2023 17:18:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
2.0 CachOS
x-bip
498818717 ra03 11 05
age
75655
x-cache-status
MISS
content-length
10597
x-xss-protection
1; mode=block
x-request-id
cce91a08-d791-4b11-bd97-7611c427f6cf
last-modified
Tue, 29 Nov 2022 16:28:43 GMT
x-thanos
0AB1D009
etag
W/"1af9514851ffe9f801c5468a9d1206ac"
vary
Accept-Encoding, Origin
x-served-from
estaticos-gcp-prod
content-type
text/javascript; charset=utf-8
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Wed, 19 Apr 2023 20:17:37 GMT
truncated
/ 		203 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81c18c6a1eebd0d4249f792956e0cfed7e81dc9dbef518227d62ec1818262c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		196 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
721f01f7ac435b12df171ba12797e85092612ae1f5c755bb33124cf6c7ff6104

Request headers

Referer
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		197 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2be5ec9833fb7e7cc366e1a51bf5f07978b7959c25a5426c4ee22fd9ab7f3e85

Request headers

Referer
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
jquery.min.js
s3.glbimg.com/cdn/libs/jquery/1.8.3/ 		91 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:33 GMT
content-encoding
gzip
x-openstack-request-id
txf48ad2a8230d454a85e3a-00633f4005
last-modified
Tue, 09 Oct 2018 19:06:54 GMT
x-thanos
0AB54008
vary
Accept-Encoding, Origin
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1539112013.52960
cache-control
max-age=31536000
x-trans-id
txf48ad2a8230d454a85e3a-00633f4005
x-request-id
f8352f20-0b8a-48d0-a9a3-4ee02b5a3291
84ffc25c59ae555879ea820e89c9e287.js
s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/ 		306 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
fc78b05d7e7d4011b2668f70134366bdf1f22611194c5331ad1cd3e8a3d2fdd3

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:32 GMT
content-encoding
gzip
x-openstack-request-id
txa0e86525510f45468088a-00643ee890
content-length
107169
x-trans-id
txa0e86525510f45468088a-00643ee890
x-request-id
4f8c918b-c107-4554-a2f4-8e958549083c
last-modified
Tue, 10 Jan 2023 18:55:36 GMT
x-thanos
0AB54008
etag
644cc67b08aa447594080d02c45a4c51
vary
Accept-Encoding, Origin
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
x-object-meta-cache-control, content-language, cache-control, expires, last-modified, etag, x-timestamp, pragma, x-trans-id, x-container-meta-cache-control, content-type, x-openstack-request-id, authorization
x-timestamp
1673376935.71740
cache-control
public, max-age=604800
accept-ranges
bytes
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/oglobo/prod/lib-pub-core-oglobo-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb1490b12cad5fe2a6e5f1baeee559032ec3d2753537cfcef425e9d56f865ecb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25435
x-xss-protection
0
server
cafe
etag
844 / 19466 / m202304130101 / config-hash: 14560336452053094010
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 19 Apr 2023 17:18:33 GMT
15688_oglobo.js
ads.rubiconproject.com/prebid/ 		391 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/prebid/15688_oglobo.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/oglobo/prod/lib-pub-core-oglobo-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.0.93.68 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-93-68.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d7abe638428dd1514cec663c6fce3247c9d80ed0193b26e9ac2db4e2177d43a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:33 GMT
content-encoding
gzip
last-modified
Wed, 19 Apr 2023 15:40:53 GMT
server
Apache
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
117695
expires
Wed, 19 Apr 2023 20:15:04 GMT
publicidade.css
s3.glbimg.com/v1/AUTH_b3eff1d540ba48dd8558daf4d094c778/assets/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_b3eff1d540ba48dd8558daf4d094c778/assets/publicidade.css
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/oglobo/prod/lib-pub-core-oglobo-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
4e5a8df78e43e83e6ca4b7af38833a508483d29e3c5332b7dc19a0ac9b27c692

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:33 GMT
content-encoding
gzip
x-openstack-request-id
txa7a88cfface84eee9ffc5-0064402259
last-modified
Tue, 12 Feb 2019 18:01:54 GMT
x-thanos
0AB47186
vary
Accept-Encoding, Origin
content-type
text/css
x-timestamp
1549994513.97827
cache-control
public, max-age=180
x-trans-id
txa7a88cfface84eee9ffc5-0064402259
x-request-id
7605450a-c06a-4a96-9c64-46f52bc114c8
fuckadb.js
s3.glbimg.com/v1/AUTH_7b0a6df49895459fbafe49a96fcb5bbf/tiny/DetectAdblock/ 		112 B
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_7b0a6df49895459fbafe49a96fcb5bbf/tiny/DetectAdblock/fuckadb.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
69037cfbbc9ab8f66374ef00854ade77f64e4fa2f0ffe58213c22a14f9ceeabd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:33 GMT
x-openstack-request-id
tx77c5451607a94694a17f3-0064402261
last-modified
Mon, 17 Apr 2023 21:48:35 GMT
x-thanos
0AB47186
etag
9b06a55084240072900700fe3717610b
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1681768114.48968
cache-control
public, max-age=180
accept-ranges
bytes
content-length
112
x-trans-id
tx77c5451607a94694a17f3-0064402261
x-request-id
1722ba5b-9350-4e61-b967-478a0928634e
1.tiny.js
static.infoglobo.com.br/paywall/js/ 		27 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/js/1.tiny.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
Apache /
Resource Hash
a619456956cab59152037c77c23153d6dd2f404091ead85fd12483e398bc9499

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 17:07:43 GMT
Content-Encoding
gzip
Age
684
grace
none
X-Cache
HIT
Connection
Keep-Alive
Content-Length
4709
Last-Modified
Tue, 18 Apr 2023 17:30:04 GMT
Server
Apache
ETag
"a0387b03-6cf3-5f99fa8671f00"
vary
X-Forwarded-Proto
Content-Type
text/javascript
Access-Control-Allow-Origin
*
cache-control
public, max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
X-Cache-Hits
5366
17.tiny.js
static.infoglobo.com.br/paywall/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/js/17.tiny.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
Apache /
Resource Hash
23cace87721ebac55b72d3b4ef6821926c5ba46f2783e38a96c456a874863c07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 17:07:44 GMT
Content-Encoding
gzip
Age
683
grace
none
X-Cache
HIT
Connection
Keep-Alive
Content-Length
1868
Last-Modified
Tue, 18 Apr 2023 17:30:04 GMT
Server
Apache
ETag
"a057ad2d-16ac-5f99fa8671f00"
vary
X-Forwarded-Proto
Content-Type
text/javascript
Access-Control-Allow-Origin
*
cache-control
public, max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
X-Cache-Hits
5189
load
experience.tinypass.com/xbuilder/experience/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=GTCopIDc5z
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a8b1a5d057124c55e6627c62b0e5799deb5734f067672416c12cdb1458c4e4d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
date
Wed, 19 Apr 2023 17:18:33 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 19 Apr 2023 16:56:35 GMT
server
cloudflare
age
1318
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800
cf-ray
7ba6ceb1edb75c20-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
dzxwx1mk4w
expires
Wed, 19 Apr 2023 17:48:33 GMT
15688-pbjs-floors.json
ads.rubiconproject.com/floors/ 		35 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/15688-pbjs-floors.json
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.0.93.68 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-93-68.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2d609abad4a8f6f76e2cab4617ff3d0dc1d15ad28c8883b84096118129453574

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Apr 2023 17:18:33 GMT
content-encoding
gzip
last-modified
Wed, 19 Apr 2023 16:40:54 GMT
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
3056
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230419
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d306bd3c87511a22b7d939dd77b67a38a258a32c3c48738da44b0ced61d3021
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Apr 2023 17:18:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4659
x-jsd-version
1.0.1681
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4571-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"638-es4J+3wgAFWcvuTZKhpn1CM4mRM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TwdKaRaJxDvLfQDbz%2BgzIe3ydeHWxthpRR9ELRen1m1dHe06a7nMLSsyFgGC4nVOiIdIoYtP1q%2FQS85JC9z2CfiilIdc3mjc8KwzjlRYvf5eFsKEkFIRqUZPNJIqkMQfnQFj8FIIZSKGAbtgB68%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7ba6ceb35b7491e4-FRA
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/ 		398 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11e4342c37d88d69519e3d4be0ed9da7c51f1febe2abc7944745fc583b29c3a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 15:55:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
4980
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126317
x-xss-protection
0
server
cafe
etag
18140124545370589291
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 18 Apr 2024 15:55:33 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		4 KB
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=oglobo.globo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
870534f487f6d6ee6e4a51090ff1f3282cbaf8a8b93f81cf6bdecdbe70d5e657
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
718
x-xss-protection
0
expires
Wed, 19 Apr 2023 17:18:33 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=oglobo.globo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=oglobo.globo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3412847008223880&correlator=977614874435156&eid=31073865%2C31073883%2C31070233&output=ldjh&gdfp_req=1&vrg=202304130101&ptt=17&impl=fif&iu_parts=85042905%2Cinfo.web.oglobo%2Cblogs%2Clauro-jardim%2Cmateria&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=970x90%7C728x90%7C970x250%7C970x150%7C1190x250&ifi=1&adks=494576641&didk=3223810204&sfv=1-0-40&prev_scp=Editora.pos%3DMiddle%26rc%3Dbanner_materia2_0&eri=1&cust_params=ambient%3D%26tipo_pagina%3Dmateria%26editora.random%3D9%26Editora.url%3Dhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico%26Info.Entidades%3Dbrasil%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3D%26permutive%3D%26permutive-id%3D%26ptime%3D1681924713002%26prmtvvid%3D%26prmtvwid%3D&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1681924713474&lmt=1681924713&dlt=1681924710691&idt=2746&adxs=315&adys=2987&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&frm=20&vis=1&psz=970x0&msz=970x0&fws=4&ohw=970&ga_vid=1201176432.1681924713&ga_sid=1681924713&ga_hid=2103314295&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0efbbb6b4506025eb7088fcbfb05a95b8fcabdfb93da22db259d8df59e88f69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:33 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10273
x-xss-protection
0
google-lineitem-id
5770128229
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138360598297
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5f8d30e863cbf3471191a33651e10ff7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8D20 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5f8d30e863cbf3471191a33651e10ff7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Apr 2023 17:18:33 GMT
expires
Thu, 18 Apr 2024 17:18:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tinypass.min.js
cdn.tinypass.com/api/ 		339 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=GTCopIDc5z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b97b2342a7580d734b7aa27d35e1889d164d0a6b968679464a745d6665462c61
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:33 GMT
x-amz-version-id
rvyIZTSHRoGj9ry99Fiu_X3H0J_lBLkq
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
Q15BCVGF7EXCNBJY
age
8867
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
4nIdnw3FlKyvqkK4Th22eg+WSFT79i9XuYselVIcOGXI6gRCAf2u5b59FuqCyYesFoJIqVkcOJc=
last-modified
Fri, 14 Apr 2023 08:16:54 GMT
server
cloudflare
etag
W/"43b5dfa841a0111e4078dfb6a8fba670"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
7ba6ceb3e83b5c20-FRA
expires
Wed, 19 Apr 2023 21:18:33 GMT
cx.cce.js
cdn.cxense.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:392::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5b4c012c740d120a384871f05af3184799f6e2b607767a5d6229e2a82aac103b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 17:18:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Oct 2022 14:05:13 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5959
Expires
Wed, 19 Apr 2023 18:18:33 GMT
execute
c2.piano.io/xbuilder/experience/ 		21 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=GTCopIDc5z
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f508de7759a10dbf5113dd4031a5b437395e5905f62f5680feb2cac723e3d1ee
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 19 Apr 2023 17:18:33 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
tg68yxc6j6
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
7ba6ceb51c8a30f3-FRA
cx.js
cdn.cxense.com/ 		103 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:392::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a11d62109f30ddb0d4b4f74e8b340ccc50a471ea1e5a888a5f17631c31cf9545

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 17:18:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 14 Apr 2023 13:31:47 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34188
Expires
Wed, 19 Apr 2023 18:18:33 GMT
4.tiny.js
static.infoglobo.com.br/paywall/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/js/4.tiny.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
Apache /
Resource Hash
6df7b1493ff3d350a201629d7338f87a7c03852a64249e01e8ae16cb64ed9fb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 17:07:52 GMT
Content-Encoding
gzip
Age
653
grace
none
X-Cache
HIT
Connection
Keep-Alive
Content-Length
2715
Last-Modified
Tue, 18 Apr 2023 17:30:04 GMT
Server
Apache
ETag
"a03e0eeb-2d6d-5f99fa8671f00"
vary
X-Forwarded-Proto
Content-Type
text/javascript
Access-Control-Allow-Origin
*
cache-control
public, max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
X-Cache-Hits
2190
0.tiny.js
static.infoglobo.com.br/paywall/js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/js/0.tiny.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
Apache /
Resource Hash
bee300c6b91903a92f9f55dea8506a481bf78eeab57c9d9a0cbe6b9690ffcc7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 17:07:42 GMT
Content-Encoding
gzip
Age
664
grace
none
X-Cache
HIT
Connection
Keep-Alive
Content-Length
5223
Last-Modified
Tue, 18 Apr 2023 17:30:04 GMT
Server
Apache
ETag
"a0552a88-4ecd-5f99fa8671f00"
vary
X-Forwarded-Proto
Content-Type
text/javascript
Access-Control-Allow-Origin
*
cache-control
public, max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
X-Cache-Hits
2046
2.tiny.js
static.infoglobo.com.br/paywall/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/js/2.tiny.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
Apache /
Resource Hash
2c9af135eee347fcfcdfb94bf03dce34e3d0fdd299d36c8df962bafdb397baf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 17:07:54 GMT
Content-Encoding
gzip
Age
652
grace
none
X-Cache
HIT
Connection
Keep-Alive
Content-Length
1456
Last-Modified
Tue, 18 Apr 2023 17:30:04 GMT
Server
Apache
ETag
"a04cc0f6-10e4-5f99fa8671f00"
vary
X-Forwarded-Proto
Content-Type
text/javascript
Access-Control-Allow-Origin
*
cache-control
public, max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
X-Cache-Hits
1923
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		587 B
682 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=GTCopIDc5z
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83c06e9d5a05b2ce1316edce0e1198c7f3b66ad0218ba55f72d5f91012c3f282
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 19 Apr 2023 17:18:34 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
MyehdtrEuQE
pragma
no-cache
wn
prod-dash-10-0-114-44
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.004
cache-control
no-cache, no-store, must-revalidate
cf-ray
7ba6ceb6aa989150-FRA
expires
0
sp1.html
cdn.cxense.com/ Frame 4798 		684 B
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/sp1.html
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:392::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
379
Content-Type
text/html
Date
Wed, 19 Apr 2023 17:18:33 GMT
Expires
Sat, 29 Apr 2023 17:18:33 GMT
Last-Modified
Tue, 11 Jan 2022 07:21:04 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
39419
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=54sKaL1OGaZA3AKLBTYZy73oA3bNYbwQ834QXJbgxjm70dFk7YoXCETpaPBESvQtRFTB%2Bt34rJNNuEsa9U2%2Bf4dpW%2B915hOsiWc1yje8OMICISfY%2FYvjRW%2BwFO8Ph5s%2BKkIDtEgCC36FNnCv1ao%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7ba6ceb68aff5c4a-FRA
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 07:16:49 GMT
content-encoding
gzip
age
468105
x-guploader-uploadid
ADPycdvujfU_oLUmNVqI4f5BZnpSVte8PDLotLNZgvFd0cC54eAGvZm9f8-b4dRZmf4BnqGEW6yytSvFJRHHxFr_uK-ecw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 13 Apr 2024 07:16:49 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:34 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
5HYXHX9PK7AYJ3XS
age
572
etag
W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7ba6ceb6ca049bf4-FRA
x-amz-id-2
S6R2y7dt0TJ0tHF3dRN8FSP0T4Q58OI/Vn9tn6k1ruurUluy4rf0Kfbl+uLVEbxXwO1SEX/JYWbTZrOjCJ1sVw==
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-9c21"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 20 Apr 2023 17:18:34 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e9d3165c73a7f6243cdf07498cf37514d3128c1de540fa02d8a6d6c5fdf09db1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 02:38:06 GMT
content-encoding
gzip
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
last-modified
Wed, 22 Mar 2023 22:36:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
52829
x-amz-server-side-encryption
AES256
etag
W/"4fd6c99ca40fed5d11cbd9e1b76a92f1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
4DcshxjOksdBdX_gMsJP8sKj-AzNKpmVzw5D98mgClyn4jT_DXL6Hg==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:3e00:a:e047:752:b361 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 03:09:51 GMT
Via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Jan 2023 04:07:36 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
50924
x-amz-server-side-encryption
AES256
ETag
"aded621b17723f487b3c9d0e43cf2f94"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1859
X-Amz-Cf-Id
mMoW11dX06ZecYtbilCio7WeZmypC6lJ8O2kt7Ni4MtBS2YGKQKauQ==
view
securepubads.g.doubleclick.net/pcs/ Frame 1080 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcnXpNX9GinzV-6aTGK23zvVmetBoeCVpdTS0dtSh6CGdJquEiweWG3992VTG7ezc0hzZmNeWh-8QvFEqx_csgcAlOdSBKzrhAEHjhDREEm4DAJSdFDCQt8DfbSJMR824xZHiFXLC9-Vp3WdoNTqNh2F2hLoYd-yuzApTZg12K6U_JH9Xzwo0f-WfX2JU2VRjmQ1NXZEsO7KN_FWG8-jYT2qg-sl45E2yhHh-2wDFkM1huZIaznPg1AynE0D2lBTvoPYH_ZBI20z1nst_JOLJwK5Ylgds1tDRyZQK4nR415CIcMJWf_2vyU4X68nOkIhLH9jOOSjDWyiMIjNbLUzMLfYWhYw0FeYc9TplUAdsTuJx2&sai=AMfl-YR8OdRoSCQxXpcGKAY89zjdSE3VNOv8o8f8sdvPq1ia5vLe0qo03hczpyxKjKF6krm4hiaA5dA6y-iDOhSwQZUFx4uLJ3iBprj-mNrS8ZWObQGWv7Gucgc_CpX79dbxC2GRGPVmsxajJzizIrv5&sig=Cg0ArKJSzK1CUXajm4KXEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 19 Apr 2023 17:18:34 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 1080 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
81e004b7240a735f342101b63441c220ae2c823eb7b679a43467126815191d45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25388
x-xss-protection
0
server
cafe
etag
329 / 19466 / 31073972 / config-hash: 14560336452053094010
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 19 Apr 2023 17:18:34 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157163/4984/ Frame 1080 		556 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4237c10c4fd4720ccd07086fe9162a975f2e47d7aa922535c018e400de483146

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:34 GMT
content-encoding
gzip
last-modified
Tue, 28 Feb 2023 17:54:44 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=47731
accept-ranges
bytes
content-length
164665
expires
Thu, 20 Apr 2023 06:34:05 GMT
owHCMR.js
s3.amazonaws.com/script-tags/ Frame 1080 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/script-tags/owHCMR.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.10.205 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
42df2970a7b0d495eb52f6408e37f8fd67b58f1850a835f52930bd7794325486

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 17:18:35 GMT
Last-Modified
Tue, 11 Apr 2023 20:53:11 GMT
Server
AmazonS3
x-amz-request-id
J7MXA66FHJN131HA
ETag
"ccbc7ce104053f91f640c00c41370cff"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
16471
x-amz-id-2
Epjp92X4njH8t4pAX8jeSc/TQAcv7uaEWUrKgI8H6JgObUKozAJ7jAgdI/qk6fQZBwzmcno4xxQ=
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1080 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcba6d68321742b971eda8d36254297a368c6a5dba5486f36076f25d66891d9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49673
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681775021301287"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Apr 2023 17:18:34 GMT
cx.js
cdn.cxense.com/ Frame 4798 		103 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:392::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f9a14368257e7ae608b41966f9d8551e61390e593400e69013ea2e39ecd097a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/sp1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 17:18:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 14 Apr 2023 13:31:47 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34188
Expires
Wed, 19 Apr 2023 18:18:34 GMT
p1.js
p1cluster.cxense.com/ Frame 4798 		47 B
638 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p1cluster.cxense.com/p1.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
0773d4c1e30f6ab8858f34cc7d2f532b0c6ec2119f428506355bf4b0206a198d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:34 GMT
last-modified
Wed, 19 Oct 2022 17:18:34 GMT
server
Jetty(9.4.28.v20200408)
etag
1yy871bexahq939ijfwephi3yo
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
text/javascript;charset=utf-8
cache-control
private, proxy-revalidate
content-length
47
expires
Fri, 19 Apr 2024 17:18:34 GMT
horizon-client-js.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-client-js.min.js
Requested by
Host: s.glbimg.com
URL: https://s.glbimg.com/gl/ba/js/barra-globocom.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:34 GMT
content-encoding
gzip
x-openstack-request-id
tx91ed9fff1a054bfd914fb-006440207a
last-modified
Fri, 13 Nov 2020 17:21:38 GMT
x-thanos
0AB47186
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1605288097.88717
cache-control
public, max-age=600
x-trans-id
tx91ed9fff1a054bfd914fb-006440207a
x-request-id
74f3f574-adc3-4007-8f0b-0a2c2cbcc4d7
glb-pv-min.js
s.glbimg.com/bu/rt/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/bu/rt/js/glb-pv-min.js
Requested by
Host: s.glbimg.com
URL: https://s.glbimg.com/gl/ba/js/barra-globocom.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-location-rule
barra-gcs
date
Wed, 19 Apr 2023 17:18:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
2.0 CachOS
x-bip
475905005 ra03 11 05
age
75674
x-cache-status
HIT
content-length
945
x-xss-protection
1; mode=block
x-request-id
fe5b8ae1-4a58-45af-9eae-ea302514cc02
last-modified
Fri, 11 Nov 2022 21:36:41 GMT
x-thanos
0AB1D009
etag
W/"aaaef25ae81d7253ced007ce6451d65e"
vary
Accept-Encoding, Origin
x-served-from
estaticos-gcp-prod
content-type
text/javascript; charset=utf-8
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Wed, 19 Apr 2023 20:17:19 GMT
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6035227/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
358 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Server
13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-23.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:17:15 GMT
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
80
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
0
x-amz-cf-id
_HgnGPuPQAh91yCaUiO4R8HdCm68cAt-sJEV0NB2-GvN1rjCp6ZqJQ==

Redirect headers

date
Wed, 19 Apr 2023 17:18:34 GMT
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
location
/internal-c2/default/cs.js
content-length
0
x-amz-cf-id
nLWdP0nbfDblpxbN3n5upgKjOixWwZBBXzetDx4-iS47RCSJOcg_CA==
logo_globoplay.svg
s3.glbimg.com/v1/AUTH_ba8e460c944543468c3c80cb9675751f/logos/globoplay/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_ba8e460c944543468c3c80cb9675751f/logos/globoplay/logo_globoplay.svg
Requested by
Host: barra.globo.com
URL: https://barra.globo.com/gl/ba/oidcprodutos/css/barra-globocom.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
c637bc70cc671cda4cc4885f7b5f53537f9ded298f7ddcb6a784ca244606f0ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://barra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:34 GMT
content-encoding
gzip
x-openstack-request-id
txfe7be92796ca454ea4194-0064402200
last-modified
Mon, 17 Oct 2022 13:20:36 GMT
x-thanos
0AB47186
vary
Accept-Encoding, Origin
content-type
image/svg+xml
x-timestamp
1666012835.41302
cache-control
public, max-age=180
x-trans-id
txfe7be92796ca454ea4194-0064402200
x-request-id
c4311e8e-4b0c-4163-b84e-6aff28262d7e
p
sb.scorecardresearch.com/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=6035227&ns__t=1681924714084&ns_c=UTF-8&c8=Hackers%20amea%C3%A7am%20Valid%20Certificadora%20na%20%27deep%20web%27%20ap%C3%B3s%20tentativa%20de%20ataque%20cibern%C3%A9tico%20%7C%20Lauro%20Jardim%20%7C%20O%20Globo&c7=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&c9=
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-23.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:34 GMT
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
OlzEwJhpAcsMecLvY6GX6NvDFb-jCtXs9S1Q_N5_Q5hTiZPNIC2mSw==
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&...
  • https://oajs.openx.net/esp?url=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&...
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&rid=esp&cc=1
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
bf41966f3998def3864ceeb8bf4a88164693e655e1d3f8c961dd12fe263b77e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:34 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-Ukk7XNA8pmrzr659Q2FCSaZf+JU"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Wed, 19 Apr 2023 17:18:34 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://oglobo.globo.com
location
/esp?url=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
map
bcp.crwdcntrl.net/6/ 		60 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.143.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-143-122.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2540d813905d752db9b97243e168612f9d734e511bcbfcdcb2fc4927d61e0577

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:34 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache
x-server
10.45.3.81
access-control-allow-credentials
true
content-length
60
expires
0
increment
id5-sync.com/api/esp/ 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://oglobo.globo.com
date
Wed, 19 Apr 2023 17:18:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120201/ Frame 1080 		400 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120201/pubads_impl.js?cb=31073972
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92cf292bcd6f8b25608682634dbcbfb6b426097b95f1ca7ffc4eb03faaab6bcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:16:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
111
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126869
x-xss-protection
0
server
cafe
etag
16445823330670953753
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 18 Apr 2024 17:16:43 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 1080 		4 KB
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=oglobo.globo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
870534f487f6d6ee6e4a51090ff1f3282cbaf8a8b93f81cf6bdecdbe70d5e657
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
718
x-xss-protection
0
expires
Wed, 19 Apr 2023 17:18:34 GMT
advertising.js
www.npttech.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/1.tiny.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:640c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:34 GMT
x-amz-version-id
AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EMR7W5Y5DVSVVPVA
age
2563
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Mi9pKP9W0n9kCQ2Mgys/5TnmhIG6KWlVfn9r/01RGKjz3yHaNJvItZmWkaYbd+rZ7Z8IOQqZmVc=
last-modified
Tue, 18 Oct 2022 13:20:01 GMT
server
cloudflare
etag
W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjuEppw3DKyr2OKfJwyrwDMbz37D%2B7DKfmd5hij2e27g%2B%2BZD%2FLwIVMrLahdpz5hDjx5YGA3Lbnt7t1OJ4Hl6h9C0gmSAqHzW4cZ9s0XNlNjsFRxzAapUuJxDHAJuf%2FjdDaJ8FBlmhaJDWije8jc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
cf-ray
7ba6ceb7fbe82c3b-FRA
syncframe
gum.criteo.com/ Frame 3CD3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=oglobo.globo.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 19 Apr 2023 17:18:33 GMT
server
Kestrel
server-processing-duration-in-ticks
440548
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
rep.gif
comcluster.cxense.com/Repo/ Frame 4798 		43 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.21&typ=pgv&rnd=lgnyjqw21rnhxjj2&sid=1152151660084636047&loc=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&new=1&arf=0&ltm=1681924713921&ref=&tzo=0&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=lgnyjr2v5oqhg9t7&ckp=lgnyjqw2gw36kca0&glb=&cp_userState=anon&cst=1yy871bexahq939ijfwephi3yo
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Wed, 19 Apr 2023 17:18:34 GMT
server
Jetty(9.4.28.v20200408)
content-length
43
content-type
image/gif
id
id.cxense.com/public/user/ 		103 B
676 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22lgnyjqw2gw36kca0%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%221yy871bexahq939ijfwephi3yo%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%221yy871bexahq939ijfwephi3yo%22%7D%5D%2C%22siteId%22%3A%221152151660084636047%22%2C%22location%22%3A%22https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml%22%7D&callback=cXJsonpCB1
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
e4ba4ab2b1432e3800536ed1327e8693bf4d829929dba37720dba11c2d69583a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:34 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
content-type
text/javascript;charset=utf-8
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-length
103
expires
Mon, 26 Jul 1997 05:00:00 GMT
sid
mug.criteo.com/ Frame 3CD3
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=globo.com&sn=ChromeSyncframe&so=0&topUrl=oglobo.globo.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=EcdbuXxXaElzYVZLVFA2ZmpudWQxOG1DWk96NGk0NDE4OXlObGdQeWsxMVdQTXVCK2pJT3hNdGZ2MmNyVm9VbGNUUnc1UDNvRnZRYkorMXRrZjAzUEt5d2tmWFRQWTBSVjQzN0ppVGI3dVR6dUJZeUp4T0lnK05pcEF2cW...
436 B
656 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=EcdbuXxXaElzYVZLVFA2ZmpudWQxOG1DWk96NGk0NDE4OXlObGdQeWsxMVdQTXVCK2pJT3hNdGZ2MmNyVm9VbGNUUnc1UDNvRnZRYkorMXRrZjAzUEt5d2tmWFRQWTBSVjQzN0ppVGI3dVR6dUJZeUp4T0lnK05pcEF2cWpsWndpcG5Lam5CN1I0Wmlmem5Xc2VDZjh0MGJnOUo2bTZjK3hZcXU3N0IzaVZGSnBHeEpVTmYrZmVpUTYrbGp4bjRkK0JNKzNJNHd5R1ZBc3ZJMWtyRHNnMC9ha3MycXZkdGZ2MWkzZ0djVGhKdCsxQjRaRFYwOGhNcUxaYnZyaWdXamM5c0xLRDBtd1Ezd3ZCdEJaQmZIZ1l3dkpmQT09fA&cppv=2
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ef014757c4120b333d4ebedf948ae0884b9af0b29c2fdb6fe161c7f73ebf84b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:34 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1987585
expires
0

Redirect headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:33 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=EcdbuXxXaElzYVZLVFA2ZmpudWQxOG1DWk96NGk0NDE4OXlObGdQeWsxMVdQTXVCK2pJT3hNdGZ2MmNyVm9VbGNUUnc1UDNvRnZRYkorMXRrZjAzUEt5d2tmWFRQWTBSVjQzN0ppVGI3dVR6dUJZeUp4T0lnK05pcEF2cWpsWndpcG5Lam5CN1I0Wmlmem5Xc2VDZjh0MGJnOUo2bTZjK3hZcXU3N0IzaVZGSnBHeEpVTmYrZmVpUTYrbGp4bjRkK0JNKzNJNHd5R1ZBc3ZJMWtyRHNnMC9ha3MycXZkdGZ2MWkzZ0djVGhKdCsxQjRaRFYwOGhNcUxaYnZyaWdXamM5c0xLRDBtd1Ezd3ZCdEJaQmZIZ1l3dkpmQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
377667
content-length
0
expires
0
horizon-pageview
horizon.globo.com/auth-session/activity/oglobo/ 		0
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://horizon.globo.com/auth-session/activity/oglobo/horizon-pageview?object=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&Referrer=&tags=&client_version=0.3.11
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.211.79.33 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
33.79.211.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:34 GMT
strict-transport-security
max-age=60
content-length
0
x-served-from
hzt-tsuru
content-type
text/plain; charset=UTF-8
apstag.js
c.amazon-adsystem.com/aax2/ Frame 1080 		225 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/owHCMR.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ecace46d78f707e1f3ef7ff9fb10354a496ac9f707d9a7748a3eb2cdabc5518

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 16:39:41 GMT
content-encoding
gzip
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront), 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified
Thu, 13 Apr 2023 17:39:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
2334
x-amz-server-side-encryption
AES256
etag
W/"803fd851ae539b54f8d1b774934dcb91"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
DRNOhocc7Msbj31QcnVZY8DyWdL8tWRJBW1PfBRYEVCMHlvA5NzkxA==
truncated
/ Frame 1080 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
da5e71b6f1e87039e97ecc9bbc9cde71403f7dd52780a6df816c4c8e7d10536a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
pub
pixel.adsafeprotected.com/services/ Frame 1080 		489 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931348&slot=%7Bid:/138871148/oglobo.globo.com.dw.970x250.inter,ss:%5B970.250%5D,p:/138871148,85042905/oglobo.globo.com.dw.970x250.inter%7D&wr=970.250&sr=1600.1200&url=https%253A%252F%252Foglobo.globo.com%252Fblogs%252Flauro-jardim%252Fpost%252F2023%252F04%252Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.57.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-57-28.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f02e3d6e46e1ae76e73f2c164f0249e3d700ebf9b85f66f720cb3dccde4a2683

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Apr 2023 17:18:34 GMT
server
nginx
x-server-name
app01.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
c
prebid.a-mo.net/a/ Frame 1080 		0
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://oglobo.globo.com
date
Wed, 19 Apr 2023 17:18:33 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
22
server
envoy
vary
origin, Accept-Encoding
pbjs
htlb.casalemedia.com/openrtb/ Frame 1080 		36 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=828451&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223ce24470567e55%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml%22%2C%22page%22%3A%22https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.3%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2249bcbddae8cc99%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22828451%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F138871148%2C85042905%2Foglobo.globo.com.dw.970x250.inter%22%2C%22gpid%22%3A%22%2F138871148%2C85042905%2Foglobo.globo.com.dw.970x250.inter%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22hcodemedia.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%22288%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bdcdb94506c3affd34152599415580b3b7b52a42a4d9d7b04686b7cb13f1dab

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2KNRSiScxFR2ozQZuMnqsGFXhodYQHpw75kz%2Bsh7kLjnypxuN6eS0URqtfqlPdEJzBT3iU1X8i4UOvsgD5Igj58cB7Pas%2BWcCjN3T1EZZpykKTKb2Fcx9gWvNH93lG1deoeFxsO"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ba6ceb9fd9792b9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 1080 		138 B
948 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
160432a4ab163fe585f1870a1383cff7b0f9406c6aa4a41bffcec3bac28c04fa
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Apr 2023 17:18:34 GMT
AN-X-Request-Uuid
dcc37e42-1b89-4c89-926a-d4cfb47db627
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://oglobo.globo.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.27; 217.114.218.27; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ Frame 1080 		1 KB
1008 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2410EL
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
989302c9b2c216ed3de58e20abba9a599af2eacf5766bc7db36fa99e57971a72

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:34 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Wed, 19 Apr 2023 17:18:34 GMT
translator
hbopenbid.pubmatic.com/ Frame 1080 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=71
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://oglobo.globo.com
date
Wed, 19 Apr 2023 17:18:33 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame 1080 		24 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
6b96d7782f2dcd1483793ec3a5df2a41a0e2e77ac11c4a1e1f190ff763e65c98

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 19 Apr 2023 17:18:34 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://oglobo.globo.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 1080 		358 B
920 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13894&site_id=160068&zone_id=1780802&size_id=57&rp_schain=1.0,1!hcodemedia.com,288,1,,,&rf=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&tg_i.adunit=oglobo.globo.com.dw.970x250.inter&tg_i.pbadslot=%2F138871148%2C85042905%2Foglobo.globo.com.dw.970x250.inter&tk_flint=pbjs_lite_v6.29.3&x_source.tid=2834804d-f24e-4130-9862-23b7cf8326f4&l_pb_bid_id=1417a3268581d69&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F138871148%2C85042905%2Foglobo.globo.com.dw.970x250.inter&slots=1&rand=0.611732844246786
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bf5465aad0e1f5ba24b61b880044a479fee28b28e824ed013eae5ed662ed21b0

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:34 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
358
expires
Wed, 17 Sep 1975 21:32:10 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame D633 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Wed, 19 Apr 2023 17:18:34 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
config
c.amazon-adsystem.com/cdn/prod/ Frame 1080 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Foglobo.globo.com&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
Server /
Resource Hash
9ecd654fb8fea11bbdb6693521d7ef2854cbb4ef8a9a4acaa2573601fbbcea34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 14:54:23 GMT
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
8651
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2976
x-amz-cf-id
vghetFeH5N1mNErBCtITxp5_bUtlw9fAZaoxPA11TufmSTNqNn7Dow==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 1080 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
BeoItWAXLH_Ztd131J1ILFBRpuOxsQkH
content-encoding
gzip
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
date
Tue, 18 Apr 2023 19:58:37 GMT
x-amz-cf-pop
FRA2-C1
age
76798
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 13 Apr 2023 22:29:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
Mxv3DDkXu3MnK-T-gZqGDYPCYiBSZjofYwHJPF_5cYKKhIsKtFooJA==
view
securepubads.g.doubleclick.net/pcs/ Frame 1080 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvH7tmYmzqz7ei3mbVQk_eZVna2GGcG-7jddIti_zxwYxPmxSZgBQfJqTUQZigOnBnbOVulKNGq1mXPPRXTUYPF1PzHdtfcuswOnK_6MKfcFAUN_jBxJN974_E9UUws_aMJVlAajd3_2v9TPIKB6PVo9OHalGEbtmO-l69v9AY1nPOa0TIoVPX24CqM_Oj44J4-o9NwLrJ_cnHG8AbQRSeRKaOjCfxE9lQ1a-4KTeyIrni2SG1mqjdogApbSHmzGiUZX44ny-x2JXCkeFuL6IC9L4P7Gg5cmD9Cond27K7KNZTl8pynfqrLLeQP7rRNoODr63i2l1U53STzVosxOJ2l5iazt2AXyvEPqlwFUMw7LJa1nGA&sai=AMfl-YQqP7YxsFh8E5PdvW3uY6jaU4wypGw4jJ58Ad_3uqn3rQybFdrnykfMn4ksuwClKKo9dgnsz0jeRGsONCjCJ3sCwJQZlGqu6U16jrTPd8a4ewvZezIQLMyC-J59ynewJiuJLSGtOd1sAXdtV8Jz&sig=Cg0ArKJSzA3MWwFoRs_JEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 19 Apr 2023 17:18:34 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 1080 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.134.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-134-95.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:34 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Wed, 19 Apr 2023 17:33:34 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame 1080 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
26840d8e6a3847df23553537b405e9badca0dff237b0854f15d04656dd57e40e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 12:19:30 GMT
content-encoding
gzip
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
last-modified
Wed, 22 Mar 2023 22:36:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
17945
x-amz-server-side-encryption
AES256
etag
W/"4c91450a102f312a8d75826eeee52ef9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
nsWkVv0KNMIr4mJBACh0CVSaC2F15FA5qnTtON-lYFlwK9npmaMuqA==
hadron.js
cdn.hadronid.net/ Frame 1080 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&ref=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&_it=amazon&partner_id=407
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:34 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 18 Nov 2022 10:57:44 GMT
server
cloudflare
x-amz-request-id
TC75RB0KRRP8NTXT
age
5260
etag
W/"2280e2148e4ee3c06f679f8fac039778"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7ba6cebaaa55bb32-FRA
x-amz-id-2
tLisjgGnjFNgXFmNzCleIC1ScWAkgar/yal8BV1iI+YAX2kT+5EHWz67/yHvAUJpLxxzRZ7ivV0=
92bb6886-83
aps.zqtk.net/ Frame 1080 		0
0
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 1080 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:34 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
QQHBKKDC4K9EXW7F
age
1424
etag
W/"b58faeda0c1d193bc50dd25a7640d8ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7ba6ceba5f749bf4-FRA
x-amz-id-2
4mcYKQ5Hb3U2OaIpwisHn+DXiPFTI0FN2tidCE6GVNrf0qEvGkxvwQERDCwB3ajVcoF/DwRqbqs=
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 1080 		0
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.54.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-54-224.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 19 Apr 2023 17:18:35 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.54.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-54-224.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://oglobo.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 19 Apr 2023 17:18:34 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
map
bcp.crwdcntrl.net/6/ Frame 1080 		60 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.143.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-143-122.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
df65d27fc9f41e2fab6df9d94c9c1263ff3304646d2212ec082a94965134f37f

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:34 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache
x-server
10.45.25.213
access-control-allow-credentials
true
content-length
60
expires
0
footer-desk.gif
s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/OGlobo/VENDAS/GABIGOL/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/OGlobo/VENDAS/GABIGOL/footer-desk.gif
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
7aa7a279726838956c85e89aad86b9448f5153fbb11597f7df5530a8562aa683

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:35 GMT
x-openstack-request-id
tx5449160b1b1541a5accb4-006440221c
last-modified
Wed, 05 Apr 2023 17:45:15 GMT
x-thanos
0AB47186
etag
a72dc754869a2b7a1930fbb7b6e8f6b4
vary
Accept-Encoding, Origin
content-type
image/gif
x-timestamp
1680716714.49835
cache-control
public, max-age=180
accept-ranges
bytes
content-length
5934
x-trans-id
tx5449160b1b1541a5accb4-006440221c
x-request-id
90962fa1-f849-4f92-b7f1-6e09b525cd7e
v1
lb.eu-1-id5-sync.com/lb/ Frame 1080 		33 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
f740efbf89285a82cdb53beb90446663d4ae9dae829f3be68e337a66009fd25c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://oglobo.globo.com
date
Wed, 19 Apr 2023 17:18:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
hadron.json
id.hadron.ad.gt/v1/ Frame 1080 		94 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=407&sync=0&domain=oglobo.globo.com&url=https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&ref=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&_it=amazon&partner_id=407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
817e12d4c03c5d76425e0fd8adaeb5c979daad3e847d47675f94df2b1de2094d

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 19 Apr 2023 17:18:35 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
7ba6cebc386a2bca-FRA
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=407&sync=0&domain=oglobo.globo.com&url=https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://oglobo.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
7ba6cebb6f082bca-FRA
content-length
0
content-type
application/json
date
Wed, 19 Apr 2023 17:18:34 GMT
debug
OPTIONS block
expires
Thu, 18 Apr 2024 17:18:34 GMT
server
cloudflare
996.json
id5-sync.com/g/v2/ Frame 1080 		216 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/996.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
2013a05ec90ec19a60b3f1c751125681112c34d457397fa95755e43d8f3435f4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://oglobo.globo.com
date
Wed, 19 Apr 2023 17:18:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
bid
aax.amazon-adsystem.com/e/dtb/ Frame 1080 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&pid=EYFsob6tugcpy&cb=0&ws=970x250&v=23.407.232&t=2000&slots=%5B%7B%22sd%22%3A%22%2F138871148%2Foglobo.globo.com.dw.970x250.inter%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F138871148%2C85042905%2Foglobo.globo.com.dw.970x250.inter%22%7D%5D&schain=1.0%2C1!hcodemedia.com%2C288%2C1%2C%2C%2C&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.99.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-99-209.prg50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:35 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 4614c36172b2854b1e1e94af37435c8e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PRG50-C1
x-amz-rid
BWV6RCBKX9RWHPSEH513
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
4ExdmARA9ITJLDIXh4FEaWIEyFBT0XJ5cfb79cvGTOFncuX5oEOJIw==
407
a.ad.gt/api/v1/u/matches/ Frame 1080 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/407?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&ref=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&_it=amazon&partner_id=407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea8121ca5e1b56ead5b2317972ee55a7d188375c588a22c1156e216715a08082

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 19 Apr 2023 17:14:48 GMT
server
cloudflare
age
227
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
7ba6cebd6bd79b21-FRA
integrator.js
adservice.google.de/adsid/ Frame 1080 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=oglobo.globo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120201/pubads_impl.js?cb=31073972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1080 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=oglobo.globo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120201/pubads_impl.js?cb=31073972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 1080 		24 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=322820264308904&correlator=2385978877540755&eid=31072878%2C31073884%2C31073972%2C31071326&output=ldjh&gdfp_req=1&vrg=202304120201&ptt=17&impl=fifs&iu_parts=138871148%3A85042905%2Coglobo.globo.com.dw.970x250.inter&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250&fluid=height&ifi=1&adks=939703275&sfv=1-0-40&prev_scp=refreshcounter%3Doriginal%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26fr%3Dfalse%26id%3D30ccf789-ded6-11ed-b3d4-06d8cca89c2a%26vw%3D40%2C50%2C60%26vw05%3D40%2C50%26vw10%3D40%26vw15%3D40%26ias-kw%3DIAS_13149_KW%2CIAS_3006647_PG%2CIAS_8423_KW%2CIAS_8430_KW%2CIAS_9502_KW%2CIAS_7262_KW%2CIAS_1500693_PG%2CIAS_1508982_PG%2CIAS_1507080_PG%2CIAS_5597_KW%26amznbid%3D2%26amznp%3D2%26hcmviewable%3Dfalse&eri=1&cust_params=hcmschain%3D288%26mycodedomain%3Dglobo.com&sc=1&cookie=ID%3D891612a06dffe41b%3AT%3D1681924713%3AS%3DALNI_MapVw7IncFmj6ZgPj1Byw6JA31wGQ&gpic=UID%3D00000c06796e95d4%3AT%3D1681924713%3ART%3D1681924713%3AS%3DALNI_MYqw5zlJerB6sm7H3VhJsKwzELy-Q&arp=1&abxe=1&dt=1681924715191&lmt=1681924715&dlt=1681924713974&idt=279&adxs=315&adys=3047&biw=1600&bih=1200&isw=970&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=khxld5iu5j4t&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&ref=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&top=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&frm=23&vis=1&psz=970x0&msz=970x0&fws=256&ohw=0&ea=0&ga_vid=553530509.1681924715&ga_sid=1681924715&ga_hid=1797443803&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY8duZ1PkwSABSAghkEjsKCnB1YmNpZC5vcmcSJGE5MzQzNzg0LTMyZjktNDFiMS1iYjU5LTUzNjNlMWRmZjk1OBiw3JnU-TBIABIdCg5lc3AuY3JpdGVvLmNvbRjx25nU-TBIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pVkhOWVRGRnJZMkZSZDJWdFVHdFdSMWhsTml0V1p6MDlJbjA9GIrgmdT5MEgAEhkKCnVpZGFwaS5jb20Y8duZ1PkwSABSAghkEhsKDGlkNS1zeW5jLmNvbRjo3ZnU-TBIAFICCGo.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120201/pubads_impl.js?cb=31073972
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
686a8b472e6688c4eec7e1fc677a24587af19bf7be39254df3c140d5992853a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11273
x-xss-protection
0
google-lineitem-id
5770955185
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138360694999
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1080 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304120201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120201/pubads_impl.js?cb=31073972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2565ea75dd5645983e14abacaa474b8893059112ac2331e3d68eafec1187e4e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11236
x-xss-protection
0
container.html
b774b7a62013a922a4e2d4e5e43d8c2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 50C9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b774b7a62013a922a4e2d4e5e43d8c2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120201/pubads_impl.js?cb=31073972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Apr 2023 17:18:35 GMT
expires
Thu, 18 Apr 2024 17:18:35 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1080 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120201/pubads_impl.js?cb=31073972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Apr 2023 17:18:35 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6F31 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIBf7hXftft1yLiNtAnXb6AW8MggFkPkfhbw_TL46BGElYkGG9seCtvx9w4rOwzzlnFzaKzwPmg_vD86PgEd3m1OxPgrB29s3NKWZmUfPzdoKLC6c6ymAhLRKj9DSZsLBZingMq3WszJ6B6HJXo-fnYh9m_PVvZBa78kGGTsvFMOZclrl7NyAkfZkQWPwvqFLYFwyI6AFua1fakzesmV7Z5ZsjFOBF9UXT1rAaxuPltyD97j7V5bQFFMOZaUlBmMkO-SswZxEa6K_1z8dweLWciAHDWv0pAWMkEav3z-X0DqxmHsD9IuA_RC59YNtrVZdY6RScc18DKzks3lJhcn201nMjtLYeSQ&sai=AMfl-YQ0bDDsEIMe-N8MlArcq__i-NLqP4rBnCaoSiQgBb4YoESy24Vi0lWoiZzT0jKkbcBN4qz5k2ce2L3Tg9r8G3pyZ4aj6eyK0qlTsDziJKbADsdr95hAJthbrwhCAfE&sig=Cg0ArKJSzIYX0qOkjRBlEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
a9floorcheck.js
s3.amazonaws.com/script-tags/ Frame 6F31 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/script-tags/a9floorcheck.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120201/pubads_impl.js?cb=31073972
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.10.205 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ff1f3fd5c645b504972939187912b4404dfdb1fae2e9f864fd1961b07680d684

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 17:18:36 GMT
Last-Modified
Tue, 07 Mar 2023 01:43:53 GMT
Server
AmazonS3
x-amz-request-id
8HRRDF4RDW6X71MK
ETag
"25a66c3765b63515e5b06ddc75a35c84"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1319
x-amz-id-2
L9DYmBPCCnl4GLTCLWeFCZ0WnjFpydRWUdeZTFaBOXChKp1BvWdtwNrfbTLSBabsP9ZG2frNMoc=
prebidpubs.js
s3.amazonaws.com/script-tags/ Frame 6F31 		452 KB
452 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/script-tags/prebidpubs.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120201/pubads_impl.js?cb=31073972
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.10.205 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
252b25968594cd957d403bc11eda13d347540fc465e5e408c1b4163647f62ebf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 17:18:36 GMT
Last-Modified
Tue, 18 Apr 2023 17:09:47 GMT
Server
AmazonS3
x-amz-request-id
8HRK0FTCEQB06TYE
ETag
"e6bff6e05d6ff0842977940a6a0eafbc"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
462623
x-amz-id-2
m7CHAPCQq0yuTPggxAvspYg6DZxUHemiHl1qre5M6ZfIe4pPsDh8nNlUpem9k1ueLNd0FfFrMtc=
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6F31 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120201/pubads_impl.js?cb=31073972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcba6d68321742b971eda8d36254297a368c6a5dba5486f36076f25d66891d9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49673
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681775021301287"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Apr 2023 17:18:35 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FAA3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4782
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Apr 2023 15:58:53 GMT
expires
Thu, 18 Apr 2024 15:58:53 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 33E4 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
73586d97779db94b2d314f5bb2ff7adbb146b33ea27622b03f06602d67fa3c39
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XkUT3XGJT_np8zPMpZHvNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-XkUT3XGJT_np8zPMpZHvNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 19 Apr 2023 17:18:35 GMT
expires
Wed, 19 Apr 2023 17:18:35 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js
pagead2.googlesyndication.com/bg/ Frame FAA3 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31ecc2f86d5917ed4667dcaaab4a3b212720237b8466f05c3f90a05e858a3031
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 19:05:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
79983
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14288
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 10:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Apr 2024 19:05:32 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 6F31 		225 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/a9floorcheck.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ecace46d78f707e1f3ef7ff9fb10354a496ac9f707d9a7748a3eb2cdabc5518

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 16:39:41 GMT
content-encoding
gzip
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront), 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified
Thu, 13 Apr 2023 17:39:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
2335
x-amz-server-side-encryption
AES256
etag
W/"803fd851ae539b54f8d1b774934dcb91"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
iX-8H5MU3Z2xo_AP_zScMSYa1DQaTtrQUarHkI94Pa7JVXsInAETrQ==
config
c.amazon-adsystem.com/cdn/prod/ Frame 6F31 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Foglobo.globo.com&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
Server /
Resource Hash
9ecd654fb8fea11bbdb6693521d7ef2854cbb4ef8a9a4acaa2573601fbbcea34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 14:54:23 GMT
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
8652
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2976
x-amz-cf-id
xS3mpK2BlPocrujZdpVLSSYBtfSB9xNP4qA2UR6KutfjPfsBdf-lYw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 6F31 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
BeoItWAXLH_Ztd131J1ILFBRpuOxsQkH
content-encoding
gzip
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
date
Tue, 18 Apr 2023 19:58:37 GMT
x-amz-cf-pop
FRA2-C1
age
76799
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 13 Apr 2023 22:29:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
UrGGMWP4mwCK3O1QSHa1d1_keUrSX67njrmjyFkynPxSaaGaT-yMog==
sodar
pagead2.googlesyndication.com/pagead/ Frame 33E4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304120201&jk=322820264308904&rc=
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 6F31 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.134.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-134-95.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:35 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Wed, 19 Apr 2023 17:33:35 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame 6F31 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
26840d8e6a3847df23553537b405e9badca0dff237b0854f15d04656dd57e40e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 12:19:30 GMT
content-encoding
gzip
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
last-modified
Wed, 22 Mar 2023 22:36:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
17946
x-amz-server-side-encryption
AES256
etag
W/"4c91450a102f312a8d75826eeee52ef9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
LcGaQRyetJztTjCUn5_0EwD0szYP950Mv-j4-50Z_6IfQ-M9D60O0Q==
hadron.js
cdn.hadronid.net/ Frame 6F31 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&ref=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&_it=amazon&partner_id=407
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:35 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 18 Nov 2022 10:57:44 GMT
server
cloudflare
x-amz-request-id
TC75RB0KRRP8NTXT
age
5261
etag
W/"2280e2148e4ee3c06f679f8fac039778"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7ba6cec10c58bb32-FRA
x-amz-id-2
tLisjgGnjFNgXFmNzCleIC1ScWAkgar/yal8BV1iI+YAX2kT+5EHWz67/yHvAUJpLxxzRZ7ivV0=
92bb6886-83
aps.zqtk.net/ Frame 6F31 		0
0
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 6F31 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:35 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
QQHBKKDC4K9EXW7F
age
1425
etag
W/"b58faeda0c1d193bc50dd25a7640d8ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7ba6cec10a829bf4-FRA
x-amz-id-2
4mcYKQ5Hb3U2OaIpwisHn+DXiPFTI0FN2tidCE6GVNrf0qEvGkxvwQERDCwB3ajVcoF/DwRqbqs=
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 6F31 		0
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.54.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-54-224.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 19 Apr 2023 17:18:35 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.54.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-54-224.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://oglobo.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 19 Apr 2023 17:18:35 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
map
bcp.crwdcntrl.net/6/ Frame 6F31 		60 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.143.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-143-122.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
40242026594be9cac07f548845d7a27d5b26319c0ab35135f41c9fae1818e7cf

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:35 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache
x-server
10.45.20.54
access-control-allow-credentials
true
content-length
60
expires
0
generate_204
tpc.googlesyndication.com/ Frame FAA3 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?yCsYuA
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
bid
ap.lijit.com/rtb/ Frame 6F31 		22 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.45.0
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
468e419fa26aadba5be76139ecdc6af3f4182f5b95fc24351e26f3d4a0e203cc

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 19 Apr 2023 17:18:36 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://oglobo.globo.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
22
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 6F31 		545 B
603 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13894&site_id=160068&zone_id=1798354&size_id=57&rp_schain=1.0,1!hcodemedia.com,288,1,,,&eid_pubcid.org=238f7aaa-86f5-472c-a5cb-f4c5e1c6ce88%5E1&rf=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&tg_i.domain=oglobo.globo.com&tg_i.page=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&tg_i.adunit=oglobo.globo.com.dw.970x250.inter.cdmx&tg_i.pbadslot=%2F138871148%2Foglobo.globo.com.dw.970x250.inter&tk_flint=pbjs_lite_v7.45.0&x_source.tid=58ff77f1-60bb-4c14-b84c-5bd1cad48a6c&l_pb_bid_id=4c361e6de7a68d&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=58ff77f1-60bb-4c14-b84c-5bd1cad48a6c&rp_maxbids=1&p_gpid=%2F138871148%2Foglobo.globo.com.dw.970x250.inter&slots=1&rand=0.5647326141277844
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
030b8969dc1b865bac2639459e02bde83499522794839cd8c8169e6d2a66b1e1

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:36 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
545
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 6F31 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://oglobo.globo.com
date
Wed, 19 Apr 2023 17:18:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 6F31 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
95a13ecc10fc5e469a886007e80da3733f87fedf70d05859d66226082b4f4f21
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Apr 2023 17:18:36 GMT
AN-X-Request-Uuid
5cabe214-28a4-4502-b70d-d3c748ac7fc9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://oglobo.globo.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.27; 217.114.218.27; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 6F31 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cbb1e4d098743b3dad198780d88f3a7087600f40ad870bc0f97db5c7b8ebb78f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 6F31 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYrAE93th-kjSdI1nvdXKTSXetsjqBoU3U5cyxYZ4zzP8LHjTmE53lYNc_zFIXs6MAq-FHhplaFBSCRAr4WbazxFm9GkDsjrH3lh7If9CenmU18Z1u0rEccMaZQEOnswZE61_OHcfzskY_8JDmasM9r_fAMQgI8fNBsPDodIb4mXukr_WS3UUV1nSJ6ffyUY3kas0aWpVWutpW8OynToaazoIA6dzw7kLfUhKhp7tj7CMrHiZXVTpzmyt_PnMlQtayEEs1Fhimv1OMCHGM-yGzQo8zWuiZbFm02HeGP5FcaqxVW506PZQfhgOchl_HZPfz0wuiAJV8GbXIVCxgvMjJ-3rlUKgIIS3p&sai=AMfl-YT46Z3cErF-KEKYTpl2VxVrlIOPgAbMuX_C9rKZXl6EcdKOSQcCV9O4rxu89ic3r-F2eZXS4Ialw05ErM2H8iB0eaKsGNwpYx8nbcV9inMPxfnYfNqvUrAyJCiREgI&sig=Cg0ArKJSzOo0vv2npOncEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 19 Apr 2023 17:18:36 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1080 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304120201&jk=322820264308904&bg=!zs2lzZnNAAZA7GLoYOw7ADkAdvg8WoDXKoxkPLSU6ywgBoT7LNldwZUA0k0L4LRIu0Qnmac_-4RMQGHV7dWuX2MWmKYYBHIwtb4CAAAATFIAAAAHaAEHmQL1tEmp6-UW_DBOyfEmRIazDWq14ETDt9ELjH9sMeRnDsIFr4mDnajJMqbRJskMFOYTQ0U8sYX_JAKrCIU9DeLZ-0cdmbJKr7_NV6R5ki-A1neQe8GqA92AIltFCmMLz3Nh_nDaKRBpQGUbNCc__f1CYC0asCgWzcS_uQ1sjL-tyAI9qblwmozQZs4D7lBVQYXc7ASfbr1xomFC6GuK84_9GIVsZD6aoZ2IskSoNHHgUwN7KBiHSx3WCZ0RsLwhiY0kPhGXNxF6vq5rqD-dfemxsbOr_pd1QlXq7eql3MdBdhZ61QFPaurAXNe7upGV9Lw2Sf5MnA8IeRBBxs0qUvya4lW56GRT68kk_cTBxg96nX2xEQbZYgmFVKAhSjdPs69mVmIkIFjFzEbx01Lqw_bhi1HJ0xRpSb41JeIWnqkDt_GDxyqy-m3AdpBSIjyIHOqmIlsHU_-3RkOz4023yftGjl76RBMF-639V7ILTwbREQ2rsKQyYnIQaV4lPysAc7-He8l3QUAMQxy0gw-bzLY20bf-zKgMR9unsrHGduCFUx-x2U6qY4MBrSkY0Y04paQideego2Tx7KlZnIzm-9r3xS-OBMoOqcoOVV4yLmC2Qn0re13-YNn0fmEhWuLk6hTmXhFklujn74JKWqSp9nAF9I0PGLlM_P5rL0yEzC__FySccQahBpA2qkEizVlk2BS0h_hnHy1-E4heACocsT4pk7f69Uuvt0FuPu-X-4K3NSXAEAMJ_bzzcCQV82LJjbK9bi_ZyQYpD_hqyXU1g76wjmu83T_BL0LULywSKSDr6DKulJAWdt3o5UuU8se7e1Myho8k6zHnAtOX-WPgCKyM_Ye7yZG2LYDAQqSH_-ftDuOkOGOPomhRqdObMnk_9QW4RA_yn71Mso6Uj9yhqBGUtMtqH1a1Y1N1T7vvWPGqRo5h75KdEw_4Up1wgPXiZRTVxHRgF6ZqYBba5zwtnoh2AvuMsiWFD2NC0ByymCUMEZDLIKyk7w
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
bid
aax.amazon-adsystem.com/e/dtb/ Frame 6F31 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&pid=hSw7YsM1Gb7ER&cb=0&ws=970x250&v=23.407.232&t=1000&slots=%5B%7B%22sd%22%3A%22%2F138871148%2Foglobo.globo.com.dw.970x250.inter%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A125%7D%5D&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.99.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-99-209.prg50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:36 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 4614c36172b2854b1e1e94af37435c8e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PRG50-C1
x-amz-rid
0CK7YPJ54H5DTA8WHTE5
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
5DyXaO_KyZH4x7kr-NTb0c_B9bu51-QrA_ZcvvcmouKhXuE8ddNM7A==
OQER25S.png
i.imgur.com/ Frame CFC9 		270 KB
270 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/OQER25S.png
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
7740eedfa43b13a0c0ef57c77c72240b994238b5a5da8be3a9a32e3bdab60aa9
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:37 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
4951637
x-cache
HIT, HIT
x-amz-storage-class
STANDARD_IA
content-length
276441
x-served-by
cache-iad-kjyo7100131-IAD, cache-fra-eddf8230107-FRA
last-modified
Mon, 16 Sep 2019 22:19:23 GMT
server
cat factory 1.0
x-timer
S1681924718.586194,VS0,VE2
etag
"340aeb974e84b0f941e794593116cd2d"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
16204, 1
j
rp4.liadm.com/ Frame 6F31
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1681924716685&se=e30&duid=da5812f14a1e--01gyd8cxmq0s4ny3sb0820zp3v&pu=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-...
  • https://rp4.liadm.com/j?dtstmp=1681924716685&se=e30&duid=da5812f14a1e--01gyd8cxmq0s4ny3sb0820zp3v&pu=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid...
13 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1681924716685&se=e30&duid=da5812f14a1e--01gyd8cxmq0s4ny3sb0820zp3v&pu=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&wpn=prebid&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjEw&n3pc=true
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Server
34.195.36.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-36-0.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:37 GMT
x-pixel-event-id
cdacbc74-6d15-44d3-85a8-e51fa7e7df00
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
DENY
vary
Origin
content-type
application/json
request-time
0
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
095e8dff2f4b5f6b
content-length
13
x-xss-protection
1; mode=block

Redirect headers

date
Wed, 19 Apr 2023 17:18:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
vary
Origin
location
https://rp4.liadm.com/j?dtstmp=1681924716685&se=e30&duid=da5812f14a1e--01gyd8cxmq0s4ny3sb0820zp3v&pu=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&wpn=prebid&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjEw&n3pc=true
access-control-allow-origin
https://oglobo.globo.com
request-time
0
access-control-allow-credentials
true
trace-id
02e036a8a4910efd
content-length
0
x-xss-protection
1; mode=block
subscribe-button.js
static.infoglobo.com.br/paywall/valor-subscribe-button/v1/scripts/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/valor-subscribe-button/v1/scripts/subscribe-button.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
Apache /
Resource Hash
ac2b0b24d095a1cbd0b3a8a099a9df8c82013e2901a7a46a0a47c1b50d941e05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 17:08:17 GMT
Content-Encoding
gzip
Age
655
grace
none
X-Cache
HIT
Connection
Keep-Alive
Content-Length
692
Last-Modified
Tue, 18 Apr 2023 17:28:57 GMT
Server
Apache
ETag
"a040852c-7a3-5f99fa468c840"
vary
X-Forwarded-Proto
Content-Type
text/javascript
Access-Control-Allow-Origin
*
cache-control
public, max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
X-Cache-Hits
2455
logExecutionStats
c2.piano.io/api/v3/composer/ 		2 B
114 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/api/v3/composer/logExecutionStats?aid=GTCopIDc5z&items=%5B%7B%22mId%22%3A%22timer0GXZ5IBP8JTG337%22%2C%22eId%22%3A%22EXJL5S9I54F3%22%2C%22eV%22%3A28%2C%22eeId%22%3A%2218071ao0cg-000031sqgpmo7co76bsnl1vf00%22%7D%2C%7B%22mId%22%3A%22runJsFFRQ5SEP0P9M199%22%2C%22eId%22%3A%22EXJL5S9I54F3%22%2C%22eV%22%3A28%2C%22eeId%22%3A%2218071ao0cg-000031sqgpmo7co76bsnl1vf00%22%7D%5D&execution_stats_context=%7Bkpdx%7DAAAAsF2up2_1BgoAEhBsZ255anF3Mmd3MzZrY2EwGhIAwzFybmh4amoyIhJ2LSYA8HBhdDNkZ25ycjMqdE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTIuMC41NjE1LjEyMSBTYWZhcmkvNTM3LjM2&ts=1681924716936&source=chain
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:37 GMT
strict-transport-security
max-age=86400; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
cf-ray
7ba6cec8ed8c30f3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2
x-request-id
2nhqxy7wd3
gaAccount
buy.tinypass.com/api/v3/anon/assets/ 		77 B
399 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/assets/gaAccount?aid=GTCopIDc5z&tbc=%7Bkpex%7DwyuDOgPaKpoRvo-fsKwBp8HXUrxSSIAVb7dskwUlYbfOfe97V6sqLXT1dCNQV9W9&user_provider=publisher_user_ref&user_token=&callApiJsonp=true&callback=jsonp6294
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
802cf2b5e2d0e2deb4dd5b1ba6a4cd75f8d449c2ebdcf3ed1f72297a56707c23
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:37 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
wn
prod-dash-10-0-87-68
server
cloudflare
content-type
application/javascript
server-time
0.002
p3p
CP="NON DSP COR OUR IND"
cache-control
public, max-age=86400, s-maxage=86400
x-forwarded-https
on
cf-ray
7ba6cec91c5291ff-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
M1fhdtrA9aV
wl
t.pubmatic.com/ Frame 1080 		17 B
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=157163
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:37 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 19 Apr 2023 16:11:32 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
4025
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Wed, 19 Apr 2023 18:11:32 GMT
collect
www.google-analytics.com/j/ 		3 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2103314295&t=event&ni=0&_s=1&dl=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&ul=en-us&de=UTF-8&dt=Hackers%20amea%C3%A7am%20Valid%20Certificadora%20na%20%27deep%20web%27%20ap%C3%B3s%20tentativa%20de%20ataque%20cibern%C3%A9tico%20%7C%20Lauro%20Jardim%20%7C%20O%20Globo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=beforeBrowserEvent&el=Before%20browser%20event&_u=qChAAEABAAAAACAAI~&jid=1725257290&gjid=1446259369&cid=1201176432.1681924713&tid=UA-54312464-7&_gid=1784354852.1681924717&_r=1&_slc=1&z=1593976731
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=2103314295&t=event&ni=1&_s=2&dl=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&ul=en-us&de=UTF-8&dt=Hackers%20amea%C3%A7am%20Valid%20Certificadora%20na%20%27deep%20web%27%20ap%C3%B3s%20tentativa%20de%20ataque%20cibern%C3%A9tico%20%7C%20Lauro%20Jardim%20%7C%20O%20Globo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=experienceExecute&el=Experience%20execute&_u=qChAAEABAAAAACAAI~&jid=&gjid=&cid=1201176432.1681924713&tid=UA-54312464-7&_gid=1784354852.1681924717&z=2103984383
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Apr 2023 18:05:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83605
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=2103314295&t=event&ni=1&_s=3&dl=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&ul=en-us&de=UTF-8&dt=Hackers%20amea%C3%A7am%20Valid%20Certificadora%20na%20%27deep%20web%27%20ap%C3%B3s%20tentativa%20de%20ataque%20cibern%C3%A9tico%20%7C%20Lauro%20Jardim%20%7C%20O%20Globo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=setResponseVariable&el=Set%20response%20variable&_u=qChAAEABAAAAACAAI~&jid=&gjid=&cid=1201176432.1681924713&tid=UA-54312464-7&_gid=1784354852.1681924717&z=1731333075
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Apr 2023 18:05:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83605
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=2103314295&t=event&ni=1&_s=4&dl=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&ul=en-us&de=UTF-8&dt=Hackers%20amea%C3%A7am%20Valid%20Certificadora%20na%20%27deep%20web%27%20ap%C3%B3s%20tentativa%20de%20ataque%20cibern%C3%A9tico%20%7C%20Lauro%20Jardim%20%7C%20O%20Globo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=showTemplate&el=Show%20template&_u=qChAAEABAAAAACAAI~&jid=&gjid=&cid=1201176432.1681924713&tid=UA-54312464-7&_gid=1784354852.1681924717&z=1813178630
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Apr 2023 18:05:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83605
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=2103314295&t=event&ni=1&_s=5&dl=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&ul=en-us&de=UTF-8&dt=Hackers%20amea%C3%A7am%20Valid%20Certificadora%20na%20%27deep%20web%27%20ap%C3%B3s%20tentativa%20de%20ataque%20cibern%C3%A9tico%20%7C%20Lauro%20Jardim%20%7C%20O%20Globo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=meterActive&el=Meter%20active&_u=qChAAEABAAAAACAAI~&jid=&gjid=&cid=1201176432.1681924713&tid=UA-54312464-7&_gid=1784354852.1681924717&z=59643210
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Apr 2023 18:05:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83605
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
botao-desk.png
s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/OGlobo/VENDAS/GABIGOL/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/OGlobo/VENDAS/GABIGOL/botao-desk.png
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
afbf64269faea29f545eb1ebe14136c6ff31826737e08f8017a114460721ef5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:39 GMT
x-openstack-request-id
tx63e9a59504e949ab8de5a-0064402230
last-modified
Wed, 05 Apr 2023 17:45:14 GMT
x-thanos
0AB47186
etag
3a022b442a0795b38b127083ed863656
vary
Accept-Encoding, Origin
content-type
image/png
x-timestamp
1680716713.96280
cache-control
public, max-age=180
accept-ranges
bytes
content-length
1498
x-trans-id
tx63e9a59504e949ab8de5a-0064402230
x-request-id
5921ba1a-5215-4e00-851f-0503ad011c93
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Foglobo.globo.com%2F&domain=oglobo.globo.com&bundle=miFL9l8lMkZ3TGtadXcwOHozN1RIc2k1MlV1aW1UVlN3UmdEWHJNTUZ2OFZzUXFhYjhNaU9UNyUyRkhUJTJCemFQVnM3RU90NUtpRjclMkZvVHJEZCUyRmVBMU9NSjFKZ1JwRmU2Vk5hdkdSWmhoOU9KczVDOTdrTzQ4STkxZU5vVEp3RjdWem9IJTJCeFppOVpFdUJWWkhhcU11U3YyZXVKcHAxVnclM0QlM0Q&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://oglobo.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 19 Apr 2023 17:18:38 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
293813
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ Frame 6F31 		49 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a000034LEuvAAG&gdpr=0&src=pbjs&ver=7.45.0
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Apr 2023 17:18:39 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
json
gum.criteo.com/sid/ Frame 6F31 		2 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Foglobo.globo.com%2F&domain=oglobo.globo.com&bundle=miFL9l8lMkZ3TGtadXcwOHozN1RIc2k1MlV1aW1UVlN3UmdEWHJNTUZ2OFZzUXFhYjhNaU9UNyUyRkhUJTJCemFQVnM3RU90NUtpRjclMkZvVHJEZCUyRmVBMU9NSjFKZ1JwRmU2Vk5hdkdSWmhoOU9KczVDOTdrTzQ4STkxZU5vVEp3RjdWem9IJTJCeFppOVpFdUJWWkhhcU11U3YyZXVKcHAxVnclM0QlM0Q&cw=1&lsw=1
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:39 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
358152
expires
0
prebid
id5-sync.com/api/config/ Frame 6F31 		135 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
a9017f676ee4e38fc77f91af55f8b7bdcad440a5a379039cbb913f0cbe39a39c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://oglobo.globo.com
date
Wed, 19 Apr 2023 17:18:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame 6F31 		0
0
74387
idx.liadm.com/idex/prebid/ Frame 6F31 		50 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/prebid/74387?duid=da5812f14a1e--01gyd8cxmq0s4ny3sb0820zp3v&resolve=nonId
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.24.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-24-151.compute-1.amazonaws.com
Software
/
Resource Hash
e0ed5ccd2d5c9d9cf46509ab77ab30cf11cc810bb24d7993042f3de60e197f30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Apr 2023 17:18:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
4
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
trace-id
66a9878666b59b8d
content-length
50
expires
Thu, 20 Apr 2023 17:18:39 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2ECF 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=72367
content-encoding
gzip
content-length
5554
content-type
text/html
date
Wed, 19 Apr 2023 17:18:39 GMT
expires
Thu, 20 Apr 2023 13:24:46 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 399A 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 19 Apr 2023 17:18:39 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9B79 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
36254
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 19 Apr 2023 17:18:39 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 29 Mar 2023 07:13:44 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
3345, 360605
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220029-HHN
X-Timer
S1681924719.436346,VS0,VE0
v1
lb.eu-1-id5-sync.com/lb/ Frame 6F31 		33 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
ee8bf8dcd901ed0e5c33976f2a9d890f980a20311a2cf6618fa6df6967216bf7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://oglobo.globo.com
date
Wed, 19 Apr 2023 17:18:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 2ECF 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=44924454&p=157163&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b3c9b6a6c74294f55695ea5e30f7f277fc9252d2b0fc27e501dcb7dddac9ccbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 19 Apr 2023 17:18:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
996.json
id5-sync.com/g/v2/ Frame 6F31 		216 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/996.json
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
a0b1a997fd25d2517e28515dddbbdcb1fed0e178b33a68d57ea08dc73c65aca0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://oglobo.globo.com
date
Wed, 19 Apr 2023 17:18:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame 399A 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f03041a91d6fa1fa2a8b0e108165ce663290378f354ebfdad730de06a2f9f100

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 17:18:39 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Apr 2023 09:06:04 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56845
Connection
keep-alive
Content-Length
10019
Expires
Thu, 20 Apr 2023 09:06:04 GMT
async_usersync
ib.adnxs.com/ Frame 9B79 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Apr 2023 17:18:39 GMT
AN-X-Request-Uuid
b70cde4f-533f-44f9-a0b7-0cb582a44f14
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.27; 217.114.218.27; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 7F8A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c5e36440-226f-4800-bacb-9b0604c28d1c&gdpr=0&gdpr_consent=
42 B
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c5e36440-226f-4800-bacb-9b0604c28d1c&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 19 Apr 2023 17:18:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 19 Apr 2023 17:18:39 GMT
Expires
Wed, 19 Apr 2023 17:18:38 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 830 785530e master cdg-pixel-x34 config_version:"unknown"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c5e36440-226f-4800-bacb-9b0604c28d1c&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 56ED
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210824591752155
42 B
423 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210824591752155
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 19 Apr 2023 17:18:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Wed, 19 Apr 2023 17:18:39 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210824591752155
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
Pug
simage2.pubmatic.com/AdServer/ Frame 4AC8
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 19 Apr 2023 17:18:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Wed, 19 Apr 2023 17:18:39 GMT
expires
Wed, 19 Apr 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
963351
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame FFF0
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5256627883620175868
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5256627883620175868
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 19 Apr 2023 17:18:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5256627883620175868
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame E503
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=iKQ3vYyiNeuTqTboiaQu74-oYOmTo2e9i6E-IWiC
42 B
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=iKQ3vYyiNeuTqTboiaQu74-oYOmTo2e9i6E-IWiC
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 19 Apr 2023 17:18:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Wed, 19 Apr 2023 17:18:39 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=iKQ3vYyiNeuTqTboiaQu74-oYOmTo2e9i6E-IWiC
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2ECF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sk2lzbafSm2UdXK3TA5u7g%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:39 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=72367
accept-ranges
bytes
content-length
5554
expires
Thu, 20 Apr 2023 13:24:46 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 2ECF 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B24DA5CD-B69F-4A6D-9475-72B74C0E6EEE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.20.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-20-4.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:39 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.20.171
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 2ECF
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=4218019108
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=B24DA5CD-B69F-4A6D-9475-72B74C0E6EEE
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=B24DA5CD-B69F-4A6D-9475-72B74C0E6EEE
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:39 GMT
via
1.1 google
last-modified
Wed, 19 Apr 2023 17:18:40 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=B24DA5CD-B69F-4A6D-9475-72B74C0E6EEE
date
Wed, 19 Apr 2023 17:18:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 2ECF
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=B24DA5CD-B69F-4A6D-9475-72B74C0E6EEE
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZTJmWG1lUi1YS3NSeC1XQkItNmpzMFhSUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=5986731816154314662&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
HTTP/1.1
Server
52.7.221.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-221-164.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 17:18:40 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 19 Apr 2023 17:18:40 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 2ECF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjI0REE1Q0QtQjY5Ri00QTZELTk0NzUtNzJCNzRDMEU2RUVF&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 19 Apr 2023 17:18:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 2ECF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJKq2_EIAcAJTS_tzFUhQMQ&google_cver=1
42 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJKq2_EIAcAJTS_tzFUhQMQ&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 19 Apr 2023 17:18:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJKq2_EIAcAJTS_tzFUhQMQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 2ECF 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:39 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 18 Apr 2023 17:18:39 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2ECF
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5986731816154314662
42 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5986731816154314662
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 19 Apr 2023 17:18:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5986731816154314662
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 2ECF 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 19 Apr 2023 17:18:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
setuid
px.ads.linkedin.com/ Frame 399A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGNYJRNC-6-FY2U
0
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGNYJRNC-6-FY2U
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:39 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 91070856E6B24E95A190358F8327B919 Ref B: FRAEDGE1419 Ref C: 2023-04-19T17:18:39Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX5s513a9ULP7Yy0tPZCw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGNYJRNC-6-FY2U
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 399A 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 19 Apr 2023 17:18:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 399A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENBMi8M4nHFJ6Z1whoeGvaY&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENBMi8M4nHFJ6Z1whoeGvaY&google_cver=1
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENBMi8M4nHFJ6Z1whoeGvaY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 399A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWQ5ZDIyMTRmMTQwNTcyYjZhNDQxNWJhZWU0ZTIxZWVhMTVjZGY5ZA
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWQ5ZDIyMTRmMTQwNTcyYjZhNDQxNWJhZWU0ZTIxZWVhMTVjZGY5ZA
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWQ5ZDIyMTRmMTQwNTcyYjZhNDQxNWJhZWU0ZTIxZWVhMTVjZGY5ZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 399A
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7byVB91ES5yhejcoG-IBbQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7byVB91ES5yhejcoG-IBbQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7byVB91ES5yhejcoG-IBbQ
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Apr 2023 17:18:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BPZ1PMNVWJJYRVXJV2QW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7byVB91ES5yhejcoG-IBbQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 399A
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Wxfuz_mMTwi8Uo1BNpd1mA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Wxfuz_mMTwi8Uo1BNpd1mA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Wxfuz_mMTwi8Uo1BNpd1mA
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
HTTP/1.1
Server
54.239.33.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Apr 2023 17:18:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MFMPXVFKSSDAET27EJB2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Wxfuz_mMTwi8Uo1BNpd1mA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 399A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEdOWUpSTkMtNi1GWTJV
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKc6RRPKBca43qkXbC-eMfw&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdOWUpSTkMtNi1GWTJV&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdOWUpSTkMtNi1GWTJV&google_push=
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdOWUpSTkMtNi1GWTJV&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 399A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Cv_BSAb2iZkdHCID2apTrw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-01.63g5E2oJKdCHl8dtcdVubbVvf14pr8cUXfw--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-01.63g5E2oJKdCHl8dtcdVubbVvf14pr8cUXfw--~A
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 19 Apr 2023 17:18:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-01.63g5E2oJKdCHl8dtcdVubbVvf14pr8cUXfw--~A
content-length
0
glb-pv-min.js
s.glbimg.com/bu/rt/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/bu/rt/js/glb-pv-min.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-location-rule
barra-gcs
date
Wed, 19 Apr 2023 17:18:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
2.0 CachOS
x-bip
503420282 ra03 11 05
age
75680
x-cache-status
HIT
content-length
945
x-xss-protection
1; mode=block
x-request-id
915418a8-a822-4a5c-9c20-72b5a8429573
last-modified
Fri, 11 Nov 2022 21:36:41 GMT
x-thanos
0AB1D009
etag
W/"aaaef25ae81d7253ced007ce6451d65e"
vary
Accept-Encoding, Origin
x-served-from
estaticos-gcp-prod
content-type
text/javascript; charset=utf-8
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Wed, 19 Apr 2023 20:17:19 GMT
tv4.min.js
s3.glbimg.com/cdn/libs/tv4/1.3.0/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/libs/tv4/1.3.0/tv4.min.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
gzip
x-openstack-request-id
txef9d2bb3c01e47e4b2f4b-00633f42b6
last-modified
Fri, 25 May 2018 14:11:50 GMT
x-thanos
0AB47186
vary
Accept-Encoding, Origin
content-type
application/javascript
x-timestamp
1527257509.32548
cache-control
public, max-age=31536000
x-trans-id
txef9d2bb3c01e47e4b2f4b-00633f42b6
x-request-id
0b515f40-3ee8-4c43-8fe3-23e99f64aaa6
login-callback.ghtml
oglobo.globo.com/ Frame 0D66
Redirect Chain
  • https://id.globo.com/auth/realms/globo.com/protocol/openid-connect/auth?client_id=oglobo%40apps.globoid&redirect_uri=https%3A%2F%2Foglobo.globo.com%2Flogin-callback.ghtml&state=721e3d26-e0f8-4bfd-8...
  • https://oglobo.globo.com/login-callback.ghtml
345 B
846 B 		Document
General
Check archive.org
Download Go to
Full URL
https://oglobo.globo.com/login-callback.ghtml
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
201.7.177.244 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
956bd91287fd5d85b711fd51418e53c6eeb3536134044ce39f67fb20938e160c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9
cache-control
max-age=10
content-encoding
gzip
content-length
244
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Wed, 19 Apr 2023 17:18:41 GMT
expires
Wed, 19 Apr 2023 17:18:42 GMT
http_x_forwarded_proto
https
redirect_https
https
show-page-version
0
vary
X-Forwarded-Proto, User-Agent, Accept-Encoding
via
2.0 CachOS
wall-blocked-session
0
wall-subscription-level
0
wall-usl-status
x-bip
27603725 wall 1
x-cache-status
HIT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-location-rule
show_services
x-mobile
desktop
x-request-id
20697396-2132-4b35-b0ad-fbbf91562c99
x-served-from
oglobo-router-gcp, Show Services GCP
x-thanos
0A825C65
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since, framework_version_header, system_version_header, platform_header, app_id_header, access_header, globoid_connect_apikey
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store, must-revalidate, max-age=0
content-length
0
date
Wed, 19 Apr 2023 17:18:41 GMT
location
https://oglobo.globo.com/login-callback.ghtml#error=login_required&state=721e3d26-e0f8-4bfd-83e1-99d84575c7de
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ww.js
cdn.ampproject.org/rtv/012304062309000/ 		51 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304062309000/ww.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a05165d9a0184ac75ebba2285568d340442ad78a861c1dfbac47e60a87ae36c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
text/plain
Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 17 Apr 2023 15:14:42 GMT
age
180237
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14440
x-xss-protection
0
server
sffe
etag
"cbbd15d993c36d46"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 16 Apr 2024 15:14:42 GMT
appcues.main.d897c8081b325e478499073bcebfce681470376d.js
fast.appcues.com/generic/main/4.51.0/ 		427 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.appcues.com/generic/main/4.51.0/appcues.main.d897c8081b325e478499073bcebfce681470376d.js
Requested by
Host: fast.appcues.com
URL: https://fast.appcues.com/110142.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ce254497a0252ae08925c913b52df3b0b49e6e8fb74da254b7ab5507ef13470

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:39 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
VKC33MA9W19703CF
age
170822
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
123554
x-amz-id-2
rfMqAklwnEyr1eFWf2gnaxsdbJJwe/CrlDPCUKvzq/gXLmySfrsJJ/5KhKjtnQiyJ1vH9BbMt1k=
x-served-by
cache-hhn-etou8220064-HHN
last-modified
Mon, 17 Apr 2023 17:00:32 GMT
server
AmazonS3
x-timer
S1681924720.942220,VS0,VE0
etag
"5e0c502fe50a84c948a56b273e81edb1"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
9259
cadun.js
s.glbimg.com/pc/ca/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/pc/ca/cadun.js?loading-agent=global-webdeps
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
9f07eb1d3485dabe204a944ab51fd4d7b4f2247c58f170714cfb40ff118af06e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-location-rule
barra-gcs
date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
2.0 CachOS
x-bip
502310920 ra03 11 05
age
75675
x-cache-status
HIT
content-length
4958
x-xss-protection
1; mode=block
x-request-id
e3208f70-7a71-4c7b-ad06-60789aabdc63
last-modified
Fri, 11 Nov 2022 21:56:44 GMT
x-thanos
0AB1D009
etag
W/"d90f88fa40b545a289d34957b165ffb3"
vary
Accept-Encoding, Origin
x-served-from
estaticos-gcp-prod
content-type
text/javascript; charset=utf-8
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Wed, 19 Apr 2023 20:17:24 GMT
globo-ab.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.4.0/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.4.0/globo-ab.min.js?loading-agent=global-webdeps
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
e8bf9ccc765b5576c8b86e1f75a308e112cea4c1ead476dcf94720d10fa6fb0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
gzip
x-openstack-request-id
tx591a4ef3c1dc4a6db840e-0064402201
last-modified
Thu, 12 May 2022 20:00:29 GMT
x-thanos
0AB47186
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1652385628.79171
cache-control
public, max-age=180
x-trans-id
tx591a4ef3c1dc4a6db840e-0064402201
x-request-id
9c46b218-7db5-4e21-b1f8-98032c83b0bb
globo-ab-v2.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/globo-ab-v2.min.js?loading-agent=global-webdeps
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
60b0f8f7a630b8cf83d4c29ddd3e6e614b119208fe97a96cae6dc6311541671b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
gzip
x-openstack-request-id
txf1e778b2c67b4d019f506-00643f0315
last-modified
Wed, 24 Oct 2018 17:17:43 GMT
x-thanos
0AB47186
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1540401462.48634
cache-control
public, max-age=86400
x-trans-id
txf1e778b2c67b4d019f506-00643f0315
x-request-id
cbb2c31e-565e-45ca-9523-53e780594d70
globo-ab.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.0/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.0/globo-ab.min.js?loading-agent=global-webdeps
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
bb396c659a45cda460f579b753cf3a53f83eb8198bd344af0a2e2d9030ef910f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
gzip
x-openstack-request-id
txb912899a899048c0bea6b-0064402244
last-modified
Tue, 19 May 2020 15:37:59 GMT
x-thanos
0AB47186
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1589902678.74751
cache-control
public, max-age=180
x-trans-id
txb912899a899048c0bea6b-0064402244
x-request-id
d5d2dd2d-a6cd-4ae4-984b-dd0b6e238979
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=oglobo.globo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=oglobo.globo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3412847008223880&correlator=2077175084426692&eid=31073865%2C31073883%2C31070233&output=ldjh&gdfp_req=1&vrg=202304130101&ptt=17&impl=fif&iu_parts=85042905%2Cinfo.web.oglobo%2Cblogs%2Clauro-jardim%2Cmateria&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=970x90%7C728x90%7C970x250%7C1x1%7C970x150%7C1190x250%7C1190x150&ifi=2&adks=1693817493&didk=3740535728&sfv=1-0-40&prev_scp=Editora.pos%3DTop%26rc%3Dmc-container-top_0&eri=1&cust_params=ambient%3D%26tipo_pagina%3Dmateria%26editora.random%3D9%26Editora.url%3Dhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico%26Info.Entidades%3Dbrasil%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3D%26permutive%3D%26permutive-id%3D%26ptime%3D1681924713002%26prmtvvid%3D%26prmtvwid%3D&sc=1&cookie=ID%3D891612a06dffe41b%3AT%3D1681924713%3AS%3DALNI_MapVw7IncFmj6ZgPj1Byw6JA31wGQ&gpic=UID%3D00000c06796e95d4%3AT%3D1681924713%3ART%3D1681924713%3AS%3DALNI_MYqw5zlJerB6sm7H3VhJsKwzELy-Q&arp=1&abxe=1&dt=1681924719905&lmt=1681924719&dlt=1681924710691&idt=2746&adxs=315&adys=268&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&frm=20&vis=1&psz=1600x250&msz=970x0&fws=4&ohw=1600&psts=AHQMDFc1z9PjL-Ny-Hjk02rSd1FwCFn2B5Jx7OAWDd8S28v8OXV2_z0pv3J65KDrWpjSSvjq3HdfrnTnagnKV2cNSaC0W-lAKnia&ga_vid=1201176432.1681924713&ga_sid=1681924713&ga_hid=2103314295&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20Y8duZ1PkwSABSAghkEhsKDGlkNS1zeW5jLmNvbRjo3ZnU-TBIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjx25nU-TBIAFICCGQSOwoKcHViY2lkLm9yZxIkYTkzNDM3ODQtMzJmOS00MWIxLWJiNTktNTM2M2UxZGZmOTU4GLDcmdT5MEgAEh0KDmVzcC5jcml0ZW8uY29tGPHbmdT5MEgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lWSE5ZVEZGclkyRlJkMlZ0VUd0V1IxaGxOaXRXWnowOUluMD0YiuCZ1PkwSAA.
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6ab368de7e8ed4e323414c2cde3a629c0ed4536bb0272eff7d1e9dc4175bc8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10044
x-xss-protection
0
google-lineitem-id
5768796390
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138360598354
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cacheableShow
buy.tinypass.com/checkout/template/ Frame 8F41 		28 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTSXB1FQGFV1&templateVariantId=OTVO3AKU5N2PV&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_bd8fd1780b11a0e65b95-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ca2d0116131f61b138ff2642f341369cbc1a67473e9c34dcc7a4cc233bd2dc6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=899
cf-cache-status
EXPIRED
cf-ray
7ba6cedb79b891ff-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Wed, 19 Apr 2023 17:18:40 GMT
expires
Wed, 19 Apr 2023 17:33:39 GMT
last-modified
Wed, 19 Apr 2023 13:04:10 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.009
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-130-107
x-forwarded-https
on
x-request-id
M3fhdtrVKW3
x-xss-protection
0
__inventory.gif
query.petametrics.com/v1/ 		35 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v1/__inventory.gif?ts=1681924719913&jsk=2v84n8g15c1895dv&jsv=20230329&cu=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&item=%7B%22type%22%3A%5B%22article%22%5D%2C%22description%22%3A%5B%22Hackers%20amea%C3%A7am%20Valid%20Certificadora%20na%20%27deep%20web%27%20ap%C3%B3s%20tentativa%20de%20ataque%20cibern%C3%A9tico%22%5D%2C%22title%22%3A%5B%22Hackers%20amea%C3%A7am%20Valid%20Certificadora%20na%20%27deep%20web%27%20ap%C3%B3s%20tentativa%20de%20ataque%20cibern%C3%A9tico%22%5D%2C%22locale%22%3A%5B%22pt_BR%22%5D%2C%22site_name%22%3A%5B%22O%20GLOBO%22%5D%2C%22image%22%3A%5B%22https%3A%2F%2Fs2.glbimg.com%2Fanb_JB_XIFUfaAm-0e-7C9BEZs0%3D%2F600x0%2Ffilters%3Aquality(70)%2Fi.s3.glbimg.com%2Fv1%2FAUTH_da025474c0c44edd99332dddb09cabe8%2Finternal_photos%2Fbs%2F2022%2FA%2Fe%2F0KyrvtTfKYAxvzAO39bA%2Fprogramming-g369f66bd2-1920.jpg%22%5D%2C%22image%3Awidth%22%3A%5B%221200%22%5D%2C%22url%22%3A%5B%22https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml%22%5D%2C%22id%22%3A%5B%22https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml%22%5D%2C%22authors%22%3A%5B%22Jo%C3%A3o%20Paulo%20Saconi%22%5D%2C%22published_time%22%3A%5B%222023-04-18T17%3A13%3A59-03%3A00%22%5D%2C%22modified_time%22%3A%5B%222023-04-18T17%3A15%3A27-03%3A00%22%5D%2C%22image145%22%3A%5B%22https%3A%2F%2Fs2.glbimg.com%2FJbKM7o5KIyYsGnyjAy2kVeUqM1E%3D%2F145x87%2Fsmart%2Ffilters%3Astrip_icc()%2Fs2.glbimg.com%2Fanb_JB_XIFUfaAm-0e-7C9BEZs0%253D%2F600x0%2Ffilters%253Aquality%252870%2529%2Fi.s3.glbimg.com%2Fv1%2FAUTH_da025474c0c44edd99332dddb09cabe8%2Finternal_photos%2Fbs%2F2022%2FA%2Fe%2F0KyrvtTfKYAxvzAO39bA%2Fprogramming-g369f66bd2-1920.jpg%22%5D%2C%22image105%22%3A%5B%22https%3A%2F%2Fs2.glbimg.com%2Foks3X8xlVKCDgmZzFKBaMoHTnrM%3D%2F105x105%2Fsmart%2Ffilters%3Astrip_icc()%2Fs2.glbimg.com%2Fanb_JB_XIFUfaAm-0e-7C9BEZs0%253D%2F600x0%2Ffilters%253Aquality%252870%2529%2Fi.s3.glbimg.com%2Fv1%2FAUTH_da025474c0c44edd99332dddb09cabe8%2Finternal_photos%2Fbs%2F2022%2FA%2Fe%2F0KyrvtTfKYAxvzAO39bA%2Fprogramming-g369f66bd2-1920.jpg%22%5D%2C%22section%22%3A%5B%22Lauro%20Jardim%22%5D%2C%22categoria_materia%22%3A%5B%22%22%5D%2C%22category%22%3A%5B%22oglobo-blogs%22%5D%2C%22protected%22%3A%5B%222%22%5D%2C%22teaser%22%3A%5B%220%22%5D%2C%22sponsored%22%3A%5B%220%22%5D%2C%22tag%22%3A%5B%22Brasil%22%5D%2C%22content_type%22%3A%5B%22post%22%5D%2C%22opinion%22%3A%5B%22false%22%5D%2C%22content_tier%22%3A%5B%22%22%5D%2C%22location%22%3A%5B%22country%3Abrazil%22%5D%2C%22publisher%22%3A%5B%22%22%5D%7D&ttl=0
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:39 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
gtm.js
www.googletagmanager.com/ 		211 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P4R423
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/oglobo/prod/lib-pub-relay-oglobo-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a4550120f07d127035d45263fefba51b0d3795d01beb4c4509e97132a6dd9492
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64724
x-xss-protection
0
last-modified
Wed, 19 Apr 2023 15:10:08 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 19 Apr 2023 17:18:39 GMT
ns.html
www.googletagmanager.com/ Frame CBD4 		934 B
431 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-P4R423
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/oglobo/prod/lib-pub-relay-oglobo-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7bab8552ef40273d5c6b442e9e2ef67622abba0557dbf06361eb72ddd237adfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
247
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 19 Apr 2023 17:18:39 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
094b3613-d266-4324-ba54-f3a8f5a953ca
https://oglobo.globo.com/ 		51 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://oglobo.globo.com/094b3613-d266-4324-ba54-f3a8f5a953ca
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2eb769049ebe0f15dea21f38790c0a9cc234b16d3120f3bbd9174936c582766

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
52088
Content-Type
text/javascript
ns.html
www.googletagmanager.com/ Frame 3EB0 		268 B
161 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-NXVN776&ancestors=GTM-P4R423&restrictions=&gtm.url=https%3A%2F%2Foglobo.globo.com%2F
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-P4R423
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.googletagmanager.com/ns.html?id=GTM-P4R423
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
92
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 19 Apr 2023 17:18:40 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
ns.html
www.googletagmanager.com/ Frame 0767 		268 B
158 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-WSJ4QJD&ancestors=GTM-P4R423&restrictions=&gtm.url=https%3A%2F%2Foglobo.globo.com%2F
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-P4R423
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.googletagmanager.com/ns.html?id=GTM-P4R423
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
92
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 19 Apr 2023 17:18:40 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
ns.html
www.googletagmanager.com/ Frame C103 		268 B
158 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-M3GJS46&ancestors=GTM-P4R423&restrictions=&gtm.url=https%3A%2F%2Foglobo.globo.com%2F
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-P4R423
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.googletagmanager.com/ns.html?id=GTM-P4R423
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
92
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 19 Apr 2023 17:18:40 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
container.d897c8081b325e478499073bcebfce681470376d.css
fast.appcues.com/generic/main/4.51.0/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fast.appcues.com/generic/main/4.51.0/container.d897c8081b325e478499073bcebfce681470376d.css
Requested by
Host: fast.appcues.com
URL: https://fast.appcues.com/generic/main/4.51.0/appcues.main.d897c8081b325e478499073bcebfce681470376d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d64b24d70eadbcdbf4b5223172fea453e18531d8a48f635727d97e45659f96de

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
8WYQ9J5CV65NF0QS
age
170896
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
2027
x-amz-id-2
k97G4iFGQ197WpwIvNLb/rZUzk+Saja9l/wF1MCu82Cq9Y5jssjtT3CedJKEgRFXiAhkBKnScLg=
x-served-by
cache-hhn-etou8220064-HHN
last-modified
Mon, 17 Apr 2023 17:00:31 GMT
server
AmazonS3
x-timer
S1681924720.067633,VS0,VE0
etag
"040cf4e7e86c4d735fc66db697584fb0"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/css; charset=utf-8;
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
8777
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 8F41 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTSXB1FQGFV1&templateVariantId=OTVO3AKU5N2PV&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_bd8fd1780b11a0e65b95-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTSXB1FQGFV1&templateVariantId=OTVO3AKU5N2PV&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_bd8fd1780b11a0e65b95-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
1671
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 17 Apr 2023 01:56:08 GMT
wn
prod-dash-10-0-94-155
server
cloudflare
etag
W/"26850-1681696568000"
vary
accept-encoding
content-type
text/css
server-time
0.000
cache-control
public, max-age=7200
cf-ray
7ba6cedcbb8d91ff-FRA
expires
Wed, 19 Apr 2023 19:18:40 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 8F41 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTSXB1FQGFV1&templateVariantId=OTVO3AKU5N2PV&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_bd8fd1780b11a0e65b95-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1208930
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9EhiE6S5dVaHaZXAXwC4vGLTLFP0Pm%2FrAXMSGmrCR%2B508RAzFmQGoMy4udWqOTKR1O1bCjf1lsll%2BaV18Iy42gVclJIlvF%2Bn%2BOrco5VCEvJjy7%2Bx3UvjJaRNlqPg3IyoVBSxni4%2Bj%2FTfqCBpuh7OHtZ6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ba6cedd1aaf9962-FRA
expires
Mon, 08 Apr 2024 17:18:40 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 8F41 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTSXB1FQGFV1&templateVariantId=OTVO3AKU5N2PV&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_bd8fd1780b11a0e65b95-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8983434
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DbyHrFPICDVNRKAgZuL%2F%2FXqnvn%2F%2BL9WFPE10bINxIUTR5pdOZLiJqN%2FTg6hPbPtTk31i%2FlrwouKrF7c2p%2F6bBypUGapQ7rTQnJYE%2Fn%2FYD4qwZxM9INyAMMu3Dd5m3V7VyWw7kfGzKpk1gBztF9rvohXL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ba6cedd1ab39962-FRA
expires
Mon, 08 Apr 2024 17:18:40 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 8F41 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTSXB1FQGFV1&templateVariantId=OTVO3AKU5N2PV&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_bd8fd1780b11a0e65b95-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
592332
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35086
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R6DZRMEhkzenpWHo1OMNUDZ%2BaNHC1DULtAt1ddCvU4IGYyJtNObJy4IB0SJqnKNYB3kBfqT%2Fere6lW5ite3z4oKhvJ2vUGh8xBRBQPUhnnCZLevRlxxQYOL7lKIufWvt%2BwQyK4zhiuO3fSb0LqefUiPf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ba6cedd1ab49962-FRA
expires
Mon, 08 Apr 2024 17:18:40 GMT
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 8F41 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTSXB1FQGFV1&templateVariantId=OTVO3AKU5N2PV&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_bd8fd1780b11a0e65b95-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1204500
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3978
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-2bd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WpKQEEM0avS3NAFMXze5SktoQiKdDMvLdqibJZ7NGA2nrsgFDESzY8a9MnQO6pIV6%2BtQ6TjV%2FV%2B7wE%2F8%2F2DBG6D5LLwGH4XD6uKjX2zq0dbSWt7qNHKDsGSsX9wy5ZI6xNCoftjYjB9xUNqD60JBn5%2FG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ba6cedd1ab59962-FRA
expires
Mon, 08 Apr 2024 17:18:40 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 8F41 		825 B
752 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTSXB1FQGFV1&templateVariantId=OTVO3AKU5N2PV&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_bd8fd1780b11a0e65b95-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
505584
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
434
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LINwbxdM0DPkD783V213Aijxe3FV4yAjChLTXmKCh45%2Be2gvrurFCzA2QDDSPRvOExk6wKW6Lrz9rVuuS7%2FOlLfRfQAoAF30VkkbzSMzvHFmFk3SxwDdsliBCL%2Fy%2B55cItifjuzo8cRFkEcTOozfWvvx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ba6cedd1ab69962-FRA
expires
Mon, 08 Apr 2024 17:18:40 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 8F41 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTSXB1FQGFV1&templateVariantId=OTVO3AKU5N2PV&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_bd8fd1780b11a0e65b95-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
52046
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eV9f2LMzOqTBOlGlrGAFhGj2qNfr1E6Jv9l2xqD%2B%2Bilnc1gimBn43WxqcqidY02HKeP66SMhN%2FDNUvqwjleqZIDPzeVSELrSzcUDQhkAw86sHntLViUOhaWjRryMt3IwcWaKkTzj19bMRb9cULBOLWWx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ba6cedd1ab99962-FRA
expires
Mon, 08 Apr 2024 17:18:40 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 8F41 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTSXB1FQGFV1&templateVariantId=OTVO3AKU5N2PV&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_bd8fd1780b11a0e65b95-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
170778
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
953
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ybn9fOMvBIq5gb%2BJhLyihtEUKeOXOopSbQz2kQ4J8ClTIRL%2BtkcU214MOaTpVl60n3cAIsMcYj76oYFnPMs%2FvzqLXAHFOy%2Fy6jVTTyuYlTRO1nrGj4YwZ9bfs8sJ0i9HGdnQElxPGNyvoAKwVakMZ%2BAx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ba6cedd1ab79962-FRA
expires
Mon, 08 Apr 2024 17:18:40 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 8F41 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTSXB1FQGFV1&templateVariantId=OTVO3AKU5N2PV&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_bd8fd1780b11a0e65b95-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2331134
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7490
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kYqwOvaI1UZFpfwRNdS0T1%2BuhoYoyfSy6q%2F3hfst7P5Ael4r%2FHJ9nnqQpoSF3ySl1l983AcoIFNKkMXYXN6JYfAIuAy5n%2FnRdI%2FIGDyFnBqCZHStGvL4%2BYuCf%2BMm8cUutI7P8ojNbfjCsHF%2FmL6Ffqze"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ba6cedd4add9962-FRA
expires
Mon, 08 Apr 2024 17:18:40 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 8F41 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTSXB1FQGFV1&templateVariantId=OTVO3AKU5N2PV&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_bd8fd1780b11a0e65b95-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
170054
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
910
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u525U%2FH58TyWLyQkFSjVKbi4HXraBvdSdnEnzmA0ZPh12xyyHa7UhZ1iozVzlxMAGcYjHp8u8BLBpWXQolvkYWfyGIPrwI12scTDkTSweM6jcyrbA%2FGAV7OwjA5CwMO616crUp2Fd2duPromYc7dRjcL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ba6cedd4adf9962-FRA
expires
Mon, 08 Apr 2024 17:18:40 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 8F41 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTSXB1FQGFV1&templateVariantId=OTVO3AKU5N2PV&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_bd8fd1780b11a0e65b95-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2400145
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6934
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-4f8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTu6lDEsjGEs5%2FqlButEvn8n17m3btCAPxY67KzAsOQ4YPBql0uf%2BVIRjiu6IP0muLWYIHajUhve%2FipIPRlafKpP8DXUKOp7VgBoKVb8nA7C5LHa7WR0JuB6peKt7t%2Fd40U6W1hjqKW%2FAZqOH%2BE1VBM4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ba6cedd1ab89962-FRA
expires
Mon, 08 Apr 2024 17:18:40 GMT
loadTranslationMap
buy.tinypass.com/showtemplate/general/ Frame 8F41 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=GTCopIDc5z&version=1483354452000&language=pt_BR
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTSXB1FQGFV1&templateVariantId=OTVO3AKU5N2PV&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_bd8fd1780b11a0e65b95-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e203fc1358e2baa0e35cf6999e059b111046b3e42813527475bdbc1759556c10
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTSXB1FQGFV1&templateVariantId=OTVO3AKU5N2PV&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_bd8fd1780b11a0e65b95-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
M4fhdtrNzxs
pragma
wn
prod-dash-10-0-83-234
server
cloudflare
vary
accept-encoding
content-type
application/javascript;charset=UTF-8
server-time
0.002
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
7ba6cedccb9891ff-FRA
expires
Thu, 20 Apr 2023 13:18:40 EDT
platform-translation-map_pt_BR.js
buy.tinypass.com/ng/common/i18n/ Frame 8F41 		0
0
H4sIAAAAAAAAAD3IMQrAIAwAwA_VBJ36mxJrkEhqxUT6_W5ux-EnpbJjEXN0foaSMzbbhrx6UT5QJRtSr0tphggJUkKJZ9-n703K1_CQJzT7AT7l-KhaAAAA
buy.tinypass.com/_sam/ Frame 8F41 		115 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IMQrAIAwAwA_VBJ36mxJrkEhqxUT6_W5ux-EnpbJjEXN0foaSMzbbhrx6UT5QJRtSr0tphggJUkKJZ9-n703K1_CQJzT7AT7l-KhaAAAA?compressed=true&v=15.158.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTSXB1FQGFV1&templateVariantId=OTVO3AKU5N2PV&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_bd8fd1780b11a0e65b95-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
723ac9bb77e415d4f1aea6c39a2bf59cb125644f33d3b5943d3f543c2aad3dc8
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTSXB1FQGFV1&templateVariantId=OTVO3AKU5N2PV&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_bd8fd1780b11a0e65b95-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
312
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 18 Apr 2023 13:30:30 GMT
wn
prod-dash-10-0-83-234
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
server-time
0.001
cache-control
public, max-age=604488
x-optimized-by
_sam
cf-ray
7ba6cedccb9f91ff-FRA
expires
Wed, 26 Apr 2023 17:13:28 GMT
style.css
buy.tinypass.com/ Frame 8F41 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/style.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTSXB1FQGFV1&templateVariantId=OTVO3AKU5N2PV&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_bd8fd1780b11a0e65b95-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTSXB1FQGFV1&templateVariantId=OTVO3AKU5N2PV&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_bd8fd1780b11a0e65b95-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
vary
accept-encoding
content-type
text/html
cache-control
public, max-age=1200
cf-ray
7ba6cedccba291ff-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 19 Apr 2023 17:38:40 GMT
css2
fonts.googleapis.com/ Frame 8F41 		3 KB
921 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,200;0,700;1,500&display=swap
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTSXB1FQGFV1&templateVariantId=OTVO3AKU5N2PV&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_bd8fd1780b11a0e65b95-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
874cf24c5a2c1667467dcc462ec3013987552ae78973e51644010e65eacf615a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 19 Apr 2023 17:18:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Apr 2023 17:18:40 GMT
Vector.png
s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/OGlobo/VENDAS/BARREIRA_OFERTAS/ Frame 8F41 		475 B
824 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/OGlobo/VENDAS/BARREIRA_OFERTAS/Vector.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTSXB1FQGFV1&templateVariantId=OTVO3AKU5N2PV&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_bd8fd1780b11a0e65b95-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
a1d363a457ec0275cbf5f456d064d0e33f61baf886a255523801abf897e34984

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
x-openstack-request-id
tx1a3516e8237f4048856c1-00644021bc
last-modified
Thu, 12 Jan 2023 18:57:49 GMT
x-thanos
0AB47186
etag
3e8723fa7ae320a9f9f461c68a1a8690
vary
Accept-Encoding, Origin
content-type
image/png
x-timestamp
1673549868.32962
cache-control
public, max-age=180
accept-ranges
bytes
content-length
475
x-trans-id
tx1a3516e8237f4048856c1-00644021bc
x-request-id
e1959665-3415-4729-bc38-0e13c27b5a14
pack-figma.png
s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/OGlobo/VENDAS/packs_templates/abril_23/ Frame 8F41 		130 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/OGlobo/VENDAS/packs_templates/abril_23/pack-figma.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTSXB1FQGFV1&templateVariantId=OTVO3AKU5N2PV&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_bd8fd1780b11a0e65b95-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
3bf1b81bce2e18990fbc82ce3b53ddff9ee069ca382b321c55fb7053ecb89996

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
x-openstack-request-id
tx1be6fa3fa8e34eaaa3152-00644021bc
last-modified
Thu, 30 Mar 2023 19:48:21 GMT
x-thanos
0AB47186
etag
6a75edd4217b9a8e9391fff7da601c11
vary
Accept-Encoding, Origin
content-type
image/png
x-timestamp
1680205700.50901
cache-control
public, max-age=180
accept-ranges
bytes
content-length
133435
x-trans-id
tx1be6fa3fa8e34eaaa3152-00644021bc
x-request-id
74971cdc-9414-48ee-8c9d-0a24a769099a
publisher:getClientId
ampcid.google.com/v1/ 		74 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
x-xss-protection
0
gtm.js
www.googletagmanager.com/ 		103 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NXVN776&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4R423
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
41ff83d81a5671cf1d0a12bc195cb490f72b1b50b735cb4dfc045fb585726578
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40749
x-xss-protection
0
last-modified
Wed, 19 Apr 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 19 Apr 2023 17:18:40 GMT
gtm.js
www.googletagmanager.com/ 		103 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WSJ4QJD&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4R423
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
980e544366284bae811ab17858f78862fad0b373091f6b0962d3bfd40380c8e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40628
x-xss-protection
0
last-modified
Wed, 19 Apr 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 19 Apr 2023 17:18:40 GMT
gtm.js
www.googletagmanager.com/ 		100 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M3GJS46&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4R423
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ff0d28d5a18aa986e18940bca36886c032fbdb64c37e9a3cfa71c4eed63e6689
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39966
x-xss-protection
0
last-modified
Wed, 19 Apr 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 19 Apr 2023 17:18:40 GMT
101240.js
cdn.targeting.voxus.com.br/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.targeting.voxus.com.br/101240.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4R423
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1c97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5c206c8047b47f0eb92bbe98c8e0d44060e9763b8426548c2c11b4c1547f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 18 Apr 2023 19:45:08 GMT
server
cloudflare
age
77612
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=15552000
accept-ranges
bytes
cf-ray
7ba6cedd9b5d6949-FRA
content-length
900
expires
Thu, 18 May 2023 19:44:26 GMT
ivc.js
gadasource.storage.googleapis.com/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gadasource.storage.googleapis.com/ivc.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 16:36:29 GMT
content-encoding
gzip
age
2531
x-guploader-uploadid
ADPycdvwZWwhhC46OtiYs1EF4OokNSOHE_BM_S9-3E2cz-ttql1TqLUnd_xDwEtwUpKe_0Sq66u62G23g5AI6y_2QZQD5A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24321
last-modified
Mon, 02 Sep 2019 19:50:51 GMT
server
UploadServer
etag
"cdaa61cbc24c48191196b45b31a7e18b"
vary
Accept-Encoding
x-goog-generation
1567453851562424
x-goog-hash
crc32c=okr5pw==, md5=zaphy8JMSBkRlrRbMafhiw==
content-type
text/plain
cache-control
public, max-age=3600
x-goog-stored-content-length
24321
accept-ranges
bytes
expires
Wed, 19 Apr 2023 17:36:29 GMT
lib-pub-ext-tags-oglobo-latest.js
s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-external-tags/oglobo/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-external-tags/oglobo/prod/lib-pub-ext-tags-oglobo-latest.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4R423
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
e3f422ae8bc9e4874e20a1d051cc2cde9a2e2f0e84d8a4ef84a82d90b3b5cc79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
gzip
x-openstack-request-id
tx13f6d4103ccf4aba8f8ab-0064402267
last-modified
Tue, 07 Mar 2023 22:45:23 GMT
x-thanos
0AB47186
vary
Accept-Encoding, Origin
x-object-meta-mtime
1678228396.000000
content-type
application/javascript
x-timestamp
1678229122.74863
cache-control
public, max-age=180
x-trans-id
tx13f6d4103ccf4aba8f8ab-0064402267
x-request-id
c0620258-dd84-4b4a-a73a-1f85ce06e315
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2396:2000:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 01:10:22 GMT
content-encoding
gzip
via
1.1 c2932c75b25bc91b15c5d7c319b82150.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:25:10 GMT
server
nginx
x-amz-cf-pop
MCT50-P1
age
58098
etag
W/"63921df6-9377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
ySPGN9OkdTr03quKLMk_djK5klX8gykculOi3lWeIIUij20X26BSig==
expires
Thu, 20 Apr 2023 01:10:22 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2396:2000:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 01:13:31 GMT
content-encoding
gzip
via
1.1 c2932c75b25bc91b15c5d7c319b82150.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
x-amz-cf-pop
MCT50-P1
age
57909
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
fcpenFPQXVJrojE3VKTbqkrMu8XfjrRmVUgOmu-uzSEKvDszwZgnwQ==
expires
Thu, 20 Apr 2023 01:13:31 GMT
js
www.googletagmanager.com/gtag/ 		242 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-F6Y6KJC9BQ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4R423
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1e4a93ca0375cf94c0f63be752fbc4c8be7a3a8b0be87654b245e0cdaeef8dbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83828
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 19 Apr 2023 17:18:40 GMT
quantum-globo.js
cdn.quantummetric.com/qscripts/ 		238 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.quantummetric.com/qscripts/quantum-globo.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6143ba9ab99e82240625df8bb6286a74476a3c95bfb065f2cd199c128306e0fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options no-sniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
no-sniff
cf-cache-status
HIT
content-encoding
br
server
cloudflare
age
265
etag
W/"167725385188516819181561641681891202451"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
cf-ray
7ba6cedd790e3a8c-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
loader.js
cdn.taboola.com/libtrc/editoraglobonetwork/ 		957 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9bcab23547d9361974e34a690325af5e2c9498e949d5301caef339de7560187a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
wf67OSMpbUXPpMV8VyAaagOyvqE7ndRJ
content-encoding
gzip
via
1.1 varnish
date
Wed, 19 Apr 2023 17:18:40 GMT
x-amz-request-id
QXK2E4B3KNW1BPQY
age
5490
x-amz-server-side-encryption
AES256
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
18
x-amz-replication-status
FAILED
content-length
70111
x-amz-id-2
Uz2G+Hc3OuucJpwHLJnjrVZ6sF5dnMSQdTzWFRFI3gahdQRTWlxd4JgBmpPwS6ps2CGfq8pjehA=
x-served-by
cache-hhn-etou8220066-HHN
last-modified
Wed, 19 Apr 2023 15:22:37 UTC
server
nginx
x-timer
S1681924720.261284,VS0,VE2
etag
"a69e7dd6ce2d119fe32fd86fb9a46faf7177a575"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
27
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=oglobo.globo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=oglobo.globo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		889 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3412847008223880&correlator=4353944074472604&eid=31073865%2C31073883%2C31070233&output=ldjh&gdfp_req=1&vrg=202304130101&ptt=17&impl=fif&iu_parts=85042905%2Cinfo.web.oglobo%2Cblogs%2Clauro-jardim%2Cmateria&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&ifi=3&adks=3002559144&didk=4212400324&sfv=1-0-40&prev_scp=Editora.pos%3DDhtml&eri=1&cust_params=ambient%3D%26tipo_pagina%3Dmateria%26editora.random%3D9%26Editora.url%3Dhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico%26Info.Entidades%3Dbrasil%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3D%26permutive%3D%26permutive-id%3D%26ptime%3D1681924713002%26prmtvvid%3D%26prmtvwid%3D&sc=1&cookie=ID%3D891612a06dffe41b%3AT%3D1681924713%3AS%3DALNI_MapVw7IncFmj6ZgPj1Byw6JA31wGQ&gpic=UID%3D00000c06796e95d4%3AT%3D1681924713%3ART%3D1681924713%3AS%3DALNI_MYqw5zlJerB6sm7H3VhJsKwzELy-Q&arp=1&abxe=1&dt=1681924720167&lmt=1681924720&dlt=1681924710691&idt=2746&adxs=800&adys=4089&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&frm=20&vis=1&psz=1600x347&msz=1600x30&fws=4&ohw=1600&psts=AHQMDFc1z9PjL-Ny-Hjk02rSd1FwCFn2B5Jx7OAWDd8S28v8OXV2_z0pv3J65KDrWpjSSvjq3HdfrnTnagnKV2cNSaC0W-lAKnia&ga_vid=1201176432.1681924713&ga_sid=1681924713&ga_hid=2103314295&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20Y8duZ1PkwSABSAghkEhsKDGlkNS1zeW5jLmNvbRjo3ZnU-TBIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjx25nU-TBIAFICCGQSOwoKcHViY2lkLm9yZxIkYTkzNDM3ODQtMzJmOS00MWIxLWJiNTktNTM2M2UxZGZmOTU4GLDcmdT5MEgAEh0KDmVzcC5jcml0ZW8uY29tGPHbmdT5MEgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lWSE5ZVEZGclkyRlJkMlZ0VUd0V1IxaGxOaXRXWnowOUluMD0YiuCZ1PkwSAA.
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9de7ecdc580d8aa956401bff190c4a7543633085cdf6d12854b1441f977e8cf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
396
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		889 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3412847008223880&correlator=3320535693649519&eid=31073865%2C31073883%2C31070233&output=ldjh&gdfp_req=1&vrg=202304130101&ptt=17&impl=fif&iu_parts=85042905%2Cinfo.web.oglobo%2Cblogs%2Clauro-jardim%2Cmateria&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&ifi=4&adks=3413352251&didk=3851748554&sfv=1-0-40&prev_scp=Editora.pos%3Din-image&eri=1&cust_params=ambient%3D%26tipo_pagina%3Dmateria%26editora.random%3D9%26Editora.url%3Dhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico%26Info.Entidades%3Dbrasil%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3D%26permutive%3D%26permutive-id%3D%26ptime%3D1681924713002%26prmtvvid%3D%26prmtvwid%3D&sc=1&cookie=ID%3D891612a06dffe41b%3AT%3D1681924713%3AS%3DALNI_MapVw7IncFmj6ZgPj1Byw6JA31wGQ&gpic=UID%3D00000c06796e95d4%3AT%3D1681924713%3ART%3D1681924713%3AS%3DALNI_MYqw5zlJerB6sm7H3VhJsKwzELy-Q&arp=1&abxe=1&dt=1681924720170&lmt=1681924720&dlt=1681924710691&idt=2746&adxs=0&adys=4089&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&frm=20&vis=1&psz=1600x347&msz=1600x0&fws=4&ohw=1600&psts=AHQMDFc1z9PjL-Ny-Hjk02rSd1FwCFn2B5Jx7OAWDd8S28v8OXV2_z0pv3J65KDrWpjSSvjq3HdfrnTnagnKV2cNSaC0W-lAKnia&ga_vid=1201176432.1681924713&ga_sid=1681924713&ga_hid=2103314295&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20Y8duZ1PkwSABSAghkEhsKDGlkNS1zeW5jLmNvbRjo3ZnU-TBIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjx25nU-TBIAFICCGQSOwoKcHViY2lkLm9yZxIkYTkzNDM3ODQtMzJmOS00MWIxLWJiNTktNTM2M2UxZGZmOTU4GLDcmdT5MEgAEh0KDmVzcC5jcml0ZW8uY29tGPHbmdT5MEgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lWSE5ZVEZGclkyRlJkMlZ0VUd0V1IxaGxOaXRXWnowOUluMD0YiuCZ1PkwSAA.
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26e49417bbedb84b8b8857bac8b083230999f9abc6366968c8f174e8ffc56211
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
396
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
logged
cocoon.globo.com/v2/user/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cocoon.globo.com/v2/user/logged
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.153.86 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
86.153.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
POST
Origin
https://oglobo.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://oglobo.globo.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 19 Apr 2023 17:18:41 GMT
server
nginx
via
1.1 google
login.css
s.glbimg.com/pc/ca/ 		846 B
912 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/pc/ca/login.css
Requested by
Host: s.glbimg.com
URL: https://s.glbimg.com/pc/ca/cadun.js?loading-agent=global-webdeps
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
d3decc75ba01ec53d1204eee13646967c5ec5ae009d0172ff3a06d38e0c8ef44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-location-rule
barra-gcs
date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
2.0 CachOS
x-bip
503420289 ra03 11 05
age
75677
x-cache-status
HIT
content-length
419
x-xss-protection
1; mode=block
x-request-id
8a8a69df-28f3-4127-89a9-f0626399a44f
last-modified
Fri, 11 Nov 2022 21:56:44 GMT
x-thanos
0AB1D009
etag
W/"263666896930a877f4ad09cc6d6e75ea"
vary
Accept-Encoding, Origin
x-served-from
estaticos-gcp-prod
content-type
text/css; charset=utf-8
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Wed, 19 Apr 2023 20:17:23 GMT
logged
cocoon.globo.com/v2/user/ 		188 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cocoon.globo.com/v2/user/logged
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.153.86 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
86.153.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
7a58e89abab305ebca1ad8d64dad7a056831973dae863b4db026f71df4c2653a

Request headers

Referer
https://oglobo.globo.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:42 GMT
via
1.1 google
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
access-control-allow-origin
https://oglobo.globo.com
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
content-length
188
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
lib-analytics-latest.js
s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-analytics/prod/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-analytics/prod/lib-analytics-latest.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSJ4QJD&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
1f864cb16d14e6fb99bdfbc75db04c0f25d0699e27076c2541ee9edc0ee5d166

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
gzip
x-openstack-request-id
txdf34bc36ec8b4f35a7b71-0064402268
last-modified
Fri, 14 Apr 2023 14:06:03 GMT
x-thanos
0AB47186
vary
Accept-Encoding, Origin
x-object-meta-mtime
1681480738.000000
content-type
application/javascript
x-timestamp
1681481162.89009
cache-control
public, max-age=180
x-trans-id
txdf34bc36ec8b4f35a7b71-0064402268
x-request-id
ad9c33a3-6928-455e-a204-ecfca315db80
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-F6Y6KJC9BQ&gtm=45je34c0&_p=2103314295&cid=1201176432.1681924713&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681924720&sct=1&seg=0&dl=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&dt=Hackers%20amea%C3%A7am%20Valid%20Certificadora%20na%20%27deep%20web%27%20ap%C3%B3s%20tentativa%20de%20ataque%20cibern%C3%A9tico%20%7C%20Lauro%20Jardim%20%7C%20O%20Globo&en=page_view&_fv=1&_ss=1&ep.AllowLinker=false&ep.cookieDomain=auto&ep.title=Hackers%20amea%C3%A7am%20Valid%20Certificadora%20na%20%27deep%20web%27%20ap%C3%B3s%20tentativa%20de%20ataque%20cibern%C3%A9tico&ep.agencia_de_noticias=&epn.hora_da_publicacao=17&ep.tem_mutimidia=Sim&ep.tipo_de_conteudo=materia&ep.entidades=%23%20brasil%20%23&epn.quantidade_de_links=6&ep.data_da_publicacao=20230418&ep.Tags=&ep.Autores=Jo%C3%A3o%20Paulo%20Saconi&ep.quantidade_de_comentarios=&ep.pagina_anterior=(direto%2Findefinido)&ep.origem_da_pagina=viral&ep.conteudo_exclusivo_assinantes=Sim&ep.categoria_da_materia=&ep.equipe=Jo%C3%A3o%20Paulo%20Saconi&ep.content_id=7c4cfd05-d5b4-4fb0-bf34-eb24cf66cf1a
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F6Y6KJC9BQ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publisher:getClientId
ampcid.google.de/v1/ 		3 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
/
usergate.globo.com/ 		30 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://usergate.globo.com/
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.198.44.170 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
170.44.198.35.bc.googleusercontent.com
Software
/
Resource Hash
95492967ea569084237dbcd677d3eb2e98e8e5a1c5f7951619d3106dc1514300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:41 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
access-control-allow-headers
User-Agent,Content-Type,Cookie,X-App,GLBID,GST
i
ivccf.ivcbrasil.org.br/ 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivccf.ivcbrasil.org.br/i?stm=1681924720404&e=pv&url=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&page=Hackers%20amea%C3%A7am%20Valid%20Certificadora%20na%20%27deep%20web%27%20ap%C3%B3s%20tentativa%20de%20ataque%20cibern%C3%A9tico%20%7C%20Lauro%20Jardim%20%7C%20O%20Globo&tv=js-2.9.2-SNAPSHOT&tna=cf&aid=9&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&eid=3e36a268-cc3a-4377-8be7-176aadd8158b&dtm=1681924720400&vp=1600x1200&ds=1600x4467&vid=1&sid=e11c07c8-c0b9-45a6-8153-09859f1a1568&duid=b1fbbe11-dd32-4dd0-9fc4-e7553045ad13&fp=2591939933
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.230.120 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-230-120.us-west-2.compute.amazonaws.com
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 17:18:41 GMT
Server
Apache/2.4.51 () OpenSSL/1.0.2k-fips
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
load.js
widget.perfectmarket.com/editoraglobonetwork/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/editoraglobonetwork/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a631724cecac8cf46ece583f5717dce6335c12c4e364c837a9aa376e85b43322

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
96SXZm1_vuUWZ2qonXeDPFXCMBPcVT5j
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Wed, 19 Apr 2023 17:18:40 GMT
x-amz-request-id
RF2CT111A3D1SW7R
age
11
x-cache
HIT, HIT
content-length
2143
x-amz-id-2
k6WMHk3nBHVu4JanC2biEWm7LBQ1iRzqYA1Fgjrv+cS60ocQEjtwoYyFKCt9BxPAig16wbZjBKc=
x-served-by
cache-bur-kbur8200038-BUR, cache-hhn-etou8220059-HHN
last-modified
Wed, 11 May 2022 16:32:46 GMT
server
AmazonS3
x-timer
S1681924720.495969,VS0,VE1
etag
"f720015773ac2581bfedfc349bc4a9d1"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-cache-hits
5116, 1
impl.20230419-3-RELEASE.js
cdn.taboola.com/libtrc/ 		758 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230419-3-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
8f4c6cd42009734183f874ce690e21b73724cecf6b4d645945e9726372cc8274

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
zL9x.i3hfOJsKRFdKAeeq.5WJHy8z_2j
content-encoding
br
via
1.1 varnish
date
Wed, 19 Apr 2023 17:18:40 GMT
x-amz-request-id
A92D1EYPE7GP4K8E
age
893
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
161718
x-amz-id-2
R5q95SVRUijI5itQm9sWgLqRHiF7B8stmrZWAOkoTv3s2UB6ueLeZXDdVzD3eqfvPwhKmbAB42o=
x-served-by
cache-hhn-etou8220066-HHN
last-modified
Wed, 19 Apr 2023 09:03:47 GMT
server
AmazonS3-br
x-timer
S1681924720.444007,VS0,VE0
etag
"3a46fb1ee923054e64c5967a208fb0c3"
vary
Accept-Encoding
content-type
application/javascript
abp
28
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
3701
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-23.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 09:36:45 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 09:22:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
27716
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
BMJdEj_viy4wXfXD_BOq8-AegNXWDstd8i07PbwpTiQjpfZ3ILV94Q==
view
securepubads.g.doubleclick.net/pcs/ Frame 3752 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4JXgZHGuSozax8tDaWglLmVihScdiSxNi-eK44yJDgDXFxHlavH0fPANO2K6QGS71eX-Y_B58OvQlBuwyJii32aWwN-NBw2HydYT0QPeAvHBm3bas9YQUpG8H60JbFZo_RfMHJBfQaio14NMn2aBr2D7iaASGQ6I815HpMIwHahuIGzstNa_eI3nktWMs2CuOmDQPx5P6EJoyS6ZjKtxo0Rk-AlTNS_VYabwoKo_bVYZp78ZlKpzKjXfz705yNP4XB-yT5nNtMXWAa4VUYWHbOwtKuPHZKKxaPhDFoFrFyfvpZvZzk-5ah1E0fUljgMf0qoVV_2v_jAiv_4UovuCe7Q8vL4Fm5YEMou4CkCOONMMw&sai=AMfl-YQGZHd3BtflR3nL_SoUVdCRLBR1Fvh2AiVgc3stoI0-bs-rRw6dnVisou06R_SBBuZCYaogDVAoUMby_qmAjIhTCb_fA9KEdZqKP5IRUKutRyGvjVieJMzpH38SwFQ&sig=Cg0ArKJSzAnT4NKlGG6VEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 3752 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41c2b84f12f882ae5b50c007eb7420b3e7f82fc2ba720eefd884246be5172eb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25366
x-xss-protection
0
server
cafe
etag
506 / 19466 / 31073954 / config-hash: 14560336452053094010
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 19 Apr 2023 17:18:40 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157163/4984/ Frame 3752 		556 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4237c10c4fd4720ccd07086fe9162a975f2e47d7aa922535c018e400de483146

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
gzip
last-modified
Tue, 28 Feb 2023 17:54:44 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=47725
accept-ranges
bytes
content-length
164665
expires
Thu, 20 Apr 2023 06:34:05 GMT
owHCMR.js
s3.amazonaws.com/script-tags/ Frame 3752 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/script-tags/owHCMR.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.10.205 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
42df2970a7b0d495eb52f6408e37f8fd67b58f1850a835f52930bd7794325486

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 17:18:41 GMT
Last-Modified
Tue, 11 Apr 2023 20:53:11 GMT
Server
AmazonS3
x-amz-request-id
VDNTCCV5NXHQQ519
ETag
"ccbc7ce104053f91f640c00c41370cff"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
16471
x-amz-id-2
NpDQWDfr7Kb9oqB/5z1ZTchgP3ZZ3y3SeQKt+rCuIfRzEFhwGcRISHH5GPjtxuH6qsy1DUKC8Oc=
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3752 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcba6d68321742b971eda8d36254297a368c6a5dba5486f36076f25d66891d9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49673
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681775021301287"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Apr 2023 17:18:40 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-51216819-1&cid=1201176432.1681924713&jid=1178106723&gjid=2119071993&_gid=1784354852.1681924717&_u=6CjAgEABAAQCAGAGK~&z=162082404
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 19 Apr 2023 17:18:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=2103314295&t=event&ni=0&_s=1&dl=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&dp=%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&ul=en-us&de=UTF-8&dt=Hackers%20amea%C3%A7am%20Valid%20Certificadora%20na%20%27deep%20web%27%20ap%C3%B3s%20tentativa%20de%20ataque%20cibern%C3%A9tico&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Piano&ea=Cobertura_API_Sem&el=SemClientId&_u=6CjAgEABAAQCACAGK~&jid=1178106723&gjid=2119071993&cid=1201176432.1681924713&tid=UA-51216819-1&_gid=1784354852.1681924717&gtm=45He34c0n71P4R423&cd1=%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&cd4=20230418&cd5=17&cd6=&cd7=Jo%C3%A3o%20Paulo%20Saconi&cd8=&cd9=materia&cd10=Sim&cd11=6&cd12=&cd45=(direto%2Findefinido)&cd46=viral&cd52=1201176432.1681924713&cd60=Sim&cd61=&cd82=responsivo&cd83=Jo%C3%A3o%20Paulo%20Saconi&cd90=7c4cfd05-d5b4-4fb0-bf34-eb24cf66cf1a&z=1019115849
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Apr 2023 18:05:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83608
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=2103314295&t=event&ni=0&_s=1&dl=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&dp=%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&ul=en-us&de=UTF-8&dt=Hackers%20amea%C3%A7am%20Valid%20Certificadora%20na%20%27deep%20web%27%20ap%C3%B3s%20tentativa%20de%20ataque%20cibern%C3%A9tico&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Piano&ea=Mobiliario%20Footer&el=footer%20-%20deslogado_gabigol%20-%20oferta%20-%20og_footer_semcookie_abril23&_u=6CjAgEABAAQCAGAGK~&jid=&gjid=&cid=1201176432.1681924713&tid=UA-51216819-1&_gid=1784354852.1681924717&gtm=45He34c0n71P4R423&cd1=%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&cd4=20230418&cd5=17&cd6=&cd7=Jo%C3%A3o%20Paulo%20Saconi&cd8=&cd9=materia&cd10=Sim&cd11=6&cd12=&cd45=(direto%2Findefinido)&cd46=viral&cd52=1201176432.1681924713&cd60=Sim&cd61=&cd82=responsivo&cd83=Jo%C3%A3o%20Paulo%20Saconi&cd90=7c4cfd05-d5b4-4fb0-bf34-eb24cf66cf1a&z=332695884
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Apr 2023 18:05:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83608
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=2103314295&t=event&ni=0&_s=1&dl=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&dp=%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&ul=en-us&de=UTF-8&dt=Hackers%20amea%C3%A7am%20Valid%20Certificadora%20na%20%27deep%20web%27%20ap%C3%B3s%20tentativa%20de%20ataque%20cibern%C3%A9tico&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Piano&ea=Mobiliario%20Botao&el=botao%20-%20logado_exass_barr%20-%20oferta%20-%20og_botao_topo_semcookie_abril23&_u=6CjAgEABAAQCAGAGK~&jid=&gjid=&cid=1201176432.1681924713&tid=UA-51216819-1&_gid=1784354852.1681924717&gtm=45He34c0n71P4R423&cd1=%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&cd4=20230418&cd5=17&cd6=&cd7=Jo%C3%A3o%20Paulo%20Saconi&cd8=&cd9=materia&cd10=Sim&cd11=6&cd12=&cd45=(direto%2Findefinido)&cd46=viral&cd52=1201176432.1681924713&cd60=Sim&cd61=&cd82=responsivo&cd83=Jo%C3%A3o%20Paulo%20Saconi&cd90=7c4cfd05-d5b4-4fb0-bf34-eb24cf66cf1a&z=1625958942
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Apr 2023 18:05:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83608
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 9B79 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Apr 2023 17:18:40 GMT
AN-X-Request-Uuid
3c458750-ba00-49b7-8a7d-063846b1c971
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.27; 217.114.218.27; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
schemas
horizon-schemas.globo.com/ 		137 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://horizon-schemas.globo.com/schemas
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.81.117 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-81-117.prt.globo.com
Software
/
Resource Hash
a26d0a6708e7988527607e7f1081462ef3ff628178932e832e656ec2a9bbfa6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:41 GMT
content-encoding
gzip
via
2.0 CachOS
x-bip
54251731 asra01mp11lx03ca10.globoi.com
age
1432
content-length
12575
x-request-id
8f0fc794-ab80-409b-b778-04539952f741
x-thanos
0AB0D077
vary
Accept-Encoding, X-Forwarded-Proto, Accept-Encoding, Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
max-age=7200, public
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
user,User-Agent,Content-Type,GLBID,GLBUID,GST
b
sb.scorecardresearch.com/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1681924720506&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&c8=Hackers%20amea%C3%A7am%20Valid%20Certificadora%20na%20%27deep%20web%27%20ap%C3%B3s%20tentativa%20de%20ataque%20cibern%C3%A9tico%20%7C%20Lauro%20Jardim%20%7C%20O%20Globo&c9=
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-23.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
mNUK1ijneAzzJg8_sGQykXWDP_HEEVuQVrC6uJE6DOjt95OgP1j5Eg==
x-cache
Miss from cloudfront
pmk-202010011.11.js
widget.perfectmarket.com/editoraglobonetwork/ 		118 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/editoraglobonetwork/pmk-202010011.11.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/editoraglobonetwork/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f54ab1e32dd2faf787fd0c28a5b92b033d19ece20de5f26114e2d13c7f5a5e96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
mt6MQyBByZVRtgC8luVZNo8BBOOswaIf
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Wed, 19 Apr 2023 17:18:40 GMT
x-amz-request-id
G6FSMBFG7YS56VGK
age
8659040
x-cache
HIT, HIT
content-length
32407
x-amz-id-2
c1m7oWp6+e3fLaYFeCYNp0DJXIKDzwaccFs4c/TTB5eyvIsyCVRzCQonH/F760UsAoy0KyF+KCg=
x-served-by
cache-lax10671-LGB, cache-hhn-etou8220059-HHN
last-modified
Wed, 11 May 2022 16:32:46 GMT
server
AmazonS3
x-timer
S1681924721.524058,VS0,VE0
etag
"d7b72fd3620fcd4e69dac981832e644f"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
5437, 21
card-interference-detector.20230419-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/card-interference-detector.20230419-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27584d697f2637cf97052ecacddc32f06c6ab77d6be6ad496fc626cceddd0a88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
j4nM98S5ykBfzUf0R_uZXSEb6amjDe2v
content-encoding
gzip
via
1.1 varnish
date
Wed, 19 Apr 2023 17:18:40 GMT
x-amz-request-id
TZ1GMQZPA9NMQBKZ
age
8330
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2180
x-amz-id-2
OI1EMcusB3HI2P3tSGDaYl64yZMqbO1hyPhB1+6T0o2ZcORPEhmR1H10BK/N9ZeDkaVTtrYqvFE=
x-served-by
cache-hhn-etou8220066-HHN
last-modified
Wed, 19 Apr 2023 14:59:50 GMT
server
AmazonS3
x-timer
S1681924721.547502,VS0,VE0
etag
"bac41ba4a5dcd802218caf83b812f2e9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
28
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
9785
sync
gum.criteo.com/ 		73 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230419-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f1f1abdd1ee0f383585ff55abed09a206d7129f62d51a04a145f7430c8ae289b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:39 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
711014
expires
60
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/ Frame 3752 		400 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
432acd8192429c035f55370ab0501a7f58d69456a10b0a1bc213bd3efb6d2946
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 12:10:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
18471
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126857
x-xss-protection
0
server
cafe
etag
11988808581808118609
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 18 Apr 2024 12:10:49 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 3752 		4 KB
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=oglobo.globo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
870534f487f6d6ee6e4a51090ff1f3282cbaf8a8b93f81cf6bdecdbe70d5e657
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
718
x-xss-protection
0
expires
Wed, 19 Apr 2023 17:18:40 GMT
ga-audiences
www.google.com/ads/ 		42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-51216819-1&cid=1201176432.1681924713&jid=1178106723&_u=6CjAgEABAAQCAGAGK~&z=382922434
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-51216819-1&cid=1201176432.1681924713&jid=1178106723&_u=6CjAgEABAAQCAGAGK~&z=382922434
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tm13574.js
tag.navdmp.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/tm13574.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-external-tags/oglobo/prod/lib-pub-ext-tags-oglobo-latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1acaf1b84c7c6a5a7ae96e4b9cce92c540c0c8ebbb0e56f8ff473917e2e9a72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Sep 2021 18:45:04 GMT
server
cloudflare
age
1221
etag
W/"6137b330-4291"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7ba6cee03c553668-FRA
expires
Wed, 19 Apr 2023 17:58:19 GMT
dmp.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/dmp/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/dmp/dmp.min.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-external-tags/oglobo/prod/lib-pub-ext-tags-oglobo-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
1c9ae2616da1589b48269f036d75f2206e838edeb585962383f2483616aa1451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
gzip
x-openstack-request-id
tx16eee08de4924c09a3a4d-0064401141
last-modified
Mon, 02 Jan 2023 14:56:25 GMT
x-thanos
0AB47186
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1672671384.65296
cache-control
max-age=18000
x-trans-id
tx16eee08de4924c09a3a4d-0064401141
x-request-id
f2a289f9-38f8-4961-816e-9a1b6e20f02a
t3m.js
tags.t.tailtarget.com/ 		64 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.t.tailtarget.com/t3m.js?i=TT-12842-2/CT-1047
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-external-tags/oglobo/prod/lib-pub-ext-tags-oglobo-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
nginx/1.8.1 /
Resource Hash
775807392af29b7a91f1217ab6ed717ba35baaa024bdccc9273321f54ab51bb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 16:13:42 GMT
content-encoding
gzip
via
1.1 google
age
3898
x-guploader-uploadid
ADPycds4ZcBCzsbT1z8AC8jH7Go22iqZb_kx9dbKVOLPMlvaWJBosDmlxVZ0nvB2qKMJ-lK6xp0gj5FiAGrYbTGVHuCkdQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11157
last-modified
Wed, 16 Feb 2022 19:26:59 GMT
server
nginx/1.8.1
etag
"7baa2c88b7abc79944366989908f0a4f"
vary
Accept-Encoding
x-goog-generation
1645039619237034
x-goog-hash
md5=e6osiLerx5lENmmJkI8KTw==
content-type
application/javascript
cache-control
max-age=7200,public
x-goog-stored-content-length
11157
accept-ranges
bytes
expires
Wed, 19 Apr 2023 18:13:42 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 3752 		225 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/owHCMR.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ecace46d78f707e1f3ef7ff9fb10354a496ac9f707d9a7748a3eb2cdabc5518

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 16:39:41 GMT
content-encoding
gzip
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront), 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified
Thu, 13 Apr 2023 17:39:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
2340
x-amz-server-side-encryption
AES256
etag
W/"803fd851ae539b54f8d1b774934dcb91"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
oqjgkTu9kLBF5qZqWFQvZfakrARSkYM_oBpzd3bZueBkw0uxmPuang==
truncated
/ Frame 3752 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f64bc02e9153cae9067a19404aa5f5a14520e68cc537269b72f178b4868f575e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
pub
pixel.adsafeprotected.com/services/ Frame 3752 		481 B
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931348&slot=%7Bid:/138871148/oglobo.globo.com.dw.728x90.sticky.inter,ss:%5B728.90,1.2%5D,p:/138871148,85042905/oglobo.globo.com.dw.728x90.sticky.inter%7D&wr=728.90&sr=1600.1200&url=https%253A%252F%252Foglobo.globo.com%252Fblogs%252Flauro-jardim%252Fpost%252F2023%252F04%252Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.57.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-57-28.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d038de4cbf5c12895f9b6e2246563426e5005c83282ef57f0907bdde84a36ba6

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
server
nginx
x-server-name
app01.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 3752 		365 B
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13894&site_id=160068&zone_id=1792450&size_id=2&rp_schain=1.0,1!hcodemedia.com,288,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&tg_i.adunit=oglobo.globo.com.dw.728x90.sticky.inter&tg_i.pbadslot=%2F138871148%2C85042905%2Foglobo.globo.com.dw.728x90.sticky.inter&tk_flint=pbjs_lite_v6.29.3&x_source.tid=73b3673a-ba8f-4b3e-8a3b-c439a83bb027&l_pb_bid_id=2c534c8c6caa&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F138871148%2C85042905%2Foglobo.globo.com.dw.728x90.sticky.inter&slots=1&rand=0.3350737090156446
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7c19ef8f58637cba25330e18be705e1e80b3e5dc7ee771c15c93d26a458188ca

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:40 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
365
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 3752 		36 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=828427&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22344a2eec772111%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml%22%2C%22page%22%3A%22https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.3%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22433c89564bde77%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22828427%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A1%2C%22h%22%3A2%2C%22ext%22%3A%7B%22siteID%22%3A%22828427%22%2C%22sid%22%3A%221x2%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F138871148%2C85042905%2Foglobo.globo.com.dw.728x90.sticky.inter%22%2C%22gpid%22%3A%22%2F138871148%2C85042905%2Foglobo.globo.com.dw.728x90.sticky.inter%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22hcodemedia.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%22288%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a4c9c17c30aa730cf0e361eea2000bde5b26818925182c714c884a07c0c2c

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZ4mu3nSZiD09jeF4derVK6Jc95Np2GXkcxvfvQdqzq498hG5FY7SM7X0ycrP%2FNNOIcU2dC81imsFe3VkjUDmA8gwYnC2yIkoywWCMSm9uUysr6GEsomdafcqwKFbQhlXD2Y6O5F"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ba6cee06a8592b9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 3752 		138 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
94e9504599293ee1e761af2bd4631ddfce7a41a06c0059b47138c8ef365e88ee
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Apr 2023 17:18:40 GMT
AN-X-Request-Uuid
16e94c00-43f4-45c3-8f80-0efdd274ef4d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://oglobo.globo.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.27; 217.114.218.27; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 3752 		24 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
8944fe95e5e19f9e9ca26c4bbf741ef6657212f0c308b40222369a01b7d21013

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 19 Apr 2023 17:18:40 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://oglobo.globo.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
c
prebid.a-mo.net/a/ Frame 3752 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://oglobo.globo.com
date
Wed, 19 Apr 2023 17:18:40 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
15
server
envoy
vary
origin, Accept-Encoding
translator
hbopenbid.pubmatic.com/ Frame 3752 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=490
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://oglobo.globo.com
date
Wed, 19 Apr 2023 17:18:39 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb
hb.undertone.com/ Frame 3752 		0
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3648&domain=globo.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-105.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:40 GMT
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
server
istio-envoy
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://oglobo.globo.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
6
x-amz-cf-id
KGWHsXmyGhv9Ezo0AxBo3_nF0aj2THu4VwsbLXfKF0WLC1oHCaRL5w==
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
prebid.media.net/rtb/ Frame 3752 		1 KB
749 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2410EL
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c3b12b4cec796faf43de16f5cfe1cdbe6e500cfcc2a348f4f8c3acafc5cfd1

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Wed, 19 Apr 2023 17:18:40 GMT
/
usergate.globo.com/ 		30 B
304 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://usergate.globo.com/
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.198.44.170 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
170.44.198.35.bc.googleusercontent.com
Software
/
Resource Hash
95492967ea569084237dbcd677d3eb2e98e8e5a1c5f7951619d3106dc1514300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:41 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
access-control-allow-headers
User-Agent,Content-Type,Cookie,X-App,GLBID,GST
ppub_config
securepubads.g.doubleclick.net/pagead/ 		4 KB
753 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
27ece1cb6eb72e31b919b831c906f7d5e79066e163f0753d005cfee5749a90b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
728
x-xss-protection
0
expires
Wed, 19 Apr 2023 17:18:40 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=oglobo.globo.com&p=%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&u=CCxfXyBrPaDwCcXiZF&d=oglobo.globo.com&g=56624&g0=Blogs%2CBlogs%2FLauro%20Jardim&g1=Jo%C3%A3o%20Paulo%20Saconi&n=1&f=00001&c=0&x=0&m=0&y=4467&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&b=11367&t=C-nRieDPDz6uBBCxN0Bl8FY_K_3fQ&V=139&i=Hackers%20amea%C3%A7am%20Valid%20Certificadora%20na%20%27deep%20web%27%20ap%C3%B3s%20tentativa%20de%20ataque%20cibern%C3%A9tico%20%7C%20Lauro%20Jardi&tz=0&_acct=anon&sn=1&sv=gGdDlZ3NbrBd7PccDos6pUCG1Xww&sd=1&im=067b9fff&_
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.225.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-225-153.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 19 Apr 2023 17:18:41 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
usr
usr.navdmp.com/ 		77 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usr.navdmp.com/usr?v=7&acc=13574&upd=1&new=1&wst=0&wct=1&wla=1&dsy=0
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcdb5befa32b733dd1b06108d4c4b05352e362d5405bbf8a61d7628209c34f67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
cf-ray
7ba6cee0fd683668-FRA
expires
Wed, 19 Apr 2023 18:18:40 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame 3752 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Foglobo.globo.com&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
Server /
Resource Hash
9ecd654fb8fea11bbdb6693521d7ef2854cbb4ef8a9a4acaa2573601fbbcea34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 14:54:23 GMT
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
8657
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2976
x-amz-cf-id
k0pZhlse8_CQDADU0FcfVgQ1itz_iLw-nBeF81Pc-xlj57HvWG3IIg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 3752 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
BeoItWAXLH_Ztd131J1ILFBRpuOxsQkH
content-encoding
gzip
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
date
Tue, 18 Apr 2023 19:58:37 GMT
x-amz-cf-pop
FRA2-C1
age
76804
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 13 Apr 2023 22:29:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
IA7rCs3BG6i8Epf7buXYhmgSvQ3zohMbm8dBvBcUy1Z3B4pOYjAAIA==
view
securepubads.g.doubleclick.net/pcs/ Frame 3752 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkxrMi0gcCrJihB2P1cQSJ9QJMzrCDJO7VnBflCK-Az_3laFusorEV6bMHed__NwrYOUYtUgMLcQKX2Dz7pAyqsdunWS2YN0ftRH2Cx3bKZxPFNShoTWEF5SQkpFUDbY0CVq25HFJ7T1Thv8q8tesh35_3dHie5Ssoqa1rq6cjquSUI8Wt9Vf3WajEGJ05CEv98LCjFx4XRdorkwPB5KwXHASrn4LYjDR5nLpbta5kr8oOgvrvFGPQ9TRp6nLA3_lHvUQwl9SbAa6sId8JY1qhs3DQQs36ZDjvyfWciHGnOob9yV6J7E1YjfDbiyqylHXzLgXdyGZ3jdId22p2FIsxbJE6LSSPcpsc1uHAaZkWRF3Nt8E&sai=AMfl-YQeb1haEKVvwhrB0eOlWRbAwduOPXaKSUsrqbX-l3UPLX8r6y_O-W6N8sAuoHcXCI4p3JEtNfeZ1J2oWNcD-NGWoMJjvMkydY8j2WXGWWvAGxuFh7gp8_LaxHkSH6I&sig=Cg0ArKJSzK1gyjOCKo9WEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 19 Apr 2023 17:18:40 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 3752 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.134.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-134-95.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Wed, 19 Apr 2023 17:33:40 GMT
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.54.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-54-224.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://oglobo.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 19 Apr 2023 17:18:40 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame 3752 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
26840d8e6a3847df23553537b405e9badca0dff237b0854f15d04656dd57e40e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 12:19:30 GMT
content-encoding
gzip
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
last-modified
Wed, 22 Mar 2023 22:36:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
17951
x-amz-server-side-encryption
AES256
etag
W/"4c91450a102f312a8d75826eeee52ef9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
Nwtilh_sDcbIWVHvhMpLKHVdbJUzY9j3ePGXz4H3IBpDhMPcz2zNSg==
hadron.js
cdn.hadronid.net/ Frame 3752 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&ref=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&_it=amazon&partner_id=407
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 18 Nov 2022 10:57:44 GMT
server
cloudflare
x-amz-request-id
TC75RB0KRRP8NTXT
age
5266
etag
W/"2280e2148e4ee3c06f679f8fac039778"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7ba6cee11a21bb32-FRA
x-amz-id-2
tLisjgGnjFNgXFmNzCleIC1ScWAkgar/yal8BV1iI+YAX2kT+5EHWz67/yHvAUJpLxxzRZ7ivV0=
92bb6886-83
aps.zqtk.net/ Frame 3752 		0
0
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 3752 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
QQHBKKDC4K9EXW7F
age
1430
etag
W/"b58faeda0c1d193bc50dd25a7640d8ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7ba6cee11ac69bf4-FRA
x-amz-id-2
4mcYKQ5Hb3U2OaIpwisHn+DXiPFTI0FN2tidCE6GVNrf0qEvGkxvwQERDCwB3ajVcoF/DwRqbqs=
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 3752 		0
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.54.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-54-224.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 19 Apr 2023 17:18:40 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
map
bcp.crwdcntrl.net/6/ Frame 3752 		60 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.143.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-143-122.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
c93caa7559d75fc3819d382bed2e34a90e25278f9d8fa1fbb767b5f91744efeb

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:40 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache
x-server
10.45.8.83
access-control-allow-credentials
true
content-length
60
expires
0
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		290 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=oglobo.globo.com&domain=oglobo.globo.com&path=%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a16cb06407787ea8a2f13b222a5de8a39fae0bb8fdb1b64b43f31f4b7c2c9d97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 19 Apr 2023 17:18:41 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
211
x-served-by
cache-hhn-etou8220079-HHN
x-timer
S1681924721.925293,VS0,VE101
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Mon, 17 Apr 2023 17:18:40 GMT
d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/ 		880 KB
254 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/dmp/dmp.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b3a09a1d2b6612573e6066eb2a84d915611279f17bc2bbde3d3a83c4291519d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
d39f98ec-9259-4f8b-896d-7ab58be1f900
age
0
x-guploader-uploadid
ADPycdtpnV2PwmEy-lkCIRJuOEx00J645oljYqOJiOo2ANUKPN2Fe97iZb1phdWgcsGwk7XKT6qpTjAbt3Vv0PeO7qja
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Wed, 19 Apr 2023 15:59:03 GMT
server
cloudflare
etag
W/"dec545190642a75884fc433201a77426"
vary
Accept-Encoding
x-goog-generation
1681919943647994
content-type
application/javascript
x-goog-hash
crc32c=7SIpqA==, md5=3sVFGQZCp1iE/EMyAad0Jg==
cache-control
public, max-age=900
x-goog-stored-content-length
272460
timing-allow-origin
*
cf-ray
7ba6cee1b8755bed-FRA
expires
Wed, 19 Apr 2023 17:33:40 GMT
bid
aax.amazon-adsystem.com/e/dtb/ Frame 3752 		23 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&pid=MNvgteOgGpQEA&cb=0&ws=728x90&v=23.407.232&t=2000&slots=%5B%7B%22sd%22%3A%22%2F138871148%2Foglobo.globo.com.dw.728x90.sticky.inter%22%2C%22s%22%3A%5B%22728x90%22%2C%221x2%22%5D%2C%22sn%22%3A%22%2F138871148%2C85042905%2Foglobo.globo.com.dw.728x90.sticky.inter%22%7D%5D&schain=1.0%2C1!hcodemedia.com%2C288%2C1%2C%2C%2C&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.99.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-99-209.prg50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:41 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 4614c36172b2854b1e1e94af37435c8e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PRG50-C1
x-amz-rid
WPRP9FW9E52PAR7JPDGS
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
P50H7SB_p-8VfeUF0pN7XWWAaB0RTcskSnYFznmMFmudb0pRl2CiMg==
req
cdn.navdmp.com/ 		6 B
100 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=1293a289d8391b25349b06ec2b10&acc=13574&url=https%3A//oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&tit=Hackers%20amea%E7am%20Valid%20Certificadora%20na%20%27deep%20web%27%20ap%F3s%20tentativa%20de%20ataque%20cibern%E9tico%20%7C%20Lauro%20Jardim%20%7C%20O%20Globo&h1=Hackers%20amea%E7am%20Valid%20Certificadora%20na%20%27deep%20web%27%20ap%F3s%20tentativa%20de%20ataque%20cibern%E9tico
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7ba6cee21f223668-FRA
content-length
6
content-type
application/x-javascript
usermatch.gif
beacon.krxd.net/ 		0
337 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/usermatch.gif?partner=navegg&partner_uid=1293a289d8391b25349b06ec2b10
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.107.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-107-128.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
beacon-n011-dub-prod.krxd.net
date
Wed, 19 Apr 2023 17:18:41 GMT
cache-control
private, no-cache, no-store
x-request-time
D=26 t=1681924721
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pxid
d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co/v2.0/ 		46 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co/v2.0/pxid?k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
84dd8ab99048f38a319fec23627b3d16345d9b419f0251f59e556cebba37db53

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 19 Apr 2023 17:18:41 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		29 B
993 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8043d55dd8d92d7422f3ef2a8c03d50050449c40bbc719c81fb9f68d4c432145
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Apr 2023 17:18:41 GMT
AN-X-Request-Uuid
5593a687-aafc-406b-b39d-e43ce32436e8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://oglobo.globo.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.27; 217.114.218.27; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
29
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d39f98ec-9259-4f8b-896d-7ab58be1f900-models.bin
cdn.permutive.com/models/v2/ 		24 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/d39f98ec-9259-4f8b-896d-7ab58be1f900-models.bin
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
732fff3b9174acf5bea2549e34150f32968c01a5d6aca3f2ee5ad0e238c31ba8

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 19 Apr 2023 17:18:41 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
d39f98ec-9259-4f8b-896d-7ab58be1f900
age
0
x-guploader-uploadid
ADPycdvQzNLMTGDKbNgi7RIb65-Q2RCmh-Li5I-6LHBK_hd1QWwpXfyFPFXWyvTCl6T-urj47GRBtD6dJ-GVXZfS5JyqFA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
17676
last-modified
Wed, 19 Apr 2023 13:15:18 GMT
server
cloudflare
etag
"9e4c2caa0e7931a9927b256e85eb8d29"
vary
Accept-Encoding
x-goog-generation
1681910118970341
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=mp0kJQ==, md5=nkwsqg55MamSeyVuheuNKQ==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
17676
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ba6cee339e43a90-FRA
expires
Wed, 19 Apr 2023 16:22:07 GMT
geoip
api.permutive.com/v2.0/ 		191 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
f3b8b0ffb62153fce532bd01e49623a39f770f344caf695ca3b8c856e1a93a17

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 19 Apr 2023 17:18:41 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138
integrator.js
adservice.google.de/adsid/ Frame 3752 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=oglobo.globo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3752 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=oglobo.globo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 3752 		24 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=912047665858603&correlator=4381227241815627&eid=31073954%2C31073998%2C31074000%2C31068366%2C31071326&output=ldjh&gdfp_req=1&vrg=202304170101&ptt=17&impl=fifs&iu_parts=138871148%3A85042905%2Coglobo.globo.com.dw.728x90.sticky.inter&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C1x2&ifi=1&adks=380194064&sfv=1-0-40&prev_scp=refreshcounter%3Doriginal%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26fr%3Dfalse%26id%3D346cda88-ded6-11ed-b3d4-06d8cca89c2a%26vw%3D40%2C50%2C60%26vw05%3D40%2C50%26vw10%3D40%26ias-kw%3DIAS_13149_KW%2CIAS_3006647_PG%2CIAS_8423_KW%2CIAS_8430_KW%2CIAS_9502_KW%2CIAS_7262_KW%2CIAS_1500693_PG%2CIAS_1508982_PG%2CIAS_1507080_PG%2CIAS_5597_KW%26amznbid%3D2%26amznp%3D2%26hcmviewable%3Dtrue&eri=1&cust_params=hcmschain%3D288%26mycodedomain%3Dglobo.com&sc=1&cookie=ID%3D891612a06dffe41b%3AT%3D1681924713%3AS%3DALNI_MapVw7IncFmj6ZgPj1Byw6JA31wGQ&gpic=UID%3D00000c06796e95d4%3AT%3D1681924713%3ART%3D1681924713%3AS%3DALNI_MYqw5zlJerB6sm7H3VhJsKwzELy-Q&arp=1&abxe=1&dt=1681924721136&lmt=1681924721&dlt=1681924720445&idt=187&adxs=436&adys=223&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=bhthomspjfjm&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&ref=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&top=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&frm=23&vis=1&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1784354852.1681924717&ga_sid=1681924721&ga_hid=1120712308&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20Y8duZ1PkwSABSAghkEhsKDGlkNS1zeW5jLmNvbRjo3ZnU-TBIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjx25nU-TBIAFICCGQSOwoKcHViY2lkLm9yZxIkYTkzNDM3ODQtMzJmOS00MWIxLWJiNTktNTM2M2UxZGZmOTU4GLDcmdT5MEgAEh0KDmVzcC5jcml0ZW8uY29tGPHbmdT5MEgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lWSE5ZVEZGclkyRlJkMlZ0VUd0V1IxaGxOaXRXWnowOUluMD0YiuCZ1PkwSAA.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
27a8a7ad0fabd4e4a708a24f1b2bb076ebd50f0d84b4cf49fb002ffa1db0179d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10930
x-xss-protection
0
google-lineitem-id
5770970149
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138360280115
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3752 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304170101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
176e5a44416d22d792cb5e1f6ee9e6fe0ea478bebdc2d0fa424564e1093ba6ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11172
x-xss-protection
0
container.html
0888e00a708091e2c6bb64e9954cefd0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 95CA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0888e00a708091e2c6bb64e9954cefd0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Apr 2023 17:18:41 GMT
expires
Thu, 18 Apr 2024 17:18:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
98dd663b-b910-4a20-b1d6-94eadd8c3f5a
https://oglobo.globo.com/ 		533 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://oglobo.globo.com/98dd663b-b910-4a20-b1d6-94eadd8c3f5a
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb6be0b4ad7b32a6ba0586b399bf36d98bf8075b4f7de2247adac0c6add28fcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
545980
Content-Type
6228b3b0-82de-4476-bef8-3f4580f6ddeb
https://oglobo.globo.com/ 		533 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://oglobo.globo.com/6228b3b0-82de-4476-bef8-3f4580f6ddeb
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb6be0b4ad7b32a6ba0586b399bf36d98bf8075b4f7de2247adac0c6add28fcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
545980
Content-Type
json
trc.taboola.com/editoraglobo-oglobo/trc/3/ 		59 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/editoraglobo-oglobo/trc/3/json?tim=17%3A18%3A41.175&lti=deflated&data=%7B%22id%22%3A311%2C%22ii%22%3A%22%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1681895853155%2C%22vi%22%3A1681924721171%2C%22cv%22%3A%2220230419-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml%22%2C%22vpi%22%3A%22%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A4467%2C%22nsid%22%3A%22editoraglobonetwork%22%2C%22rtui%22%3A%22kjbhxr45mDfrYQf4G5dPU7a4yHLfrguI%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A4027.34375%2C%22mw%22%3A648%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
869f0fe57b34d40555a0f1843ab508897e66514b6dc803d233cc29c62e810826

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
644
date
Wed, 19 Apr 2023 17:18:41 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-hhn-etou8220066-HHN
server
nginx
x-timer
S1681924721.207691,VS0,VE644
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://oglobo.globo.com
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
identify
api.permutive.com/v2.0/ 		50 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e38b325d9aef4c4995ec314e18cac204ece896032223de75ffb6f99840a66dc9

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 19 Apr 2023 17:18:41 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3752 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Apr 2023 17:18:41 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8B1B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4788
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Apr 2023 15:58:53 GMT
expires
Thu, 18 Apr 2024 15:58:53 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AC6F 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f10d9aa5c9d4f463776916358e01b87d1229a0d462f81ab5772dee734b828136
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KDqtGQIHq40aEe7LAM_PMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-KDqtGQIHq40aEe7LAM_PMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 19 Apr 2023 17:18:41 GMT
expires
Wed, 19 Apr 2023 17:18:41 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
destination
www.googletagmanager.com/gtag/ 		221 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-SL5WEXQ2G6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4R423
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
300f467d355d3a946a749f73afb6ce5046e6ba8519472fe85af003dcd9c35ac2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79124
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 19 Apr 2023 17:18:41 GMT
audiences
api.permutive.com/audience-matching/v1/id/98e03e87-92ae-4ea7-938d-d934ef42a7c4/ 		12 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/audience-matching/v1/id/98e03e87-92ae-4ea7-938d-d934ef42a7c4/audiences?k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 19 Apr 2023 17:18:41 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
/
targeting.voxus.com.br/v/ 		7 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.voxus.com.br/v/
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1c97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51930a2d087b0a4e11d2f6b0301394c85df60ca5be65dfda181a67d51fadf66d

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 19 Apr 2023 17:18:41 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Wed, 19 Apr 2023 17:05:56 GMT
server
cloudflare
content-type
text/html
access-control-allow-origin
*
cf-ray
7ba6cee4bbc735e8-FRA
access-control-allow-headers
sentry-trace
horizon-common-hit.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
3583f4195500ae7b688b05336cc97420c4a5808996b215cbb1000af42544bccd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:41 GMT
content-encoding
gzip
x-openstack-request-id
txee6c2ac789f74dde8a9f6-0064402208
last-modified
Thu, 16 Mar 2023 21:01:53 GMT
x-thanos
0AB47186
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1679000512.64734
cache-control
public, max-age=180
x-trans-id
txee6c2ac789f74dde8a9f6-0064402208
x-request-id
380c1979-bff3-4049-97de-f0f0fdc3331f
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=2103314295&t=pageview&_s=1&dl=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&dp=%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&ul=en-us&de=UTF-8&dt=Hackers%20amea%C3%A7am%20Valid%20Certificadora%20na%20%27deep%20web%27%20ap%C3%B3s%20tentativa%20de%20ataque%20cibern%C3%A9tico&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6CjAiEABBAQCAGAGK~&jid=&gjid=&cid=1201176432.1681924713&uid=68156215321662326877&tid=UA-51216819-1&_gid=1784354852.1681924717&gtm=45He34c0n71P4R423&cd1=%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&cd4=20230418&cd5=17&cd6=&cd7=Jo%C3%A3o%20Paulo%20Saconi&cd8=&cd9=materia&cd10=Sim&cd11=6&cd12=&cd14=&cd15=&cd16=&cd17=&cd18=&cd19=&cd20=&cd21=&cd22=&cd23=&cd24=&cd25=&cd26=&cd45=(direto%2Findefinido)&cd46=viral&cd52=1201176432.1681924713&cd60=Sim&cd61=&cd77=68156215321662326877&cd78=anonymous&cd82=responsivo&cd83=Jo%C3%A3o%20Paulo%20Saconi&cd90=7c4cfd05-d5b4-4fb0-bf34-eb24cf66cf1a&cd3=%23%20brasil%20%23&z=350266091
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Apr 2023 18:05:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83609
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame AC6F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304170101&jk=912047665858603&rc=
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js
pagead2.googlesyndication.com/bg/ Frame 8B1B 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31ecc2f86d5917ed4667dcaaab4a3b212720237b8466f05c3f90a05e858a3031
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 19:05:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
79989
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14288
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 10:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Apr 2024 19:05:32 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-SL5WEXQ2G6&gtm=45je34c0&_p=2103314295&cid=1201176432.1681924713&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&uid=68156215321662326877&sid=1681924721&sct=1&seg=0&dl=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&dt=Hackers%20amea%C3%A7am%20Valid%20Certificadora%20na%20%27deep%20web%27%20ap%C3%B3s%20tentativa%20de%20ataque%20cibern%C3%A9tico%20%7C%20Lauro%20Jardim%20%7C%20O%20Globo&en=page_view&_fv=1&_ss=1&up.user_code=68156215321662326877&up.user_code_provider=anonymous
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-SL5WEXQ2G6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
segment
api.permutive.com/adv/v2/ 		30 B
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 19 Apr 2023 17:18:41 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30
content-type
application/json
view
securepubads.g.doubleclick.net/pcs/ Frame 2EE1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstXEmXSZC3iMFiqAY9acCEe2QMEYyuQaiDKgJhv6z1EQJnUbCudYDbjt5tutcL_G6wYSOdjQOeysE-6quWk7dT_DHnxguLWQ_2dTaJ2kGdAvZvhsNm1WqDz36Nhi-7SXh3KsJ5Q3V9ZQ4AM9dJOc3nkpotoE7sgIq5h1ivJL1VzK28eg9_2pJ24wC7x3Uae5x4473wutEdkLEiPSYXPDg9cA5V73suw88VOPtifmiuRyX3-cDaEJDW4qpomuTZicBMPFNXyKymrtqn9d5DCT_IqL7ZeXqjeuvMpBESOPuBKKqlVNQ5It1O2oxZYtiZZPArOL63wsTLiTrpUwstwDcE6CwVpKzl0EPHM4Axnyg&sai=AMfl-YROZBuQ9FwnHVA86Q7me7mppcDgIXpzw5kKtPE6YUOwQeqaUcd9IIHcRy4pKvGtpQ8v1OLvYk6JJ00hdhIXFIp5bQxF-apShThhiIZlp_5Qg_6OCM9NaDbcaphfZ08&sig=Cg0ArKJSzC-Vyu1vvO0XEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
a9floorcheck.js
s3.amazonaws.com/script-tags/ Frame 2EE1 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/script-tags/a9floorcheck.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.10.205 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ff1f3fd5c645b504972939187912b4404dfdb1fae2e9f864fd1961b07680d684

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 17:18:42 GMT
Last-Modified
Tue, 07 Mar 2023 01:43:53 GMT
Server
AmazonS3
x-amz-request-id
4S6A86Z1VQHN1KMK
ETag
"25a66c3765b63515e5b06ddc75a35c84"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1319
x-amz-id-2
GeLZuBRpO+oKHH0Ffk1w8HTNg55p8rZV0Qj8kv3YfF625xq5XkdTukKEu0Eo2B0KfgHe0jOBApk=
prebidpubs.js
s3.amazonaws.com/script-tags/ Frame 2EE1 		452 KB
452 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/script-tags/prebidpubs.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.10.205 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
252b25968594cd957d403bc11eda13d347540fc465e5e408c1b4163647f62ebf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 17:18:42 GMT
Last-Modified
Tue, 18 Apr 2023 17:09:47 GMT
Server
AmazonS3
x-amz-request-id
4S6EYNVQRVZ97J98
ETag
"e6bff6e05d6ff0842977940a6a0eafbc"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
462623
x-amz-id-2
GvKFkG7VtxEYZxErWIvakVl8TisgzBC/rIM6aUsbZSTG9hTrTSJTWTtONqNChDcHs1Oaf8/XHME=
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2EE1 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcba6d68321742b971eda8d36254297a368c6a5dba5486f36076f25d66891d9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49673
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681775021301287"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Apr 2023 17:18:41 GMT
generate_204
tpc.googlesyndication.com/ Frame 8B1B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?B3cnsA
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:41 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
SPug
simage4.pubmatic.com/AdServer/ Frame 2ECF 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157163&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
apstag.js
c.amazon-adsystem.com/aax2/ Frame 2EE1 		225 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/a9floorcheck.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ecace46d78f707e1f3ef7ff9fb10354a496ac9f707d9a7748a3eb2cdabc5518

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 16:39:41 GMT
content-encoding
gzip
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront), 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified
Thu, 13 Apr 2023 17:39:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
2341
x-amz-server-side-encryption
AES256
etag
W/"803fd851ae539b54f8d1b774934dcb91"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
XMp33fHi84qVQ48nAfHe_kviRkSVvfl-RtHMFFVSpa7OUIiSJ01WDA==
1012409.js
targeting.voxus.com.br/clients/ 		47 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://targeting.voxus.com.br/clients/1012409.js?v=1630300
Requested by
Host: cdn.targeting.voxus.com.br
URL: https://cdn.targeting.voxus.com.br/101240.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1c97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ee1c89f35280a59e607e8bb87e34ff7598381b18ce9a1e101a444f9b3fab07c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 19 Apr 2023 17:06:51 GMT
server
cloudflare
age
710
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=15552000
accept-ranges
bytes
cf-ray
7ba6cee61e056949-FRA
access-control-allow-headers
sentry-trace
content-length
11270
expires
Fri, 19 May 2023 17:07:55 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame 2EE1 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Foglobo.globo.com&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
Server /
Resource Hash
9ecd654fb8fea11bbdb6693521d7ef2854cbb4ef8a9a4acaa2573601fbbcea34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 14:54:23 GMT
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
8658
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2976
x-amz-cf-id
63R8W3FsfB6f8Zwgd_RUnE56uyvUZaJC3Q9MRgG31DLmsNp_OEsxPw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 2EE1 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
BeoItWAXLH_Ztd131J1ILFBRpuOxsQkH
content-encoding
gzip
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
date
Tue, 18 Apr 2023 19:58:37 GMT
x-amz-cf-pop
FRA2-C1
age
76805
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 13 Apr 2023 22:29:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
PetAbwV82rPXLFwS0ker1wgPTy4D7mlJ3BvhX4DqUWBJag-lSZhZDg==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 2EE1 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.134.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-134-95.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:41 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Wed, 19 Apr 2023 17:33:41 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame 2EE1 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
26840d8e6a3847df23553537b405e9badca0dff237b0854f15d04656dd57e40e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 12:19:30 GMT
content-encoding
gzip
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
last-modified
Wed, 22 Mar 2023 22:36:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
17952
x-amz-server-side-encryption
AES256
etag
W/"4c91450a102f312a8d75826eeee52ef9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
166HG2f-3KGfAoPImaP1zCFzP_Levl-X0OVhMDo046PjeEdUJTUULw==
hadron.js
cdn.hadronid.net/ Frame 2EE1 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&ref=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&_it=amazon&partner_id=407
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:41 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 18 Nov 2022 10:57:44 GMT
server
cloudflare
x-amz-request-id
TC75RB0KRRP8NTXT
age
5267
etag
W/"2280e2148e4ee3c06f679f8fac039778"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7ba6cee66a4bbb32-FRA
x-amz-id-2
tLisjgGnjFNgXFmNzCleIC1ScWAkgar/yal8BV1iI+YAX2kT+5EHWz67/yHvAUJpLxxzRZ7ivV0=
92bb6886-83
aps.zqtk.net/ Frame 2EE1 		0
0
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 2EE1 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:41 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
QQHBKKDC4K9EXW7F
age
1431
etag
W/"b58faeda0c1d193bc50dd25a7640d8ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7ba6cee67c859bf4-FRA
x-amz-id-2
4mcYKQ5Hb3U2OaIpwisHn+DXiPFTI0FN2tidCE6GVNrf0qEvGkxvwQERDCwB3ajVcoF/DwRqbqs=
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.54.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-54-224.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://oglobo.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 19 Apr 2023 17:18:41 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 2EE1 		0
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.54.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-54-224.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 19 Apr 2023 17:18:41 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
oglobo
horizon-track.globo.com/event/ 		0
313 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://horizon-track.globo.com/event/oglobo
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.211.79.33 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
33.79.211.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryBoXhK8uiovYGGvxw

Response headers

date
Wed, 19 Apr 2023 17:18:42 GMT
x-served-from
hzt-tsuru
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
access-control-allow-headers
user,User-Agent,Content-Type,GLBID,GLBUID,GST
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 3752 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsurc0En-vHALTvTaLWcnKH-1NgNh_ZtN0ss7uJvFPBoZ_U_C14gdmAlWna2-iujOJOJxUCNZMSQy8yB1gms6i4E7FAlbzSdy6UhZmzVRkXQPSG70B2Z&sig=Cg0ArKJSzIReuvrtFAfYEAE&id=lidar2&mcvt=1000&p=223,436,313,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230417&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1693817493&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681924720445&rpt=345&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/3.9.9/ 		111 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230419-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0a7b78b741975a40bcc99c4b89e39855248aa76b3c8d639c8dc39245ebe1441

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:41 GMT
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
1351567
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
30995
x-served-by
cache-hhn-etou8220066-HHN
last-modified
Sun, 05 Mar 2023 10:04:45 GMT
server
AmazonS3
x-timer
S1681924722.890822,VS0,VE0
etag
"c04a240008c67910556582d1bf159ad7"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
utN2JKuPev4tHiXsTjHXgqDmGqRRKS2mk1zVlEbitf46s57YMmFCig==
x-cache-hits
200210
feed-card-placeholder.20230419-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230419-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee9faaa57f3990045c3ac0dbcb86f299cd13061680dede8841fb37c920eba16f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
MokeijejW5KNKbbJu_vktgnnS9boAtoG
content-encoding
gzip
via
1.1 varnish
date
Wed, 19 Apr 2023 17:18:41 GMT
x-amz-request-id
Q3B32ACQNADX2PQV
age
8315
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
aPftd9swkIYPKgE36Lqbbzz2q2vIBbsxx/IXpIyQo7eKiuK3FAQvHJcQ9dAu24u0Dpca9c2zs2A=
x-served-by
cache-hhn-etou8220066-HHN
last-modified
Wed, 19 Apr 2023 15:00:07 GMT
server
AmazonS3
x-timer
S1681924722.892905,VS0,VE0
etag
"b7ec75b0c11183b8620b0d53dad2f39f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
28
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
25182
distance-from-article.20230419-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230419-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
88e76e2c2d1a17d7855cdb19e689e749458d582dd461bd1bd4372146169aadb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
lTQ8.EBu.0oCg5lR8DSR4Bo8a0OeI6Ds
content-encoding
gzip
via
1.1 varnish
date
Wed, 19 Apr 2023 17:18:41 GMT
x-amz-request-id
2YM57QTNAYHPHB0K
age
8323
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1013
x-amz-id-2
VfTLsskPCMTrHtXPPJRTp2bPmOs3xeB8Vs2+9/pZMnu4xcw5UBwnvSUQ+N2D32xkkrgU0pYMEMU=
x-served-by
cache-hhn-etou8220066-HHN
last-modified
Wed, 19 Apr 2023 14:59:59 GMT
server
AmazonS3
x-timer
S1681924722.896475,VS0,VE0
etag
"bbb036e0af82516281a1500ea778425a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
28
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
8222
article-detection.20230419-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230419-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8378d9f49e5f7bf2c152da37350dd8db37fb7040e0fe637f381a6b1d233f2bb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
_kTevEgliH4s4CyT0Bm9qYalZPnWAuMD
content-encoding
gzip
via
1.1 varnish
date
Wed, 19 Apr 2023 17:18:41 GMT
x-amz-request-id
EZ3QWHE4ZHHDJZEV
age
8339
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1236
x-amz-id-2
6+3U/qv7XMF2rRl1abmcRafP7mqFiId5cWUeBSFGhkNmAQPWQ71wtxZGHCXErio5aIrUrhJftqA=
x-served-by
cache-hhn-etou8220066-HHN
last-modified
Wed, 19 Apr 2023 14:59:43 GMT
server
AmazonS3
x-timer
S1681924722.896653,VS0,VE0
etag
"a2d189079dd7fe154a00f3929c565a73"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
28
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
8246
8314438e-1240-4037-ade5-bfeaed299a90.css
cdn.taboola.com/static/83/ 		451 B
581 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/static/83/8314438e-1240-4037-ade5-bfeaed299a90.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68a4909c6b8a33d5355c1ef06ee9caff0286db5252efedcf509859a82cdc5463

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
CkT0watBV7AEsiEughRkYLexggZw11Ym
content-encoding
gzip
via
1.1 varnish
date
Wed, 19 Apr 2023 17:18:41 GMT
x-amz-request-id
CGRYY9KED7HQ3C6K
age
21721
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
222
x-amz-id-2
55q0bf+ng8qhoFQb+kNi7C+Zrd0LDZ8wzEnI2T8qK7jfSs3bVf/Wr7G98F9aNI/FezUxQQCMSeM=
x-served-by
cache-hhn-etou8220066-HHN
last-modified
Tue, 07 Jul 2020 17:40:49 GMT
server
AmazonS3
x-timer
S1681924722.899005,VS0,VE0
etag
"1802e318f880ad7e5c7030e9da649cf6"
vary
Accept-Encoding
content-type
text/css
abp
28
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
84
userx.20230419-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230419-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
30302cf78dcf64e3868e4fa3a3bb3460884fd1dbe6d9714aa23812b4a5e78c33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
Std2yioN87.Am_8u043aTz09dpONos0j
content-encoding
gzip
via
1.1 varnish
date
Wed, 19 Apr 2023 17:18:41 GMT
x-amz-request-id
E4Q7V9S3YGMEVAM5
age
8268
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
8uXex+qYhRoNWmiQGL4bCzcuKvofnRZrZnpGyJUX00wc1aJxMvr8dDHyHlfWg+k4TLxIFiBZl3k=
x-served-by
cache-hhn-etou8220066-HHN
last-modified
Wed, 19 Apr 2023 15:00:54 GMT
server
AmazonS3
x-timer
S1681924722.905518,VS0,VE0
etag
"a8a70e0b51193b66b3e80fec1f2be48c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
28
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
4971
explore-more.20230419-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20230419-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d229bf1402eeac97dd86330249e9d0810b749d6075d41b3b304753ee8cb64dbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
PiFC1ba3lrzVFgiAV9pRl_5hfQxUQJXa
content-encoding
gzip
via
1.1 varnish
date
Wed, 19 Apr 2023 17:18:41 GMT
x-amz-request-id
C99WXRK0RQF36EVX
age
8317
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7445
x-amz-id-2
8moKWPsAye/rNaINSJFLUrqNBS4w96lP78EZRJZFGSdeUtYjFXYnRudOd3GNDlC+VxC1yxgANW0=
x-served-by
cache-hhn-etou8220066-HHN
last-modified
Wed, 19 Apr 2023 15:00:04 GMT
server
AmazonS3
x-timer
S1681924722.905916,VS0,VE0
etag
"03bd5ef36c958f990697a666c2ced79c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
28
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
12639
feed-view.20230419-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-view.20230419-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ec791e5cedfd8ae4c682062eb440a036bfdd0922604f565c700b3919ae23ac9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
b0vfTg46GW.UEuq2k6giq6562ZIQ2j2H
content-encoding
gzip
via
1.1 varnish
date
Wed, 19 Apr 2023 17:18:41 GMT
x-amz-request-id
FDMCKHAQSYW855KQ
age
8310
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
6544
x-amz-id-2
EqNERVaFv/Upn2kH/sgCpf4acJJb2Uk8a52s4BejzPdI71BKzwXrfvaCOOoXomqEqPzMZ87ndpE=
x-served-by
cache-hhn-etou8220066-HHN
last-modified
Wed, 19 Apr 2023 15:00:12 GMT
server
AmazonS3
x-timer
S1681924722.906553,VS0,VE0
etag
"5f9978d49f518cf92656d527be1fc2ea"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
28
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
11396
abtests
am-trc-events.taboola.com/editoraglobo-oglobo/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/editoraglobo-oglobo/log/3/abtests?route=AM:AM:V&lti=deflated&ri=5262e707d0c6c6eb85ae06fdf31b0735&sd=v2_af1e82fb7804917bcf9c2f2dd1ba3b7d_65ecd7c0-6b1a-4927-86f2-49d2f56a06af-tuctb39a7f1_1681924721_1681924721_CNawjgYQlv9JGJOUmtT5MCABKAEwODib4wlAhIoQSJvI2QNQ____________AVgAYABowPup8duG3vbwAXAA&ui=65ecd7c0-6b1a-4927-86f2-49d2f56a06af-tuctb39a7f1&pi=/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&wi=2587623499226924610&pt=text&vi=1681924721171&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1681924721895%7D&tim=17%3A18%3A41.895&id=9190&llvl=2&cv=20230419-3-RELEASE&
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 19 Apr 2023 17:18:41 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
am-trc-events.taboola.com/editoraglobo-oglobo/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/editoraglobo-oglobo/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=5262e707d0c6c6eb85ae06fdf31b0735&sd=v2_af1e82fb7804917bcf9c2f2dd1ba3b7d_65ecd7c0-6b1a-4927-86f2-49d2f56a06af-tuctb39a7f1_1681924721_1681924721_CNawjgYQlv9JGJOUmtT5MCABKAEwODib4wlAhIoQSJvI2QNQ____________AVgAYABowPup8duG3vbwAXAA&ui=65ecd7c0-6b1a-4927-86f2-49d2f56a06af-tuctb39a7f1&pi=/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&wi=2587623499226924610&pt=text&vi=1681924721171&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A18%3A41.900&id=5872&llvl=2&cv=20230419-3-RELEASE&
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 19 Apr 2023 17:18:41 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Wed, 19 Apr 2023 17:18:41 GMT
x-amz-request-id
W9C0227H6BTEFNP0
age
71
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
zmBlBI2tKhyw/oKZ//mdadWxxZDdrsfJl6/evI1Q5pw2ZiseZeQCeLpNQJ4+aqN4aZUuFeJRL9U=
x-served-by
cache-hhn-etou8220066-HHN
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1681924722.914135,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
28
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
132
social
am-trc-events.taboola.com/editoraglobo-oglobo/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/editoraglobo-oglobo/log/3/social?route=AM:AM:V&lti=deflated&ri=5262e707d0c6c6eb85ae06fdf31b0735&sd=v2_af1e82fb7804917bcf9c2f2dd1ba3b7d_65ecd7c0-6b1a-4927-86f2-49d2f56a06af-tuctb39a7f1_1681924721_1681924721_CNawjgYQlv9JGJOUmtT5MCABKAEwODib4wlAhIoQSJvI2QNQ____________AVgAYABowPup8duG3vbwAXAA&ui=65ecd7c0-6b1a-4927-86f2-49d2f56a06af-tuctb39a7f1&pi=/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&wi=2587623499226924610&pt=text&vi=1681924721171&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Hackers%20amea%C3%A7am%20Valid%20Certificadora%20na%20%27deep%20web%27%20ap%C3%B3s%20tentativa%20de%20ataque%20cibern%C3%A9tico%22%2C%22sec%22%3A%22oglobo%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fs2.glbimg.com%2FZ6Rr5QJuXf3Bw7iO9nC_JF3RQ34%3D%2F1200x%2Fsmart%2Ffilters%3Acover()%3Astrip_icc()%2Fi.s3.glbimg.com%2Fv1%2FAUTH_da025474c0c44edd99332dddb09cabe8%2Finternal_photos%2Fbs%2F2022%2FA%2Fe%2F0KyrvtTfKYAxvzAO39bA%2Fprogramming-g369f66bd2-1920.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=17%3A18%3A41.912&id=2441&llvl=2&cv=20230419-3-RELEASE&
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 19 Apr 2023 17:18:41 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
spa-detector.20230419-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20230419-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2615e676b3f74dcc2cbb0fe1ce37e69df9da23cbdee402679d0296505f9f40b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
Vre7z4yRASimiUJWLj94LvJFdLyQvuII
content-encoding
gzip
via
1.1 varnish
date
Wed, 19 Apr 2023 17:18:41 GMT
x-amz-request-id
AFK35W3F0P9BD5N6
age
8288
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
809
x-amz-id-2
yZKKGBGjDLWWtry1vSTsM1Rn1qJXTZBdNoz0UF5baOxb8U68ySZaXDmwtVFiiptI6GFiyFnXxfI=
x-served-by
cache-hhn-etou8220066-HHN
last-modified
Wed, 19 Apr 2023 15:00:34 GMT
server
AmazonS3
x-timer
S1681924722.961699,VS0,VE0
etag
"8fd37d27c75d53416b624eb9edebd57b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
28
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
12894
supply-feature
am-trc-events.taboola.com/editoraglobo-oglobo/log/3/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/editoraglobo-oglobo/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=5262e707d0c6c6eb85ae06fdf31b0735&sd=v2_af1e82fb7804917bcf9c2f2dd1ba3b7d_65ecd7c0-6b1a-4927-86f2-49d2f56a06af-tuctb39a7f1_1681924721_1681924721_CNawjgYQlv9JGJOUmtT5MCABKAEwODib4wlAhIoQSJvI2QNQ____________AVgAYABowPup8duG3vbwAXAA&ui=65ecd7c0-6b1a-4927-86f2-49d2f56a06af-tuctb39a7f1&pi=/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&wi=2587623499226924610&pt=text&vi=1681924721171&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A18%3A41.950&id=4723&llvl=2&cv=20230419-3-RELEASE&
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 19 Apr 2023 17:18:41 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
am-trc-events.taboola.com/editoraglobo-oglobo/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/editoraglobo-oglobo/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=5262e707d0c6c6eb85ae06fdf31b0735&sd=v2_af1e82fb7804917bcf9c2f2dd1ba3b7d_65ecd7c0-6b1a-4927-86f2-49d2f56a06af-tuctb39a7f1_1681924721_1681924721_CNawjgYQlv9JGJOUmtT5MCABKAEwODib4wlAhIoQSJvI2QNQ____________AVgAYABowPup8duG3vbwAXAA&ui=65ecd7c0-6b1a-4927-86f2-49d2f56a06af-tuctb39a7f1&pi=/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&wi=2587623499226924610&pt=text&vi=1681924721171&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A18%3A41.953&id=4246&llvl=2&cv=20230419-3-RELEASE&
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 19 Apr 2023 17:18:41 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/editoraglobo-oglobo/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/editoraglobo-oglobo/log/3/abtests?route=AM:AM:V&lti=deflated&ri=5262e707d0c6c6eb85ae06fdf31b0735&sd=v2_af1e82fb7804917bcf9c2f2dd1ba3b7d_65ecd7c0-6b1a-4927-86f2-49d2f56a06af-tuctb39a7f1_1681924721_1681924721_CNawjgYQlv9JGJOUmtT5MCABKAEwODib4wlAhIoQSJvI2QNQ____________AVgAYABowPup8duG3vbwAXAA&ui=65ecd7c0-6b1a-4927-86f2-49d2f56a06af-tuctb39a7f1&pi=/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&wi=2587623499226924610&pt=text&vi=1681924721171&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1681924721954%7D&tim=17%3A18%3A41.954&id=1438&llvl=2&cv=20230419-3-RELEASE&
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 19 Apr 2023 17:18:41 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
callback.min.js
s3.glbimg.com/v1/AUTH_05f06ca986b54d6e9c5df94927ccf7fc/libs/globoid-js/prod/ Frame 0D66 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_05f06ca986b54d6e9c5df94927ccf7fc/libs/globoid-js/prod/callback.min.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/login-callback.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
b9f6160b7ea7d0645d6201d24919b7289061f8d021e3c245ad5dd7b00ec66ff2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:42 GMT
content-encoding
gzip
x-openstack-request-id
tx6f7adbf9bee34b3a899f6-0064402238
last-modified
Thu, 01 Apr 2021 19:16:32 GMT
x-thanos
0AB47186
vary
Accept-Encoding, Origin
content-type
text/html
x-timestamp
1617304591.88878
cache-control
public, max-age=180
x-trans-id
tx6f7adbf9bee34b3a899f6-0064402238
x-request-id
183d0ec8-ddf4-45b2-9719-13740aeb66be
map
bcp.crwdcntrl.net/6/ Frame 2EE1 		60 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.143.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-143-122.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
bac4d2c71dd7f07736e9d97f66f70f520553d697c96507bd7baa28c158d1364b

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:41 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache
x-server
10.45.20.171
access-control-allow-credentials
true
content-length
60
expires
0
translator
hbopenbid.pubmatic.com/ Frame 2EE1 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://oglobo.globo.com
date
Wed, 19 Apr 2023 17:18:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 2EE1 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
2f4040c7b1106916a242d094bc8d82c98fe1dc604df91d27dcc679923e1a62a4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Apr 2023 17:18:42 GMT
AN-X-Request-Uuid
4264742e-f9cd-49ea-ae16-0fea69d3f548
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://oglobo.globo.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.27; 217.114.218.27; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 2EE1 		551 B
609 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13894&site_id=160068&zone_id=1792450&size_id=2&rp_schain=1.0,1!hcodemedia.com,288,1,,,&eid_id5-sync.com=0%5E1%5E&tpid_liveintent.com=DUWVb7-lh0JeFTDVp_fiLN2u7J7opLYyASkUFg&eid_liveintent.com=DUWVb7-lh0JeFTDVp_fiLN2u7J7opLYyASkUFg&eid_pubcid.org=238f7aaa-86f5-472c-a5cb-f4c5e1c6ce88%5E1&rf=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&kw=%2F138871148%2Foglobo.globo.com.dw.728x90.sticky.inter&tg_i.domain=oglobo.globo.com&tg_i.page=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&tg_i.adunit=oglobo.globo.com.dw.728x90.sticky.inter&tg_i.pbadslot=%2F138871148%2Foglobo.globo.com.dw.728x90.sticky.inter&tk_flint=pbjs_lite_v7.45.0&x_source.tid=bb3019a9-231f-4eaa-b9ee-7b8120f6469b&l_pb_bid_id=64345cb3f509d1&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=bb3019a9-231f-4eaa-b9ee-7b8120f6469b&rp_maxbids=1&p_gpid=%2F138871148%2Foglobo.globo.com.dw.728x90.sticky.inter&slots=1&rand=0.6129711419333657
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
53db1f9b8ef762140fb5a7ec5eb605faf2313dc70fec82001303c43e6a036f23

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:42 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
551
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame 2EE1 		23 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.45.0
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
6326f7db4270079d6b314193b92a6b407a4c8748685e1ad6b1bddb1c5a5aab25

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 19 Apr 2023 17:18:42 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://oglobo.globo.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
23
truncated
/ Frame 2EE1 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a015c16e79e56e13973a5e5721ad34aa9f56998597d9b2f3a8b8081bfb98db1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 2EE1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1m0TLKwecX5lFAHRoakjRLGlzNATGxMwvo1_1rgQzxdLuk9fweZGq1SSQho9lDM4vpil9C_m7z7pTfCGnknYaKJDwfER2ligm0FbkwYbZvboVHuBIuyqWPVQN8xMzDWg1OCcEMDTT6GvJMksDvW9expMMGP8WGy-BpG6SvK_T_7A6uuzOy95KFuslbfP0RnPK2gty3p_feRqZ9ZvRIn0BwKlH1qERUy0WctNqs3CwH8TWLW3xlKHPelWARo6Cuhyi4V5XrC1SybDPlDXR5quxDleBp4oniLZP2aNzfo81oqLQ4f6_Pbl3LKBp3mfRDgrROw18rN23GRw_xxY_tqUFxGuBGED7bWkMFxZh7k2F&sai=AMfl-YSDBEkZ7ggNuLZ1LC11Vqhq3NxwJhwHsSN0VdEQrx6R0vSOID1uKBPRpnNpxhEQgbAyekIWWXLdmdYVH7_k_-3LutONsbexivKqbzQL8vKj1zDjwEqD_6ARejBt6OU&sig=Cg0ArKJSzIfUd-VxDMtBEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 19 Apr 2023 17:18:42 GMT
events
api.permutive.com/v2.0/batch/ 		201 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
55950fbecc1e426968e132fd58bfbc2bfe9e798f809259f19b2d6be09fb8c7fc

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 19 Apr 2023 17:18:42 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142
sodar
pagead2.googlesyndication.com/pagead/ Frame 3752 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304170101&jk=912047665858603&bg=!lpWllcHNAAZA7GLoYOw7ADkAdvg8WrfhGRqlGzTDNLENVNSVrcTMM-q4bHjKbngitl5NEFMHsGT5nPS4Uq3rV2nceUyG-KvyC90CAAAAllIAAAAFaAEHCgB6DaWj8JrkXPfWNiDvvQxYk6nIXDazT3Cwbwtc0tjHFehFyjWHkzZaklORjnpcH0tJJfrAv1_P7wJjSl413yXOlnVp-BDv-BFhHPbHP6CcvqCPmvtjiLH1gHnCoHRwB2h9VvdR0CBc-P7WHp7zJd53oFpcQO01-YUttruZAueuX1kTm_VneH5jFGdivt1Ffp0ffTbr5n4LmNbq0wB8LE76iDIIL3cjRpMfLRfdqKWA0w9k6bwGb2XTXDw0zCRyL-UDa0CF1ImRH4PkhfGrmNcULq4fZEc8by-hKslhsOj5fNv6thj7JpQDmpq6hd5ln54AxaBLZZbSnAn-nDBBuzP9nGaSJKUzTurwVuFb_MAc14DL-l3KmzRK-gLGMA2HnssvDGyDfTlayGnHxjXr-9C8N1Kk9M5M_CFZ3S4P5hHr0qzhUArtZWyWbYoQ-clHn8Fx56h1viZDiP5hag8m7jwCZPOzlVrCYCc6cdc6UQTuf_u-nnI3-IOwh7ZDRZARDe229FWwJOzV2rGcU-g5wZXMu5doRB4EWPzf2peNhKeuVcOUBv-Daj40XDxoQVhdpyB9PCb-k0p-2adE_zd4wD345SRfyp-Xywf_wLeakLx6IwkLYu0kMRZpdbE-EGqT35MSEFES9NgoGfp1Pk8d_Mbht4nCUoCJcKJ6DBn1-BGwCBxySWeifZEMpaBR6zh2QiWl34IuUJn35BP_-GESW_BfrZQj3IFkqqJKCNs21KF8Fa6P8HwSd536q3L2lj7XSmAizHjIJPtnv6RBjYWRr0hEl_JVLMpUU-dTfxRSk4lnl1fCEsdpX9H6VzMEcr-U5WtgqlSzT8CARiWu0fESkV6an5_ez2vgG0XbgdrAVRtep_NZNflEa4g-2-yem64tegWH-7y-LFly2Kcuekbl5MJkr88Rk46PoQ5iHa3K7pt-1mSq9N-3Zdb_rLGNj18eJZ3x3GSm8x4_0Qn_bxTQfXfk6Oq33b4mUZz3wcO0BGfyabFl5X-FFnVprn4NEoww7kTd70GinQSj3nYMDun9uKy03B5vL2ghdL2QcirDoVq-o3aQuZu-sgpvA1TWqvrRqB9csHWwR84rpIyuoMhLvGTnqPNXkFPVpUFB7a4NFqMIOTyEydqDuCNOxPLBFKf6cFPZbJA6sQ
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
bid
aax.amazon-adsystem.com/e/dtb/ Frame 2EE1 		23 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&pid=bAWamWm1ev5Ql&cb=0&ws=728x90&v=23.407.232&t=1000&slots=%5B%7B%22sd%22%3A%22%2F138871148%2Foglobo.globo.com.dw.728x90.sticky.inter%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A125%7D%5D&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.99.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-99-209.prg50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:42 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 4614c36172b2854b1e1e94af37435c8e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PRG50-C1
x-amz-rid
RBCGKWA51QQD45XQ0Z3R
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
m-dnuClh48hKJT9AMrn9_tYdoEQH7rZO7WgOA9bonxowCcrcw23-bg==
st
imprammp.taboola.com/ Frame DF01 		538 B
439 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8ITECLAZwwcG5xfOkFRDggoNzi-dJKygAAABgYID-AMlMbBvbzLhZCzYz51o0ctnWEuPK5lasBrPRbjSbbHwrIyCZiW1jmxk3a8Fm5lyLRi7bWmJc2dyK1WA22o1mk41vZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwROoul0-Fz3er3P7Lf47Tqz3-K3a_xuv8Ts93n-Yofr8ndLHZaT0-0X_D2nv2Qw2ewFo73Q4fG6LJ-3wu1yeBxut-xhdprcGpfl9LQ5PQ6T3_Jwyx1ukctleOteFrfC8Pe8RS-76WF62h5ukcutMD0cr5db47S4LHeX6enx23VG09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcTgIy9_sedn9AQAAAAAEAAAAAAmAAt7TEgAfZzMn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8huf7_g5bEqYBECiyLMAIAAACQLae9cWSSTlCxqPL__99vBeAKAEDAoabhIkMW3UGJtzAAAAAGYxboYfH7zQ67xu92mf________9_M_9n_tEINemFpwl6uFZQ8wsIALDmFxAAgI26AQB4IwAn6BC0YjBYHYXYDWeD3WQwnM0OAAAAwJ3___9_PSBhc6yMk5nFNxyMlovdxGNzbiwzy8jkmDg8E9_Ie3B-7zcZndqM-oQIy-z3HRSU09NjdhlERdfbYnc4zZ6D-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_A7GYDNBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYKx1cpj8m0Ma9nEsXCLlpPdWjibWdai5cgyc80WhtnC5ha9PqaLZ7nwzRxbJBiQuRfJ0yKdqCazyco32I0MG9vGtrIYVwuXYTYz2TyLiWG3WU3EEs3JIp3ILvuGzbEyTmYW33AwWi52E4_NubHMLCOTY-LwTHwjf2218ph8G8NaNnEs3KLlZLcWzmaWtWg5ssxcs4VhtrC5Ra-P6eJZLnwzx74xGy6Wk9Fustg3ZsPFcjLaTRb7Dp3hu_qcjbLtOeVR-ay26dRacxgULoPF-5OYFtPu7CA6-Y5OlfakLOqMfr_f7_f7_X6_32_Qeg5mg8L3HVqH48j148wuvgexwaCIJYKLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ0nSRTvQSs9_n-YsdrsvfLXVYTk63X_D3nP6SwWSzF4z2QofH67J83gq3y-FxuN2yh9lpcmtcltPT5vQ4TH7Lwy13uEUul-Gte1ncCsPf8xa97KaH6Wl7uEUut8L0cLxebo3T4rLcXaanx2_XGU1vs0UsEZwu0onoZTxd1H_kIIvdXLEYzSWL4VyyWyUAAAAAAAAAAEswzXQTAAAAACeD2a2Wu9U6HchgNRxsVssFIPFnqetnWuvdTjfBeNdIegX39rexULHGHpsok9P0tzx8Zr_F79b7zH6L38oAJNxEmW32GUGs1WpZAwAAEMAGAAAQwE033gSQRXH_____4wAAAMjIoQcAAEC_D4jJ1MzMzMyMH0EOZ6P9A1Ah1mq1ut1Yq9UC!&cmcv=&pix=undefined&cb=1681924722198&uv=3266&tms=1681924722198&abt=nonrv_vA!nrlc_vA!preload1_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=3b6c6f83-03f9-4de6-b8ef-150647462c7e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d3224a514a8b7464936f27192704f20562f8b1900a6c49b4ee91248757462e95

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Wed, 19 Apr 2023 17:18:42 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn-etou8220066-HHN
x-timer
S1681924722.461990,VS0,VE9
sync
am-match.taboola.com/ Frame 2B2E 		538 B
623 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8ITECLAZwwcG5xfOkFRDggoNzi-dJKygAAABgYID-AMlMbBvbzLhZCzYz51o0ctnWEuPK5lasBrPRbjSbbHwrIyCZiW1jmxk3a8Fm5lyLRi7bWmJc2dyK1WA22o1mk41vZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwROoul0-Fz3er3P7Lf47Tqz3-K3a_xuv8Ts93n-Yofr8ndLHZaT0-0X_D2nv2Qw2ewFo73Q4fG6LJ-3wu1yeBxut-xhdprcGpfl9LQ5PQ6T3_Jwyx1ukctleOteFrfC8Pe8RS-76WF62h5ukcutMD0cr5db47S4LHeX6enx23VG09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcTgIy9_sedn9AQAAAAAEAAAAAAmAAt7TEgAfZzMn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8huf7_g5bEqYBECiyLMAIAAACQLae9cWSSTlCxqPL__99vBeAKAEDAoabhIkMW3UGJtzAAAAAGYxboYfH7zQ67xu92mf________9_M_9n_tEINemFpwl6uFZQ8wsIALDmFxAAgI26AQB4IwAn6BC0YjBYHYXYDWeD3WQwnM0OAAAAwJ3___9_PSBhc6yMk5nFNxyMlovdxGNzbiwzy8jkmDg8E9_Ie3B-7zcZndqM-oQIy-z3HRSU09NjdhlERdfbYnc4zZ6D-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_A7GYDNBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYKx1cpj8m0Ma9nEsXCLlpPdWjibWdai5cgyc80WhtnC5ha9PqaLZ7nwzRxbJBiQuRfJ0yKdqCazyco32I0MG9vGtrIYVwuXYTYz2TyLiWG3WU3EEs3JIp3ILvuGzbEyTmYW33AwWi52E4_NubHMLCOTY-LwTHwjf2218ph8G8NaNnEs3KLlZLcWzmaWtWg5ssxcs4VhtrC5Ra-P6eJZLnwzx74xGy6Wk9Fustg3ZsPFcjLaTRb7Dp3hu_qcjbLtOeVR-ay26dRacxgULoPF-5OYFtPu7CA6-Y5OlfakLOqMfr_f7_f7_X6_32_Qeg5mg8L3HVqH48j148wuvgexwaCIJYKLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ0nSRTvQSs9_n-YsdrsvfLXVYTk63X_D3nP6SwWSzF4z2QofH67J83gq3y-FxuN2yh9lpcmtcltPT5vQ4TH7Lwy13uEUul-Gte1ncCsPf8xa97KaH6Wl7uEUut8L0cLxebo3T4rLcXaanx2_XGU1vs0UsEZwu0onoZTxd1H_kIIvdXLEYzSWL4VyyWyUAAAAAAAAAAEswzXQTAAAAACeD2a2Wu9U6HchgNRxsVssFIPFnqetnWuvdTjfBeNdIegX39rexULHGHpsok9P0tzx8Zr_F79b7zH6L38oAJNxEmW32GUGs1WpZAwAAEMAGAAAQwE033gSQRXH_____4wAAAMjIoQcAAEC_D4jJ1MzMzMyMH0EOZ6P9A1Ah1mq1ut1Yq9UC!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
d3224a514a8b7464936f27192704f20562f8b1900a6c49b4ee91248757462e95

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Wed, 19 Apr 2023 17:18:42 GMT
machineid
3402
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8ITECLAZwwcG5xfOkFRDggoNzi-dJKygAAABgYID-AMlMbBvbzLhZCzYz51o0ctnWEuPK5lasBrPRbjSbbHwrIyCZiW1jmxk3a8Fm5lyLRi7bWmJc2dyK1WA22o1mk41vZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwROoul0-Fz3er3P7Lf47Tqz3-K3a_xuv8Ts93n-Yofr8ndLHZaT0-0X_D2nv2Qw2ewFo73Q4fG6LJ-3wu1yeBxut-xhdprcGpfl9LQ5PQ6T3_Jwyx1ukctleOteFrfC8Pe8RS-76WF62h5ukcutMD0cr5db47S4LHeX6enx23VG09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcTgIy9_sedn9AQAAAAAEAAAAAAmAAt7TEgAfZzMn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8huf7_g5bEqYBECiyLMAIAAACQLae9cWSSTlCxqPL__99vBeAKAEDAoabhIkMW3UGJtzAAAAAGYxboYfH7zQ67xu92mf________9_M_9n_tEINemFpwl6uFZQ8wsIALDmFxAAgI26AQB4IwAn6BC0YjBYHYXYDWeD3WQwnM0OAAAAwJ3___9_PSBhc6yMk5nFNxyMlovdxGNzbiwzy8jkmDg8E9_Ie3B-7zcZndqM-oQIy-z3HRSU09NjdhlERdfbYnc4zZ6D-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_A7GYDNBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYKx1cpj8m0Ma9nEsXCLlpPdWjibWdai5cgyc80WhtnC5ha9PqaLZ7nwzRxbJBiQuRfJ0yKdqCazyco32I0MG9vGtrIYVwuXYTYz2TyLiWG3WU3EEs3JIp3ILvuGzbEyTmYW33AwWi52E4_NubHMLCOTY-LwTHwjf2218ph8G8NaNnEs3KLlZLcWzmaWtWg5ssxcs4VhtrC5Ra-P6eJZLnwzx74xGy6Wk9Fustg3ZsPFcjLaTRb7Dp3hu_qcjbLtOeVR-ay26dRacxgULoPF-5OYFtPu7CA6-Y5OlfakLOqMfr_f7_f7_X6_32_Qeg5mg8L3HVqH48j148wuvgexwaCIJYKLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ0nSRTvQSs9_n-YsdrsvfLXVYTk63X_D3nP6SwWSzF4z2QofH67J83gq3y-FxuN2yh9lpcmtcltPT5vQ4TH7Lwy13uEUul-Gte1ncCsPf8xa97KaH6Wl7uEUut8L0cLxebo3T4rLcXaanx2_XGU1vs0UsEZwu0onoZTxd1H_kIIvdXLEYzSWL4VyyWyUAAAAAAAAAAEswzXQTAAAAACeD2a2Wu9U6HchgNRxsVssFIPFnqetnWuvdTjfBeNdIegX39rexULHGHpsok9P0tzx8Zr_F79b7zH6L38oAJNxEmW32GUGs1WpZAwAAEMAGAAAQwE033gSQRXH_____4wAAAMjIoQcAAEC_D4jJ1MzMzMyMH0EOZ6P9A1Ah1mq1ut1Yq9UC!&cmcv=&pix=31589837&cb=1681924722198&uv=3266&tms=1681924722198&abt=nonrv_vA!nrlc_vA!preload1_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1681924709399.5!ts:1681924722198&mntl=1
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:42 GMT
content-length
0
server
nginx
728x90_blue_ENG.jpg
hcode-marketing.s3.amazonaws.com/generic_cr/ Frame C659 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hcode-marketing.s3.amazonaws.com/generic_cr/728x90_blue_ENG.jpg
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.208.233 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
bfb2b363b612416c899f6e75ed4bbb046008df170337c9e63a94756700098723

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 17:18:43 GMT
Last-Modified
Thu, 24 Jun 2021 22:30:51 GMT
Server
AmazonS3
x-amz-request-id
065RYK02YT8YXEJN
ETag
"86b5594d696ba0fce31a8f428b841c6d"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
81859
x-amz-id-2
DBJC2nvtPJVJxewrc2TBq2kVcS9OD9xGGD6/PaQNxtUFKNcsCHgpgUz+RXlrY217tjv/yq9nAks=
generic
match.adsrvr.org/track/cmf/ Frame 2B2E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8ITECLAZwwcG5xfOkFRDggoNzi-dJKygAAABgYID-AMlMbBvbzLhZCzYz51o0ctnWEuPK5lasBrPRbjSbbHwrIyCZiW1jmxk3a8Fm5lyLRi7bWmJc2dyK1WA22o1mk41vZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwROoul0-Fz3er3P7Lf47Tqz3-K3a_xuv8Ts93n-Yofr8ndLHZaT0-0X_D2nv2Qw2ewFo73Q4fG6LJ-3wu1yeBxut-xhdprcGpfl9LQ5PQ6T3_Jwyx1ukctleOteFrfC8Pe8RS-76WF62h5ukcutMD0cr5db47S4LHeX6enx23VG09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcTgIy9_sedn9AQAAAAAEAAAAAAmAAt7TEgAfZzMn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8huf7_g5bEqYBECiyLMAIAAACQLae9cWSSTlCxqPL__99vBeAKAEDAoabhIkMW3UGJtzAAAAAGYxboYfH7zQ67xu92mf________9_M_9n_tEINemFpwl6uFZQ8wsIALDmFxAAgI26AQB4IwAn6BC0YjBYHYXYDWeD3WQwnM0OAAAAwJ3___9_PSBhc6yMk5nFNxyMlovdxGNzbiwzy8jkmDg8E9_Ie3B-7zcZndqM-oQIy-z3HRSU09NjdhlERdfbYnc4zZ6D-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_A7GYDNBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYKx1cpj8m0Ma9nEsXCLlpPdWjibWdai5cgyc80WhtnC5ha9PqaLZ7nwzRxbJBiQuRfJ0yKdqCazyco32I0MG9vGtrIYVwuXYTYz2TyLiWG3WU3EEs3JIp3ILvuGzbEyTmYW33AwWi52E4_NubHMLCOTY-LwTHwjf2218ph8G8NaNnEs3KLlZLcWzmaWtWg5ssxcs4VhtrC5Ra-P6eJZLnwzx74xGy6Wk9Fustg3ZsPFcjLaTRb7Dp3hu_qcjbLtOeVR-ay26dRacxgULoPF-5OYFtPu7CA6-Y5OlfakLOqMfr_f7_f7_X6_32_Qeg5mg8L3HVqH48j148wuvgexwaCIJYKLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ0nSRTvQSs9_n-YsdrsvfLXVYTk63X_D3nP6SwWSzF4z2QofH67J83gq3y-FxuN2yh9lpcmtcltPT5vQ4TH7Lwy13uEUul-Gte1ncCsPf8xa97KaH6Wl7uEUut8L0cLxebo3T4rLcXaanx2_XGU1vs0UsEZwu0onoZTxd1H_kIIvdXLEYzSWL4VyyWyUAAAAAAAAAAEswzXQTAAAAACeD2a2Wu9U6HchgNRxsVssFIPFnqetnWuvdTjfBeNdIegX39rexULHGHpsok9P0tzx8Zr_F79b7zH6L38oAJNxEmW32GUGs1WpZAwAAEMAGAAAQwE033gSQRXH_____4wAAAMjIoQcAAEC_D4jJ1MzMzMyMH0EOZ6P9A1Ah1mq1ut1Yq9UC!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 19 Apr 2023 17:18:42 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
%USER_ID%
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 2B2E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/%USER_ID%?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8ITECLAZwwcG5xfOkFRDggoNzi-dJKygAAABgYID-AMlMbBvbzLhZCzYz51o0ctnWEuPK5lasBrPRbjSbbHwrIyCZiW1jmxk3a8Fm5lyLRi7bWmJc2dyK1WA22o1mk41vZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwROoul0-Fz3er3P7Lf47Tqz3-K3a_xuv8Ts93n-Yofr8ndLHZaT0-0X_D2nv2Qw2ewFo73Q4fG6LJ-3wu1yeBxut-xhdprcGpfl9LQ5PQ6T3_Jwyx1ukctleOteFrfC8Pe8RS-76WF62h5ukcutMD0cr5db47S4LHeX6enx23VG09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcTgIy9_sedn9AQAAAAAEAAAAAAmAAt7TEgAfZzMn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8huf7_g5bEqYBECiyLMAIAAACQLae9cWSSTlCxqPL__99vBeAKAEDAoabhIkMW3UGJtzAAAAAGYxboYfH7zQ67xu92mf________9_M_9n_tEINemFpwl6uFZQ8wsIALDmFxAAgI26AQB4IwAn6BC0YjBYHYXYDWeD3WQwnM0OAAAAwJ3___9_PSBhc6yMk5nFNxyMlovdxGNzbiwzy8jkmDg8E9_Ie3B-7zcZndqM-oQIy-z3HRSU09NjdhlERdfbYnc4zZ6D-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_A7GYDNBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYKx1cpj8m0Ma9nEsXCLlpPdWjibWdai5cgyc80WhtnC5ha9PqaLZ7nwzRxbJBiQuRfJ0yKdqCazyco32I0MG9vGtrIYVwuXYTYz2TyLiWG3WU3EEs3JIp3ILvuGzbEyTmYW33AwWi52E4_NubHMLCOTY-LwTHwjf2218ph8G8NaNnEs3KLlZLcWzmaWtWg5ssxcs4VhtrC5Ra-P6eJZLnwzx74xGy6Wk9Fustg3ZsPFcjLaTRb7Dp3hu_qcjbLtOeVR-ay26dRacxgULoPF-5OYFtPu7CA6-Y5OlfakLOqMfr_f7_f7_X6_32_Qeg5mg8L3HVqH48j148wuvgexwaCIJYKLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ0nSRTvQSs9_n-YsdrsvfLXVYTk63X_D3nP6SwWSzF4z2QofH67J83gq3y-FxuN2yh9lpcmtcltPT5vQ4TH7Lwy13uEUul-Gte1ncCsPf8xa97KaH6Wl7uEUut8L0cLxebo3T4rLcXaanx2_XGU1vs0UsEZwu0onoZTxd1H_kIIvdXLEYzSWL4VyyWyUAAAAAAAAAAEswzXQTAAAAACeD2a2Wu9U6HchgNRxsVssFIPFnqetnWuvdTjfBeNdIegX39rexULHGHpsok9P0tzx8Zr_F79b7zH6L38oAJNxEmW32GUGs1WpZAwAAEMAGAAAQwE033gSQRXH_____4wAAAMjIoQcAAEC_D4jJ1MzMzMyMH0EOZ6P9A1Ah1mq1ut1Yq9UC!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:ba5:3c85:9cb8:2168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
usync.html
eus.rubiconproject.com/ Frame F9F4 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8ITECLAZwwcG5xfOkFRDggoNzi-dJKygAAABgYID-AMlMbBvbzLhZCzYz51o0ctnWEuPK5lasBrPRbjSbbHwrIyCZiW1jmxk3a8Fm5lyLRi7bWmJc2dyK1WA22o1mk41vZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwROoul0-Fz3er3P7Lf47Tqz3-K3a_xuv8Ts93n-Yofr8ndLHZaT0-0X_D2nv2Qw2ewFo73Q4fG6LJ-3wu1yeBxut-xhdprcGpfl9LQ5PQ6T3_Jwyx1ukctleOteFrfC8Pe8RS-76WF62h5ukcutMD0cr5db47S4LHeX6enx23VG09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcTgIy9_sedn9AQAAAAAEAAAAAAmAAt7TEgAfZzMn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8huf7_g5bEqYBECiyLMAIAAACQLae9cWSSTlCxqPL__99vBeAKAEDAoabhIkMW3UGJtzAAAAAGYxboYfH7zQ67xu92mf________9_M_9n_tEINemFpwl6uFZQ8wsIALDmFxAAgI26AQB4IwAn6BC0YjBYHYXYDWeD3WQwnM0OAAAAwJ3___9_PSBhc6yMk5nFNxyMlovdxGNzbiwzy8jkmDg8E9_Ie3B-7zcZndqM-oQIy-z3HRSU09NjdhlERdfbYnc4zZ6D-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_A7GYDNBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYKx1cpj8m0Ma9nEsXCLlpPdWjibWdai5cgyc80WhtnC5ha9PqaLZ7nwzRxbJBiQuRfJ0yKdqCazyco32I0MG9vGtrIYVwuXYTYz2TyLiWG3WU3EEs3JIp3ILvuGzbEyTmYW33AwWi52E4_NubHMLCOTY-LwTHwjf2218ph8G8NaNnEs3KLlZLcWzmaWtWg5ssxcs4VhtrC5Ra-P6eJZLnwzx74xGy6Wk9Fustg3ZsPFcjLaTRb7Dp3hu_qcjbLtOeVR-ay26dRacxgULoPF-5OYFtPu7CA6-Y5OlfakLOqMfr_f7_f7_X6_32_Qeg5mg8L3HVqH48j148wuvgexwaCIJYKLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ0nSRTvQSs9_n-YsdrsvfLXVYTk63X_D3nP6SwWSzF4z2QofH67J83gq3y-FxuN2yh9lpcmtcltPT5vQ4TH7Lwy13uEUul-Gte1ncCsPf8xa97KaH6Wl7uEUut8L0cLxebo3T4rLcXaanx2_XGU1vs0UsEZwu0onoZTxd1H_kIIvdXLEYzSWL4VyyWyUAAAAAAAAAAEswzXQTAAAAACeD2a2Wu9U6HchgNRxsVssFIPFnqetnWuvdTjfBeNdIegX39rexULHGHpsok9P0tzx8Zr_F79b7zH6L38oAJNxEmW32GUGs1WpZAwAAEMAGAAAQwE033gSQRXH_____4wAAAMjIoQcAAEC_D4jJ1MzMzMyMH0EOZ6P9A1Ah1mq1ut1Yq9UC!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 19 Apr 2023 17:18:42 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame DF01 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8ITECLAZwwcG5xfOkFRDggoNzi-dJKygAAABgYID-AMlMbBvbzLhZCzYz51o0ctnWEuPK5lasBrPRbjSbbHwrIyCZiW1jmxk3a8Fm5lyLRi7bWmJc2dyK1WA22o1mk41vZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwROoul0-Fz3er3P7Lf47Tqz3-K3a_xuv8Ts93n-Yofr8ndLHZaT0-0X_D2nv2Qw2ewFo73Q4fG6LJ-3wu1yeBxut-xhdprcGpfl9LQ5PQ6T3_Jwyx1ukctleOteFrfC8Pe8RS-76WF62h5ukcutMD0cr5db47S4LHeX6enx23VG09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcTgIy9_sedn9AQAAAAAEAAAAAAmAAt7TEgAfZzMn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8huf7_g5bEqYBECiyLMAIAAACQLae9cWSSTlCxqPL__99vBeAKAEDAoabhIkMW3UGJtzAAAAAGYxboYfH7zQ67xu92mf________9_M_9n_tEINemFpwl6uFZQ8wsIALDmFxAAgI26AQB4IwAn6BC0YjBYHYXYDWeD3WQwnM0OAAAAwJ3___9_PSBhc6yMk5nFNxyMlovdxGNzbiwzy8jkmDg8E9_Ie3B-7zcZndqM-oQIy-z3HRSU09NjdhlERdfbYnc4zZ6D-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_A7GYDNBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYKx1cpj8m0Ma9nEsXCLlpPdWjibWdai5cgyc80WhtnC5ha9PqaLZ7nwzRxbJBiQuRfJ0yKdqCazyco32I0MG9vGtrIYVwuXYTYz2TyLiWG3WU3EEs3JIp3ILvuGzbEyTmYW33AwWi52E4_NubHMLCOTY-LwTHwjf2218ph8G8NaNnEs3KLlZLcWzmaWtWg5ssxcs4VhtrC5Ra-P6eJZLnwzx74xGy6Wk9Fustg3ZsPFcjLaTRb7Dp3hu_qcjbLtOeVR-ay26dRacxgULoPF-5OYFtPu7CA6-Y5OlfakLOqMfr_f7_f7_X6_32_Qeg5mg8L3HVqH48j148wuvgexwaCIJYKLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ0nSRTvQSs9_n-YsdrsvfLXVYTk63X_D3nP6SwWSzF4z2QofH67J83gq3y-FxuN2yh9lpcmtcltPT5vQ4TH7Lwy13uEUul-Gte1ncCsPf8xa97KaH6Wl7uEUut8L0cLxebo3T4rLcXaanx2_XGU1vs0UsEZwu0onoZTxd1H_kIIvdXLEYzSWL4VyyWyUAAAAAAAAAAEswzXQTAAAAACeD2a2Wu9U6HchgNRxsVssFIPFnqetnWuvdTjfBeNdIegX39rexULHGHpsok9P0tzx8Zr_F79b7zH6L38oAJNxEmW32GUGs1WpZAwAAEMAGAAAQwE033gSQRXH_____4wAAAMjIoQcAAEC_D4jJ1MzMzMyMH0EOZ6P9A1Ah1mq1ut1Yq9UC!&cmcv=&pix=undefined&cb=1681924722198&uv=3266&tms=1681924722198&abt=nonrv_vA!nrlc_vA!preload1_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=3b6c6f83-03f9-4de6-b8ef-150647462c7e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 19 Apr 2023 17:18:42 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
%USER_ID%
pr-bh.ybp.yahoo.com/sync/taboola/ Frame DF01 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/%USER_ID%?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8ITECLAZwwcG5xfOkFRDggoNzi-dJKygAAABgYID-AMlMbBvbzLhZCzYz51o0ctnWEuPK5lasBrPRbjSbbHwrIyCZiW1jmxk3a8Fm5lyLRi7bWmJc2dyK1WA22o1mk41vZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwROoul0-Fz3er3P7Lf47Tqz3-K3a_xuv8Ts93n-Yofr8ndLHZaT0-0X_D2nv2Qw2ewFo73Q4fG6LJ-3wu1yeBxut-xhdprcGpfl9LQ5PQ6T3_Jwyx1ukctleOteFrfC8Pe8RS-76WF62h5ukcutMD0cr5db47S4LHeX6enx23VG09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcTgIy9_sedn9AQAAAAAEAAAAAAmAAt7TEgAfZzMn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8huf7_g5bEqYBECiyLMAIAAACQLae9cWSSTlCxqPL__99vBeAKAEDAoabhIkMW3UGJtzAAAAAGYxboYfH7zQ67xu92mf________9_M_9n_tEINemFpwl6uFZQ8wsIALDmFxAAgI26AQB4IwAn6BC0YjBYHYXYDWeD3WQwnM0OAAAAwJ3___9_PSBhc6yMk5nFNxyMlovdxGNzbiwzy8jkmDg8E9_Ie3B-7zcZndqM-oQIy-z3HRSU09NjdhlERdfbYnc4zZ6D-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_A7GYDNBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYKx1cpj8m0Ma9nEsXCLlpPdWjibWdai5cgyc80WhtnC5ha9PqaLZ7nwzRxbJBiQuRfJ0yKdqCazyco32I0MG9vGtrIYVwuXYTYz2TyLiWG3WU3EEs3JIp3ILvuGzbEyTmYW33AwWi52E4_NubHMLCOTY-LwTHwjf2218ph8G8NaNnEs3KLlZLcWzmaWtWg5ssxcs4VhtrC5Ra-P6eJZLnwzx74xGy6Wk9Fustg3ZsPFcjLaTRb7Dp3hu_qcjbLtOeVR-ay26dRacxgULoPF-5OYFtPu7CA6-Y5OlfakLOqMfr_f7_f7_X6_32_Qeg5mg8L3HVqH48j148wuvgexwaCIJYKLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ0nSRTvQSs9_n-YsdrsvfLXVYTk63X_D3nP6SwWSzF4z2QofH67J83gq3y-FxuN2yh9lpcmtcltPT5vQ4TH7Lwy13uEUul-Gte1ncCsPf8xa97KaH6Wl7uEUut8L0cLxebo3T4rLcXaanx2_XGU1vs0UsEZwu0onoZTxd1H_kIIvdXLEYzSWL4VyyWyUAAAAAAAAAAEswzXQTAAAAACeD2a2Wu9U6HchgNRxsVssFIPFnqetnWuvdTjfBeNdIegX39rexULHGHpsok9P0tzx8Zr_F79b7zH6L38oAJNxEmW32GUGs1WpZAwAAEMAGAAAQwE033gSQRXH_____4wAAAMjIoQcAAEC_D4jJ1MzMzMyMH0EOZ6P9A1Ah1mq1ut1Yq9UC!&cmcv=&pix=undefined&cb=1681924722198&uv=3266&tms=1681924722198&abt=nonrv_vA!nrlc_vA!preload1_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=3b6c6f83-03f9-4de6-b8ef-150647462c7e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:ba5:3c85:9cb8:2168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
usync.html
eus.rubiconproject.com/ Frame 91CA 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8ITECLAZwwcG5xfOkFRDggoNzi-dJKygAAABgYID-AMlMbBvbzLhZCzYz51o0ctnWEuPK5lasBrPRbjSbbHwrIyCZiW1jmxk3a8Fm5lyLRi7bWmJc2dyK1WA22o1mk41vZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwROoul0-Fz3er3P7Lf47Tqz3-K3a_xuv8Ts93n-Yofr8ndLHZaT0-0X_D2nv2Qw2ewFo73Q4fG6LJ-3wu1yeBxut-xhdprcGpfl9LQ5PQ6T3_Jwyx1ukctleOteFrfC8Pe8RS-76WF62h5ukcutMD0cr5db47S4LHeX6enx23VG09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcTgIy9_sedn9AQAAAAAEAAAAAAmAAt7TEgAfZzMn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8huf7_g5bEqYBECiyLMAIAAACQLae9cWSSTlCxqPL__99vBeAKAEDAoabhIkMW3UGJtzAAAAAGYxboYfH7zQ67xu92mf________9_M_9n_tEINemFpwl6uFZQ8wsIALDmFxAAgI26AQB4IwAn6BC0YjBYHYXYDWeD3WQwnM0OAAAAwJ3___9_PSBhc6yMk5nFNxyMlovdxGNzbiwzy8jkmDg8E9_Ie3B-7zcZndqM-oQIy-z3HRSU09NjdhlERdfbYnc4zZ6D-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_A7GYDNBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYKx1cpj8m0Ma9nEsXCLlpPdWjibWdai5cgyc80WhtnC5ha9PqaLZ7nwzRxbJBiQuRfJ0yKdqCazyco32I0MG9vGtrIYVwuXYTYz2TyLiWG3WU3EEs3JIp3ILvuGzbEyTmYW33AwWi52E4_NubHMLCOTY-LwTHwjf2218ph8G8NaNnEs3KLlZLcWzmaWtWg5ssxcs4VhtrC5Ra-P6eJZLnwzx74xGy6Wk9Fustg3ZsPFcjLaTRb7Dp3hu_qcjbLtOeVR-ay26dRacxgULoPF-5OYFtPu7CA6-Y5OlfakLOqMfr_f7_f7_X6_32_Qeg5mg8L3HVqH48j148wuvgexwaCIJYKLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ0nSRTvQSs9_n-YsdrsvfLXVYTk63X_D3nP6SwWSzF4z2QofH67J83gq3y-FxuN2yh9lpcmtcltPT5vQ4TH7Lwy13uEUul-Gte1ncCsPf8xa97KaH6Wl7uEUut8L0cLxebo3T4rLcXaanx2_XGU1vs0UsEZwu0onoZTxd1H_kIIvdXLEYzSWL4VyyWyUAAAAAAAAAAEswzXQTAAAAACeD2a2Wu9U6HchgNRxsVssFIPFnqetnWuvdTjfBeNdIegX39rexULHGHpsok9P0tzx8Zr_F79b7zH6L38oAJNxEmW32GUGs1WpZAwAAEMAGAAAQwE033gSQRXH_____4wAAAMjIoQcAAEC_D4jJ1MzMzMyMH0EOZ6P9A1Ah1mq1ut1Yq9UC!&cmcv=&pix=undefined&cb=1681924722198&uv=3266&tms=1681924722198&abt=nonrv_vA!nrlc_vA!preload1_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=3b6c6f83-03f9-4de6-b8ef-150647462c7e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://imprammp.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 19 Apr 2023 17:18:42 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame F9F4 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f03041a91d6fa1fa2a8b0e108165ce663290378f354ebfdad730de06a2f9f100

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 17:18:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Apr 2023 09:06:04 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56842
Connection
keep-alive
Content-Length
10019
Expires
Thu, 20 Apr 2023 09:06:04 GMT
__activity.gif
query.petametrics.com/v3/2v84n8g15c1895dv/8fdf29e2-f4f6-407f-8679-12ba9476d458/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/2v84n8g15c1895dv/8fdf29e2-f4f6-407f-8679-12ba9476d458/__activity.gif?e=stuck_10s&ct=Hackers+amea%C3%A7am+Valid+Certificadora+na+%27deep+web%27+ap%C3%B3s+tentativa+de+ataque+cibern%C3%A9tico&ccu=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&tspl=13105&blst=2948&ist=3096&iet=3099&bdst=2948&bdet=3091&bcttt=15&ts=1681924722505&jsk=2v84n8g15c1895dv&jsv=20230329&cu=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&uid=8fdf29e2-f4f6-407f-8679-12ba9476d458&sid=fcb2fd78-f8e6-46ad-d354-fd478627270a&pvid=10d40167-5f42-42de-8bd7-cb8deabbe874&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F112.0.5615.121+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=9&saveData=false&ctyp=unknown&tzo=0&w=null&source=null&sdk=bc-pixel
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 19 Apr 2023 17:18:42 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame 91CA 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f03041a91d6fa1fa2a8b0e108165ce663290378f354ebfdad730de06a2f9f100

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 17:18:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Apr 2023 09:06:04 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56842
Connection
keep-alive
Content-Length
10019
Expires
Thu, 20 Apr 2023 09:06:04 GMT
j
rp4.liadm.com/ Frame 2EE1
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1681924722540&se=e30&duid=da5812f14a1e--01gyd8cxmq0s4ny3sb0820zp3v&pu=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-...
  • https://rp4.liadm.com/j?dtstmp=1681924722540&se=e30&duid=da5812f14a1e--01gyd8cxmq0s4ny3sb0820zp3v&pu=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid...
13 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1681924722540&se=e30&duid=da5812f14a1e--01gyd8cxmq0s4ny3sb0820zp3v&pu=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&wpn=prebid&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjEw
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Server
34.195.36.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-36-0.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:42 GMT
x-pixel-event-id
efe2049c-0788-4ee9-90a4-0fd240180991
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
DENY
vary
Origin
content-type
application/json
request-time
0
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
8dbdb0c74e182a4f
content-length
13
x-xss-protection
1; mode=block

Redirect headers

date
Wed, 19 Apr 2023 17:18:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
vary
Origin
location
https://rp4.liadm.com/j?dtstmp=1681924722540&se=e30&duid=da5812f14a1e--01gyd8cxmq0s4ny3sb0820zp3v&pu=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml&wpn=prebid&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjEw
access-control-allow-origin
https://oglobo.globo.com
request-time
0
access-control-allow-credentials
true
trace-id
9e3f0e58ac9608dc
content-length
0
x-xss-protection
1; mode=block
state
api.permutive.com/v1.0/ 		0
33 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 19 Apr 2023 17:18:42 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 91CA 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---&khaos=LGNYJRNC-6-FY2U
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
c52bde874ac36e8646ae455e9e84952e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usage
api.permutive.com/v2.0/tpd/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/tpd/usage?k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 19 Apr 2023 17:18:42 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
seg
secure.adnxs.com/ 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?add=32543326&t=1
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Apr 2023 17:18:42 GMT
AN-X-Request-Uuid
60119f9b-7c06-4c01-a820-42859ec22ad4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/javascript; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.27; 217.114.218.27; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
index_nckv4.html
targeting.voxus.tv/a/ Frame D4E4 		53 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://targeting.voxus.tv/a/index_nckv4.html?12943a233&client%3DO%20Globo%26website_id%3D2057%26obj%3D238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47%26type%3Dpageview
Requested by
Host: targeting.voxus.com.br
URL: https://targeting.voxus.com.br/clients/1012409.js?v=1630300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
592e5fa4dd91346c874bd1cd31fe1500e3238dc701d4697cbd49e4abc4c73acb

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
sentry-trace
access-control-allow-origin
*
age
29677
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7ba6ceed0c96367b-FRA
content-encoding
br
content-type
text/html
date
Wed, 19 Apr 2023 17:18:42 GMT
last-modified
Tue, 17 Aug 2021 20:21:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvdHDUW3FzWvs%2FM%2BL4QyO%2B4cvCXsKGvA41zKW7iUl7sXVm8jHVS4p5YmboIAEDxRENKC5vBse7XY7BK%2BFseufaV33QZx7rYAsEn61dOLzYyrba0bofl4BBFXRSsa6g4e0k5kfjjM63At39yeOkvoAqU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rocket-loader.min.js
targeting.voxus.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame D4E4 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://targeting.voxus.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: targeting.voxus.tv
URL: https://targeting.voxus.tv/a/index_nckv4.html?12943a233&client%3DO%20Globo%26website_id%3D2057%26obj%3D238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47%26type%3Dpageview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://targeting.voxus.tv/a/index_nckv4.html?12943a233&client%3DO%20Globo%26website_id%3D2057%26obj%3D238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47%26type%3Dpageview
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 14 Apr 2023 19:06:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6439a44a-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5mVaBRLoMo1LvIsAGA4ldM%2F5kv5dhFIIFojFNOyeL9ccnz1%2Bvh9Bmq4QMNSVRZoX1%2BKlaJvCS3ST6AzUk%2FpHx7BpuwETgxOQWzj43jssYvd%2B1fCpzgnYUy3AOytdh6Gb8RyzC2mT%2BhYjUHrZVQrX0FA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7ba6ceed4cf5367b-FRA
expires
Fri, 21 Apr 2023 17:18:42 GMT
/
api.voxus.tv/verify/ 		24 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.voxus.tv/verify/?adv_id=2057&ck_id=16819247227950.6279981696257997jqsfarwxb6r&ipa=true
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.48.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-48-11.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.17
Resource Hash
91a198fc0c19694e2b6606ec092803daf9528b8834681b3aa3fac11361068b4c

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 19 Apr 2023 17:18:43 GMT
Server
Apache/2.4.7 (Ubuntu)
Connection
keep-alive
X-Powered-By
PHP/5.5.9-1ubuntu4.17
Content-Length
24
Content-Type
text/html
wl
t.pubmatic.com/ Frame 3752 		17 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=157163
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:42 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
bulk
trc.taboola.com/editoraglobo-oglobo/log/3/ 		0
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/editoraglobo-oglobo/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=4
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
pragma
no-cache
date
Wed, 19 Apr 2023 17:18:42 GMT
via
1.1 varnish
x-served-by
cache-hhn-etou8220066-HHN
server
nginx
x-timer
S1681924723.920557,VS0,VE10
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://oglobo.globo.com
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:42 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
688
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7ba6ceee5c499c0c-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 19 May 2023 17:18:42 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Wed, 19 Apr 2023 17:18:42 GMT
via
1.1 varnish
x-amz-request-id
RXPPRCR6WSZ12407
age
25912
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
6HRI7LUqTe5ZMnAAeDpkOqm2g/lgGiuzwqHLIoWfYP0ln7ampDPEtLDVJn9C0zLIy0PK+xJJTPA=
x-served-by
cache-hhn-etou8220066-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1681924723.956500,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
28
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
18760
icon
onesignal.com/api/v1/apps/2a12022a-47ec-4502-80a3-1a5412d58b50/ 		274 B
815 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/2a12022a-47ec-4502-80a3-1a5412d58b50/icon
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6596d57ea5e89840f6a7944469e85e5c04551eb8c5950046a464607d5f44b6d0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
1eec5c33-e37b-454e-8449-e5e4f10570f0
x-runtime
0.007953
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"6596d57ea5e89840f6a7944469e85e5c"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
7ba6ceeec99d2c7d-FRA
access-control-allow-headers
SDK-Version
activeview
pagead2.googlesyndication.com/pcs/ Frame 2EE1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssHfG_E7ai0nQMZwqIeQtsE96viK0mbFYRCeXANppxErM3LkGxINc5qtILxIcHsOWlO5w6QA4niJABpldDKbr3DW5IblJWhFppjfO1J7aZsreHym-sj&sig=Cg0ArKJSzIz4Y7b84LbCEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230417&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=380194064&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681924721463&rpt=602&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2019%2F12%2F11%2F16%2F1576094036952.png
s3.glbimg.com/v1/AUTH_0ae9f161c1ff459593599b7ffa1a1292/images/escenic/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_0ae9f161c1ff459593599b7ffa1a1292/images/escenic/2019%2F12%2F11%2F16%2F1576094036952.png
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
eebc9903008d6c428b3485c7e786b60bf0bda8f286cdcb46b39cec83a58e47ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:43 GMT
x-openstack-request-id
tx87ce219260d84ed5bdbb5-006440225a
last-modified
Wed, 11 Dec 2019 19:53:58 GMT
x-thanos
0AB47186
etag
32ee4ecc7a03b607236a42613c9e58f5
vary
Accept-Encoding, Origin
content-type
image/png
x-timestamp
1576094037.19403
cache-control
public, max-age=180
accept-ranges
bytes
content-length
5433
x-trans-id
tx87ce219260d84ed5bdbb5-006440225a
x-request-id
e23ca408-81ca-40bd-a8f9-0f1bf03dc4e8
/
api.ipify.org/ 		0
0
seg
secure.adnxs.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?add=31018360&t=2
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Apr 2023 17:18:43 GMT
AN-X-Request-Uuid
2daa7b85-9677-46ad-b3f6-73fce76956d8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.27; 217.114.218.27; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230419-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Wed, 19 Apr 2023 17:18:43 GMT
x-amz-request-id
XZ48AY8MC3YY614W
age
237
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
ZXMXCLJsczBoyw0v63m27AWkI94Y95ukWIGwlplqNEpaniQj72rR0y3rlTEcSHyevflymKnOHpA=
x-served-by
cache-hhn-etou8220066-HHN
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1681924724.878301,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
28
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
2014
/
pips.taboola.com/ 		64 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
8319cdd7d20a930a2fce947b00f02174ffe7bbc0a6db64f2b5c08b7a4ac3c4a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
cache-hhn-etou8220023-HHN
date
Wed, 19 Apr 2023 17:18:43 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-store
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=65ecd7c0-6b1a-4927-86f2-49d2f56a06af-tuctb39a7f1&uad=b7bab399e87338ff7e75ac15e592a194fce5a9bce2b7e899f6510af38c5c4177&mbl=ZmFsc2U=
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/84ffc25c59ae555879ea820e89c9e287.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 19 Apr 2023 17:18:44 GMT
cache-control
no-store
server
nginx
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Foglobo.globo.com%2F&domain=oglobo.globo.com&bundle=miFL9l8lMkZ3TGtadXcwOHozN1RIc2k1MlV1aW1UVlN3UmdEWHJNTUZ2OFZzUXFhYjhNaU9UNyUyRkhUJTJCemFQVnM3RU90NUtpRjclMkZvVHJEZCUyRmVBMU9NSjFKZ1JwRmU2Vk5hdkdSWmhoOU9KczVDOTdrTzQ4STkxZU5vVEp3RjdWem9IJTJCeFppOVpFdUJWWkhhcU11U3YyZXVKcHAxVnclM0QlM0Q&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://oglobo.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 19 Apr 2023 17:18:45 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
372398
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ Frame 2EE1 		49 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a000034LEuvAAG&gdpr=0&src=pbjs&ver=7.45.0
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Apr 2023 17:18:44 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
json
gum.criteo.com/sid/ Frame 2EE1 		2 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Foglobo.globo.com%2F&domain=oglobo.globo.com&bundle=miFL9l8lMkZ3TGtadXcwOHozN1RIc2k1MlV1aW1UVlN3UmdEWHJNTUZ2OFZzUXFhYjhNaU9UNyUyRkhUJTJCemFQVnM3RU90NUtpRjclMkZvVHJEZCUyRmVBMU9NSjFKZ1JwRmU2Vk5hdkdSWmhoOU9KczVDOTdrTzQ4STkxZU5vVEp3RjdWem9IJTJCeFppOVpFdUJWWkhhcU11U3YyZXVKcHAxVnclM0QlM0Q&cw=1&lsw=1
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:45 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
383348
expires
0
usync.html
eus.rubiconproject.com/ Frame AC1E 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 19 Apr 2023 17:18:45 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2EA0 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
36260
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 19 Apr 2023 17:18:45 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 29 Mar 2023 07:13:44 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
3345, 360666
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220029-HHN
X-Timer
S1681924725.192528,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 235A 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=72361
content-encoding
gzip
content-length
5554
content-type
text/html
date
Wed, 19 Apr 2023 17:18:45 GMT
expires
Thu, 20 Apr 2023 13:24:46 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame AC1E 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f03041a91d6fa1fa2a8b0e108165ce663290378f354ebfdad730de06a2f9f100

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 17:18:45 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Apr 2023 09:06:04 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56839
Connection
keep-alive
Content-Length
10019
Expires
Thu, 20 Apr 2023 09:06:04 GMT
async_usersync
ib.adnxs.com/ Frame 2EA0 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Apr 2023 17:18:45 GMT
AN-X-Request-Uuid
a66e2404-df4f-4295-ba6d-c8be36565135
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.27; 217.114.218.27; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 235A 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=11776946&p=157163&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c38bd748196658c7ba2c12558029e21b5598f7dab31f35d497a2f4caa3de6641

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 19 Apr 2023 17:18:43 GMT
content-length
2002
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 647B 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=B24DA5CD-B69F-4A6D-9475-72B74C0E6EEE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 19 Apr 2023 17:18:45 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
dcm
aax-eu.amazon-adsystem.com/s/ Frame 01B7 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=B24DA5CD-B69F-4A6D-9475-72B74C0E6EEE&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.33.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 19 Apr 2023 17:18:45 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
M94A6N41P4N790G4C58C
Pug
simage2.pubmatic.com/AdServer/ Frame 4D8A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7908508821806482549&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7908508821806482549&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 19 Apr 2023 17:18:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
3b397555-9d5b-4f92-ae14-d1a896e0078a
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 19 Apr 2023 17:18:45 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7908508821806482549&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.114.218.27; 217.114.218.27; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 0AA7
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7223811688219539596&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7223811688219539596&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 19 Apr 2023 17:18:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Wed, 19 Apr 2023 17:18:45 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7223811688219539596&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame D7C3
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=0INoe5JwVz9c6yAyaNKsLNly2hs&gdpr=0&gdpr_consent=
42 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=0INoe5JwVz9c6yAyaNKsLNly2hs&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 19 Apr 2023 17:18:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Wed, 19 Apr 2023 17:18:45 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=0INoe5JwVz9c6yAyaNKsLNly2hs&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 1E91
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFETWQwN0lnRVVBQUJ2SGJLaTJTUQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADMd07IgEUAABvHbKi2SQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7113393577030880893&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADMd07IgEUAABvHbKi2SQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D7113393577030880893%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=7113393577030880893&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADMd07...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADMd07IgEUAABvHbKi2SQ&gdpr=0&gdpr_consent=
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADMd07IgEUAABvHbKi2SQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 19 Apr 2023 17:18:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 19 Apr 2023 17:18:46 GMT
Server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADMd07IgEUAABvHbKi2SQ&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
mw
mwzeom.zeotap.com/ Frame 235A 		95 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=B24DA5CD-B69F-4A6D-9475-72B74C0E6EEE
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7ba6cefd5b9303f8-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 235A
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B24DA5CD-B69F-4A6D-9475-72B74C0E6EEE&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B24DA5CD-B69F-4A6D-9475-72B74C0E6EEE&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B24DA5CD-B69F-4A6D-9475-72B74C0E6EEE&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
HTTP/1.1
Server
77.243.51.122 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:52 GMT
frontend-id
8
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:52 GMT
frontend-id
5
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=B24DA5CD-B69F-4A6D-9475-72B74C0E6EEE&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 235A
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=B24DA5CD-B69F-4A6D-9475-72B74C0E6EEE&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=8d4043c439c80e93/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 19 Apr 2023 17:18:45 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame 235A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B24DA5CD-B69F-4A6D-9475-72B74C0E6EEE&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-0MNW9jFE2uVCPPVpBQRjF_6pHB67DRs-~A&gdpr=0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-0MNW9jFE2uVCPPVpBQRjF_6pHB67DRs-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-0MNW9jFE2uVCPPVpBQRjF_6pHB67DRs-~A&gdpr=0
date
Wed, 19 Apr 2023 17:18:45 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
B24DA5CD-B69F-4A6D-9475-72B74C0E6EEE
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 235A 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/B24DA5CD-B69F-4A6D-9475-72B74C0E6EEE?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:ba5:3c85:9cb8:2168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 235A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=79c5a257-bf32-4967-a5d3-8b1f9b288fc3&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=79c5a257-bf32-4967-a5d3-8b1f9b288fc3&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=2ab7044c-56e1-4d56-ad31-35cd6e9b254b&ssp=pubmatic&expires=30&user_group=5&bsw_param=79c5a257-bf32-4967-a5d3-8b1f9b288fc3
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=79c5a257-bf32-4967-a5d3-8b1f9b288fc3&gdpr=&gdpr_consent=&gdpr_pd=
1 B
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=79c5a257-bf32-4967-a5d3-8b1f9b288fc3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 19 Apr 2023 17:18:44 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=79c5a257-bf32-4967-a5d3-8b1f9b288fc3&gdpr=&gdpr_consent=&gdpr_pd=
date
Wed, 19 Apr 2023 17:18:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 235A 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B24DA5CD-B69F-4A6D-9475-72B74C0E6EEE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:45 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 235A 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Wed, 19 Apr 2023 17:18:45 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
async_usersync
ib.adnxs.com/ Frame 2EA0 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Apr 2023 17:18:46 GMT
AN-X-Request-Uuid
fb03c176-f435-4203-855b-54a75b970464
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.27; 217.114.218.27; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Foglobo.globo.com%2F&domain=oglobo.globo.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://oglobo.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 19 Apr 2023 17:18:46 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
280355
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame 1080 		2 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Foglobo.globo.com%2F&domain=oglobo.globo.com&cw=1&lsw=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:46 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
346205
expires
0
996.json
id5-sync.com/g/v2/ Frame 1080 		216 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/996.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
5c081239242cbe2b7a1da84f3abd6d668b403fb457d5c9ac2db62a7d1a3eccbd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://oglobo.globo.com
date
Wed, 19 Apr 2023 17:18:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame 1080 		43 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.143.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-143-122.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:46 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache
x-server
10.45.12.127
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ Frame 1080 		63 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
9f25c70e441b0095aaac5b3abf43366f57fe8ad1ac1bdf01d9d7b65ff221680b

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Apr 2023 17:18:46 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Fri, 19 May 2023 17:18:46 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame E28A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
36262
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 19 Apr 2023 17:18:46 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 29 Mar 2023 07:13:44 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
3345, 360681
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220029-HHN
X-Timer
S1681924727.944572,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame FA05 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
44
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7ba6cf07bf933a3e-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 19 Apr 2023 17:18:47 GMT
expires
Wed, 19 Apr 2023 21:18:47 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame BF43 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2410EL&prvid=2034%2C2033%2C2030%2C157%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C2045%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C173%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
6f369a9077bae4d685b771b55853ced60bfbba2fa7ca6d1e2d57af852465b04a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8338
content-type
text/html; charset=UTF-8
date
Wed, 19 Apr 2023 17:18:47 GMT
expires
Fri, 21 Apr 2023 17:18:47 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
eus.rubiconproject.com/ Frame FB74 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 19 Apr 2023 17:18:46 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5DDC 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=72360
content-encoding
gzip
content-length
5554
content-type
text/html
date
Wed, 19 Apr 2023 17:18:46 GMT
expires
Thu, 20 Apr 2023 13:24:46 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame FB74 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f03041a91d6fa1fa2a8b0e108165ce663290378f354ebfdad730de06a2f9f100

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 17:18:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Apr 2023 09:06:04 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56838
Connection
keep-alive
Content-Length
10019
Expires
Thu, 20 Apr 2023 09:06:04 GMT
async_usersync
ib.adnxs.com/ Frame E28A 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Apr 2023 17:18:46 GMT
AN-X-Request-Uuid
edde2812-8076-49a1-924a-8535c5bca037
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.27; 217.114.218.27; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 7FE5
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Foglobo.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Foglobo.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Foglobo.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
2b1e12c8f75a230cc1e16793f767a542a3481a5bd9343ba6a63d788a05757ebd

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1840
Content-Type
text/html
Date
Wed, 19 Apr 2023 17:18:47 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Wed, 19 Apr 2023 17:18:47 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?d=https%3A%2F%2Foglobo.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usermatchredir
ssum-sec.casalemedia.com/ Frame 7FE5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZEAid1LCFrVdU29_5IADRQAAFKEAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHPXXX0KnvChfItkIbrrryg&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHPXXX0KnvChfItkIbrrryg&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Foglobo.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Apr 2023 17:18:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHPXXX0KnvChfItkIbrrryg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 7FE5 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Foglobo.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 19 Apr 2023 17:18:47 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 7FE5 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZEAid1LCFrVdU29_5IADRQAAFKEAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Foglobo.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Apr 2023 17:18:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YSNC5YRVK1EYZ91BNX05
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 7FE5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZEAid1LCFrVdU29-5IADRQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBotB10K4DICIqEYdA86Th0&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBotB10K4DICIqEYdA86Th0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Foglobo.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Apr 2023 17:18:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 19 Apr 2023 17:18:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBotB10K4DICIqEYdA86Th0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 7FE5
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Foglobo.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Apr 2023 17:18:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Wed, 19 Apr 2023 17:18:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 7FE5
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=db29058c-9427-4654-ad17-a57eeaf1cde4
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=db29058c-9427-4654-ad17-a57eeaf1cde4
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Foglobo.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Apr 2023 17:18:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=db29058c-9427-4654-ad17-a57eeaf1cde4
date
Wed, 19 Apr 2023 17:18:47 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
demconf.jpg
dpm.demdex.net/ Frame 7FE5
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZEAid1LCFrVdU29-5IADRQAA%265281?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZEAid1LCFrVdU29-5IADRQAA%265281
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZEAid1LCFrVdU29-5IADRQAA%265281
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Foglobo.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
54.228.21.106 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v047-054dec948.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
fmmJwQAbS2w=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v047-0a9d00a32.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
Cr1zJ76YRDk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZEAid1LCFrVdU29-5IADRQAA%265281
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum.casalemedia.com/ Frame 7FE5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7908508821806482549
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7908508821806482549
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Foglobo.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Apr 2023 17:18:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Wed, 19 Apr 2023 17:18:47 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.27; 217.114.218.27; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2d3ad0de-5c99-4f5b-8ad1-2f726d82fc11
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7908508821806482549
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 7FE5 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZEAid1LCFrVdU29-5IADRQAA%265281
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Foglobo.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:47 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
1786
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ba6cf0b29e3368b-FRA
content-length
43
expires
Thu, 20 Apr 2023 17:18:47 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 235A 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157163&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:18:46 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync
ib.adnxs.com/ Frame E28A 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Apr 2023 17:18:47 GMT
AN-X-Request-Uuid
a765dd6b-3824-43ef-b010-fda9167afcb2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.27; 217.114.218.27; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
aps.zqtk.net
URL
https://aps.zqtk.net/92bb6886-83?url=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Domain
aps.zqtk.net
URL
https://aps.zqtk.net/92bb6886-83?url=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Domain
buy.tinypass.com
URL
https://buy.tinypass.com/ng/common/i18n/platform-translation-map_pt_BR.js?version=15.158.0
Domain
aps.zqtk.net
URL
https://aps.zqtk.net/92bb6886-83?url=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Domain
aps.zqtk.net
URL
https://aps.zqtk.net/92bb6886-83?url=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Domain
api.ipify.org
URL
https://api.ipify.org/?format=jsonp&callback=getIP

Verdicts & Comments Add Verdict or Comment

552 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 boolean| credentialless object| cdaaas object| HorizonClient object| utag_data function| globalWebdeps object| glb object| settings function| OneSignal string| ambienteUtilizadoPiano boolean| conteudoExclusivo string| nomeProdutoPiano string| tipoConteudoPiano object| AMP_CONFIG object| AMP_EXP object| AMP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS number| __oneSignalSdkLoadCount function| __jp0 object| header_data_globoid object| header_data_login_area_container object| oidcSettings string| gcomBarUseCustomUrl string| gcomBarcustomUrl string| gcomBarcustomUrlTitle string| gcomBarcustomUrlTitleColor object| usrData string| $igniter_var function| $p function| translateCanonicalUrl function| trackRecommendation function| renderRecommendation function| registerRecommendation function| applyRecommendation function| recommendationTrigger object| timeout function| recommendationListener function| isMigratedContent object| el boolean| IsMigratedContent object| webpackChunkli_browser_client object| ScrollSpy object| globoPage object| regeneratorRuntime object| localStorageCache function| stringStartsWith function| isArray function| extendObjs object| ajaxCache object| tinyBasket object| manageElementClasses object| viewportSize number| myInnerWidth number| myInnerHeight function| fnSpriteSvgSuccess object| googletag object| pbjs function| bannerLazyLoading function| disableLazyLoad function| enableLazyLoad boolean| libPubReady object| webpackJsonp boolean| hasPaywall object| tp object| PaywallAnalytics object| tinyCpnt object| dataLayer object| Piano object| responseVariables object| pbjsChunk object| _pbjsGlobals object| ggeac object| google_tag_data object| google_js_reporting_queue object| SWG object| swgEntitlements object| e undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal function| _typeof boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion function| ___tp object| cX function| cxCCE_callQueueExecute object| cxTest object| ari object| PianoESPConfig object| glbUserAvatarCpnt object| glbBannerBottomFixed object| regrasTiny string| _GALimite string| _GAContagem boolean| executouPageview function| comScore object| ns_p object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_Q object| sync16589_ua object| sync16589_va function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_N function| sync16589_O function| sync16589_P function| sync16589_ma function| sync16589_R function| sync16589_na function| sync16589_oa function| sync16589_pa function| sync16589_S function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_ta function| sync16589_T function| sync16589_U function| sync16589_wa function| sync16589_V function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_xa function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_1 function| sync16589_Aa function| sync16589_ya function| sync16589_2 function| sync16589_za function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_6 function| sync16589_Ca function| sync16589_Da function| sync16589_Ba function| sync16589_8 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ea function| sync16589_9 function| sync16589_7 function| sync16589_Ha function| sync16589_Ia function| sync16589_Ja function| sync16589_Ka function| sync16589_$ function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa object| lotame_sync_16589 function| setImmediate function| clearImmediate object| __uid2SecureSignalProvider object| __uid2 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_135 object| Criteo object| Criteo_identitytag_135 undefined| cXJsonpCB1 object| BlockAdBlock object| blockAdBlock object| $jscomp function| __extends object| Horizon object| glb_realtime_map object| pvm object| loadTimes function| convertRecAb object| hadron boolean| __halo_loaded__ object| au string| nomeExperienciaBotao string| buttonValorImg string| buttonValorUrl string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData function| $ function| jQuery function| changeBg function| checkIfTranslated object| horizonResources function| HorizonSendEvent function| HorizonSchedulePageLoadEvent object| editoraGloboAuthenticationLib object| __SENTRY__ function| _ object| commentsEl object| AppcuesBundleSettings object| Appcues object| _gaq object| jQuery18306315472429662756 object| google_tag_manager undefined| arrayGloboId object| GlobalIvcNamespace function| ivc object| bVejaMais object| observer object| config object| _sf_async_config string| user_type object| el_mab object| _cbq number| _sf_endpt function| renderBanner function| insertPubFloating function| insertPubInImage object| COMMON_POSITIONS object| MAP_POSITIONS function| renderPositions boolean| ehMobile object| publicidadeFixa object| n object| d object| _taboola function| insertPubInText function| JsonpService function| Util function| CacheService object| Cadun function| EventService object| GloboIDSDK object| _cdn object| cq function| getCookie function| hasCookie function| removeOldVersionsFromStorage function| insertUserDataOnDataLayer function| insertUserDataOnStorage function| getGloboIdFromCookie function| getUserDataFromLocalStorage function| getUserDataFromUsergate function| finishEvent string| HORIZON_RECOMMENDATION function| insertHorizonRecommendation function| notifyHorizonRecommendation function| onYouTubeIframeAPIReady string| alcn object| pageview object| adseen boolean| fromOther object| gasent object| dmcluster string| cookie_id boolean| ismobile function| __voxusTrackPage number| llapweiqpooqkw object| exp function| QuantumMetricInstrumentationStart object| QuantumMetricAPI object| Snowplow object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| _comscore object| tv4 function| GloboAB object| COMSCORE boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand undefined| _pm_ecd undefined| _tb_vpx undefined| _tb_vpmd boolean| _tb_vautop function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| _pmk function| TBWidgetFacebook function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| yi object| _pm_mcg object| globoAB object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| nvg13574 function| nvgGetSegment function| ltgc string| prmstr object| prmarr object| tmparr object| nvg_hosts object| naveggReady object| TTTagManager function| TTTagManagerError object| _ttq_ttGlobo object| permutive object| apntag object| __permutive object| _cbm number| taboola_view_id boolean| libAnalyticsReady string| usubida_domain object| usubidaPages string| clientDomain object| clientDomainWl object| subusubidaPages object| igpgs object| usubidaFBPixels string| voxus_key string| voxus_keypip string| client_id object| sgotasd boolean| logglyloadvoxus object| lastDataLoggly object| thisip object| getip function| getIP string| axel number| a function| sgarq number| intervalDocumentOnloadVoxusDsp function| voxusAnalyticsValidation boolean| sgarqRun function| checkEnterprise boolean| dataExcludeValidated number| intervalDataExcludeValidated boolean| interPixel boolean| interConversion boolean| igvxtst boolean| igvxgtst boolean| kopid boolean| kopiduh boolean| adinter boolean| sent_usubida boolean| sentloggly boolean| alihuadsa boolean| alihuadsanw boolean| pipcluster boolean| converted number| converted_gl number| retroative boolean| creativekaoq boolean| ___vx__runCVL boolean| sgotasdkaoq boolean| kopidCooked number| totalSes boolean| isicgt number| enterpriseId object| urlsToBloq number| redir number| imp number| attmob object| alcm object| alcc boolean| isChrome object| kiphouYiasO object| alvx2 object| alvx1 object| alvx3 boolean| lswf boolean| dc string| VOXUS_RTDT_DATA function| setisicgt undefined| fs string| __domain__ function| decodeURLComponentEscaped object| vxencd function| getParameterByNameVx__ undefined| acsBef object| u15PixelsApip boolean| utmInThisPage boolean| otnoreal undefined| u15I undefined| pipscript2 undefined| s undefined| __v undefined| sgotasdkaoqsplit undefined| ignoredPage function| __voxMainProc undefined| urlTrackerVx undefined| httptrk boolean| sgotasdExists string| dspHostPxl string| VezonHostPxl function| reloadPixels function| CookiesVx number| c2 number| c1 string| alcs string| alsd string| st string| sd string| cs string| cn string| cm number| targetingOnload object| commonSignals function| commonTracker function| sendCommonHit string| nam object| placementData object| cmTag object| _cm_wfCounters function| verifyPage

132 Cookies

Domain/Path Name / Value
oglobo.globo.com/blogs/lauro-jardim/post/2023/04 Name: _gada_ses.8e9a
Value: *
oglobo.globo.com/blogs/lauro-jardim/post/2023/04 Name: _gada_id.8e9a
Value: b1fbbe11-dd32-4dd0-9fc4-e7553045ad13.1681924720.1.1681924720.1681924720.e11c07c8-c0b9-45a6-8153-09859f1a1568
oglobo.globo.com/blogs/lauro-jardim/post/2023/04 Name: privAu
Value: 0
id.globo.com/auth/realms/globo.com/ Name: AUTH_SESSION_ID
Value: d38ff32d-22c1-418b-a0c8-9e838e1e82ab.mig-rhsso-prod-1fsg
id.globo.com/auth/realms/globo.com/ Name: AUTH_SESSION_ID_LEGACY
Value: d38ff32d-22c1-418b-a0c8-9e838e1e82ab.mig-rhsso-prod-1fsg
.onesignal.com/ Name: __cf_bm
Value: DymoHa48UwC2.zbg6oIRTvGbK7ZD.vqJ51WEnuxvUWs-1681924711-0-Aa4Tza6zClFky+nleudqDuoGxQ2fC9IfvK5e0ArCgVLfgspvgsLDLKRhM9rIdV7ZiomnLZn/FnFtfTmshULQOd8=
.globo.com/ Name: _igt
Value: fcb2fd78-f8e6-46ad-d354-fd478627270a
.globo.com/ Name: _ig
Value: 8fdf29e2-f4f6-407f-8679-12ba9476d458
.globo.com/ Name: _pc_randomCookieForPiano
Value: cookieB
oglobo.globo.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.globo.com/ Name: pbjs_sharedId
Value: a9343784-32f9-41b1-bb59-5363e1dff958
.globo.com/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIEYOBWAJh44A2QQAYRADgAsggMyjJAdhABfIA
.globo.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22lgnyjqw2gw36kca0%22%7D
.piano.io/ Name: __cf_bm
Value: a5cu6WhdV_MsxGiEYy66PvtOJdYAqprI7K.Q.Z7_YHc-1681924713-0-Aa20N59s/ULb08LuYsYU0jkMf1bwC8/C3H8gX9kGXYXUNPSpgK6aMSDRXXvpQHGvhTNjXvahDNkNDmZ2XCCPWy0=
.globo.com/ Name: __tbc
Value: %7Bkpex%7DwyuDOgPaKpoRvo-fsKwBp8HXUrxSSIAVb7dskwUlYbfOfe97V6sqLXT1dCNQV9W9
.globo.com/ Name: __pat
Value: -10800000
.globo.com/ Name: __pvi
Value: eyJpZCI6InYtbGdueWpxd2F0M2RnbnJyMyIsImRvbWFpbiI6Ii5nbG9iby5jb20iLCJ0aW1lIjoxNjgxOTI0NzEzOTMyfQ%3D%3D
.globo.com/ Name: xbc
Value: %7Bkpex%7DZ4Usg2knUFLPoGXuenihJy_TIVedJ1e6g8q33nSaTIysWOkG4sD4ncoDw_rRQ2KZ2mkEHzgLoHWQoQHb_aOkxbQ7XmVKeQN_IxdxEEFNyln7iWeR_qmpZN0em2W6F4TPpot0pGlZBTlD_wcAszT43g-Vh6phFDlV3yPe8FjYLLfwa7vKim0HeCdrxn5SkZ5Wbtjqqle0kZBjmS1YUaPHSyBYL3Zj4IOoDMMrALiGCDKAcxS6e-YnK6uhbSSTOOHbEiA6CM-t6TazkJ3pe9qe1AJ3S8RtQsozG2u-C6Qb8eiS5YHxaFm8EjV9dksJSNQwoq0RnUBzpZWY5jlLuGq8ifcDoHERZE02G3-EKkRFGlymtpqaGstyX2suKHUowa1hTmf2s7RMYgn5iNq3fNywwBWLviAPtNMuV9Oh2rnfGqjcNMkkCGQ6aeGw3NW4f7eA
.globo.com/ Name: cX_P
Value: lgnyjqw2gw36kca0
.globo.com/ Name: __gads
Value: ID=891612a06dffe41b:T=1681924713:S=ALNI_MapVw7IncFmj6ZgPj1Byw6JA31wGQ
.globo.com/ Name: __gpi
Value: UID=00000c06796e95d4:T=1681924713:RT=1681924713:S=ALNI_MYqw5zlJerB6sm7H3VhJsKwzELy-Q
.doubleclick.net/ Name: IDE
Value: AHWqTUmJnuFIgsEzHjbQ0q-HeuHdsy8cAoRG2yorUXNxIYTeQ7D49cIAYad21bJIFHY
.globo.com/ Name: lotame_domain_check
Value: globo.com
.cxense.com/ Name: gckp
Value: 2jfwpjw6i8dot1hheu13hxgkys
.globo.com/ Name: cX_G
Value: cx%3A1cl2z8wchnq1r3um9vg1f6k9yx%3A1gkjo99sbg19i
.criteo.com/ Name: uid
Value: 16a3965a-08a5-412d-9c76-92d3283956c8
.openx.net/ Name: i
Value: 4ec5cb42-471a-4307-a63e-45465deebe56|1681924714
oglobo.globo.com/ Name: __adblocker
Value: false
.globo.com/ Name: cto_bundle
Value: miFL9l8lMkZ3TGtadXcwOHozN1RIc2k1MlV1aW1UVlN3UmdEWHJNTUZ2OFZzUXFhYjhNaU9UNyUyRkhUJTJCemFQVnM3RU90NUtpRjclMkZvVHJEZCUyRmVBMU9NSjFKZ1JwRmU2Vk5hdkdSWmhoOU9KczVDOTdrTzQ4STkxZU5vVEp3RjdWem9IJTJCeFppOVpFdUJWWkhhcU11U3YyZXVKcHAxVnclM0QlM0Q
.globo.com/ Name: kppid
Value: 68156215321662326877
.globo.com/ Name: hsid
Value: ec37f4c8-9d3e-4d76-9544-0bb01638fd21
.rubiconproject.com/ Name: khaos
Value: LGNYJRNC-6-FY2U
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qo/1fOvNb3xWLU1ZxogGjlwOA+xFj1I9sdpdF/86rQGb+5J7ApI4uxdAVBGfCYupegbyGwBXGEIfOBxGCOXoSK1aw0RPyEWv5fc6UO785F0Pw==
.globo.com/ Name: _li_dcdm_c
Value: .globo.com
.globo.com/ Name: _lc2_fpi
Value: da5812f14a1e--01gyd8cxmq0s4ny3sb0820zp3v
.globo.com/ Name: _pubcid
Value: 238f7aaa-86f5-472c-a5cb-f4c5e1c6ce88
.adnxs.com/ Name: uuid2
Value: 7908508821806482549
.liadm.com/ Name: lidid
Value: 66c656b0-407c-4ef6-b5fa-1d89034a1b28
.globo.com/ Name: _gid
Value: GA1.2.1784354852.1681924717
.globo.com/ Name: _gat_pianoTracker
Value: 1
oglobo.globo.com/ Name: _lr_retry_request
Value: true
oglobo.globo.com/ Name: _lr_env_src_ats
Value: false
.pubmatic.com/ Name: KADUSERCOOKIE
Value: B24DA5CD-B69F-4A6D-9475-72B74C0E6EEE
.quantserve.com/ Name: d
Value: EI0BCwHlKPijAA
.quantserve.com/ Name: mc
Value: 6440226f-95e74-b18cd-3d051
.weborama.fr/ Name: AFFICHE_W
Value: yFBHxp-H6kXI61
.simpli.fi/ Name: suid
Value: 85314D4D081B4E6EA3695D3615A90E0B
.de17a.com/ Name: guid
Value: 1.5256627883620175868
.mathtag.com/ Name: uuid
Value: c5e36440-226f-4800-bacb-9b0604c28d1c
.adform.net/ Name: C
Value: 1
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmFoaWRibmhpZmYOABuWkPwQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjG1NDQ3NTI0NRXiM9QtCrPML0qKyDfyT_YBAAdujaYlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjG1NDQ3NTI0NRXiM9QtCrPML0qKyDfyT_YBAAdujaYlAAAA
.globo.com/ Name: __li_idex_cache_e30
Value: %7B%22nonId%22%3A%22DUWVb7-lh0JeFTDVp_fiLN2u7J7opLYyASkUFg%22%7D
oglobo.globo.com/ Name: pbjs_li_nonid
Value: %7B%22nonId%22%3A%22DUWVb7-lh0JeFTDVp_fiLN2u7J7opLYyASkUFg%22%7D
.adform.net/ Name: uid
Value: 5986731816154314662
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5141210824591752155
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEJKq2_EIAcAJTS_tzFUhQMQ&KRTB&22987-CAESEJKq2_EIAcAJTS_tzFUhQMQ&KRTB&23025-CAESEJKq2_EIAcAJTS_tzFUhQMQ&KRTB&23386-CAESEJKq2_EIAcAJTS_tzFUhQMQ
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-iKQ3vYyiNeuTqTboiaQu74-oYOmTo2e9i6E-IWiC&KRTB&19420-iKQ3vYyiNeuTqTboiaQu74-oYOmTo2e9i6E-IWiC&KRTB&22979-iKQ3vYyiNeuTqTboiaQu74-oYOmTo2e9i6E-IWiC&KRTB&23462-iKQ3vYyiNeuTqTboiaQu74-oYOmTo2e9i6E-IWiC
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5986731816154314662&KRTB&23263-5986731816154314662&KRTB&23481-5986731816154314662
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:c5e36440-226f-4800-bacb-9b0604c28d1c&KRTB&16736-uid:c5e36440-226f-4800-bacb-9b0604c28d1c&KRTB&23019-uid:c5e36440-226f-4800-bacb-9b0604c28d1c&KRTB&23114-uid:c5e36440-226f-4800-bacb-9b0604c28d1c
.yahoo.com/ Name: A3
Value: d=AQABBG8iQGQCEMh2iLsxoUaJKtxDgUGRmjgFEgEBAQFzQWRKZAAAAAAA_eMAAA&S=AQAAAs2DFP89lp8e4JXmL6kC7nU
.linkedin.com/ Name: bcookie
Value: "v=2&f9811c11-b7e3-4e7b-812b-bbb006c9d9d6"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODE5MjQ3MTk7MjswMjHkTZEY+VjzthtJJnYqKZYLcg1bzdU0wcFAo3XXyw1pfg==
.linkedin.com/ Name: lidc
Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2874:u=1:x=1:i=1681924719:t=1682011119:v=2:sig=AQFSO1IY5w9S32nVe_Wf-GzngCxl4p1M"
.audrte.com/ Name: arcki2
Value: e2fXmeR-XKsRx-WBB-6js0XRQ!20220908!1681924719955!ip#217.114.218.27
.audrte.com/ Name: arcki2_pubmatic
Value: B24DA5CD-B69F-4A6D-9475-72B74C0E6EEE!20220908!1681924719958
.tinypass.com/ Name: LANG
Value: pt_BR
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-5256627883620175868
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.globo.com/ Name: _ga_F6Y6KJC9BQ
Value: GS1.1.1681924720.1.0.1681924720.0.0.0
.audrte.com/ Name: arcki2_ddp2
Value: e2fXmeR-XKsRx-WBB-6js0XRQ!20220908!1681924720238
.amazon-adsystem.com/ Name: ad-id
Value: A9KYfTARYUmcrST8kaAUiEs
.globo.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.globo.com/ Name: _dc_gtm_UA-51216819-1
Value: 1
oglobo.globo.com/ Name: _tb_sess_r
Value:
.audrte.com/ Name: arcki2_adform
Value: 5986731816154314662!20220908!1681924720561
.prebid.a-mo.net/ Name: __amc
Value: 2_1681924714_1681924720
.oglobo.globo.com/ Name: _cb_oglobo
Value: CCxfXyBrPaDwCcXiZF
.oglobo.globo.com/ Name: _chartbeat2_oglobo
Value: .1681924720743.1681924720743.1.gGdDlZ3NbrBd7PccDos6pUCG1Xww.1
.oglobo.globo.com/ Name: _cb_svref_oglobo
Value: null
.navdmp.com/ Name: nid
Value: 1293a289d88a9aaf8481b9ee3910|0|139
.globo.com/ Name: nav13574
Value: 1293a289d8391b25349b06ec2b10|2_110
.globo.com/ Name: permutive-id
Value: 98e03e87-92ae-4ea7-938d-d934ef42a7c4
.krxd.net/ Name: _kuid_
Value: PgVME5Ld
.d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co/ Name: pxid
Value: 0aa8b350-e4d0-4679-a617-ba04501831f1
.globo.com/ Name: _ga_SL5WEXQ2G6
Value: GS1.1.1681924721.1.0.1681924721.0.0.0
.globo.com/ Name: _ga
Value: GA1.1.1201176432.1681924713
id.globo.com/ Name: GCLB
Value: "e156c3e94370c682"
oglobo.globo.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D65ecd7c0-6b1a-4927-86f2-49d2f56a06af-tuctb39a7f1
.adnxs.com/ Name: icu
Value: ChgIw_N4EAoYAiACKAIw8sSAogY4AkACSAIQ8sSAogYYAQ..
.globo.com/ Name: glb_uid
Value: "vPpthL2vHKXjOnvseRzQcU0Cz76KedMuji3ETNP4Hwg="
cocoon.globo.com/ Name: GCLB
Value: "a0fb18b36eae8074"
.voxus.tv/ Name: _dmp_
Value: 16819247227950.6279981696257997jqsfarwxb6r
.voxus.tv/ Name: voxusdsp_ret2
Value: [["2057","2023-04-19 17:18:42"]]
.globo.com/ Name: voxusmediamanager_id
Value: 16819247227950.6279981696257997jqsfarwxb6r
.globo.com/ Name: voxusmediamanager_acs
Value: true
.adnxs.com/ Name: anj
Value: dTM7k!M4/8D>6NRF']wIg2ImK_lj@c!4=!v#xS0i.wL4W1Qw2v.>DX@
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 157163:3
.pubmatic.com/ Name: DPSync3
Value: 1683072000%3A227_226_219_197_201_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1683072000%3A161_46_13_7_3_220_56_251_166_55_54_8_21_71_233%7C1682467200%3A223_15%7C1684454400%3A203%7C1683158400%3A35%7C1682726400%3A63
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7908508821806482549&KRTB&23339-7908508821806482549
.adfarm1.adition.com/ Name: UserID1
Value: 7223811688219539596
.zeotap.com/ Name: zc
Value: b523f3dd-d364-45d1-662d-cda4e9a976f5
.onaudience.com/ Name: cookie
Value: 8d4043c439c80e93
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7223811688219539596&KRTB&23369-7223811688219539596
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~2b6h
.semasio.net/ Name: SEUNCY
Value: 8B77D6178D3AECC9
.onaudience.com/ Name: done_redirects147
Value: 1
.pubmatic.com/ Name: SPugT
Value: 1681924724
.bidswitch.net/ Name: tuuid
Value: 79c5a257-bf32-4967-a5d3-8b1f9b288fc3
.bidswitch.net/ Name: c
Value: 1681924725
.bidswitch.net/ Name: tuuid_lu
Value: 1681924725
.bidr.io/ Name: bito
Value: AADMd07IgEUAABvHbKi2SQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.creative-serving.com/ Name: tuuid
Value: 2ab7044c-56e1-4d56-ad31-35cd6e9b254b
.creative-serving.com/ Name: c
Value: 1681924725
.creative-serving.com/ Name: tuuid_lu
Value: 1681924725
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-79c5a257-bf32-4967-a5d3-8b1f9b288fc3
.smartadserver.com/ Name: pid
Value: 7113393577030880893
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AADMd07IgEUAABvHbKi2SQ
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-d083687b-9270-573f-5ceb-203268d2ac2c.yVX0NuDnwGO6rZAerbWC%2F30tiI8jtvJqu%2FWwaSuy8xQ
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0INoe5JwVz9c6yAyaNKsLNly2hs.8omT8wW5eQ%2BUKcfhcsm59I3rK2UsGLto8rDcuyB7g9A
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0INoe5JwVz9c6yAyaNKsLNly2hs.8omT8wW5eQ%2BUKcfhcsm59I3rK2UsGLto8rDcuyB7g9A
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-0INoe5JwVz9c6yAyaNKsLNly2hs&KRTB&23334-0INoe5JwVz9c6yAyaNKsLNly2hs&KRTB&23417-0INoe5JwVz9c6yAyaNKsLNly2hs&KRTB&23426-0INoe5JwVz9c6yAyaNKsLNly2hs
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: f2504f00d521867b
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AADMd07IgEUAABvHbKi2SQ
.pubmatic.com/ Name: PugT
Value: 1681924726

14 Console Messages

Source Level URL
Text
javascript error URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Message:
Access to XMLHttpRequest at 'https://aps.zqtk.net/92bb6886-83?url=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml' from origin 'https://oglobo.globo.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://aps.zqtk.net/92bb6886-83?url=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Message:
Access to XMLHttpRequest at 'https://aps.zqtk.net/92bb6886-83?url=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml' from origin 'https://oglobo.globo.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://aps.zqtk.net/92bb6886-83?url=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://oglobo.globo.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B24DA5CD-B69F-4A6D-9475-72B74C0E6EEE&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://buy.tinypass.com/style.css
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Message:
Access to XMLHttpRequest at 'https://aps.zqtk.net/92bb6886-83?url=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml' from origin 'https://oglobo.globo.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://aps.zqtk.net/92bb6886-83?url=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://oglobo.globo.com/blogs/lauro-jardim/post/2023/04/hackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Message:
Access to XMLHttpRequest at 'https://aps.zqtk.net/92bb6886-83?url=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml' from origin 'https://oglobo.globo.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://aps.zqtk.net/92bb6886-83?url=https%3A%2F%2Foglobo.globo.com%2Fblogs%2Flauro-jardim%2Fpost%2F2023%2F04%2Fhackers-ameacam-valid-certificadora-na-deep-web-apos-tentativa-de-ataque-cibernetico.ghtml
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://pr-bh.ybp.yahoo.com/sync/taboola/%USER_ID%?gdpr=1&us_privacy=1---
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://pr-bh.ybp.yahoo.com/sync/taboola/%USER_ID%?gdpr=1&us_privacy=1---
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0888e00a708091e2c6bb64e9954cefd0.safeframe.googlesyndication.com
5f8d30e863cbf3471191a33651e10ff7.safeframe.googlesyndication.com
a.ad.gt
a.audrte.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ads.creative-serving.com
ads.pubmatic.com
ads.rubiconproject.com
adservice.google.com
adservice.google.de
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
ampcid.google.com
ampcid.google.de
ap.lijit.com
api.ipify.org
api.permutive.com
api.rlcdn.com
api.voxus.tv
aps.zqtk.net
b1sync.zemanta.com
b774b7a62013a922a4e2d4e5e43d8c2a.safeframe.googlesyndication.com
barra.globo.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
buy.tinypass.com
c.amazon-adsystem.com
c1.adform.net
c2.piano.io
cdn.ampproject.org
cdn.cxense.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.navdmp.com
cdn.onesignal.com
cdn.permutive.com
cdn.petametrics.com
cdn.prod.uidapi.com
cdn.quantummetric.com
cdn.taboola.com
cdn.targeting.voxus.com.br
cdn.tinypass.com
cdnjs.cloudflare.com
cds.taboola.com
cm.g.doubleclick.net
cms.quantserve.com
cocoon.globo.com
comcluster.cxense.com
contextual.media.net
cr.frontend.weborama.fr
d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
experience.tinypass.com
fast.appcues.com
fastlane.rubiconproject.com
fonts.googleapis.com
gadasource.storage.googleapis.com
google-bidout-d.openx.net
gum.criteo.com
hb.undertone.com
hbopenbid.pubmatic.com
hcode-marketing.s3.amazonaws.com
horizon-schemas.globo.com
horizon-track.globo.com
horizon.globo.com
htlb.casalemedia.com
i.imgur.com
ib.adnxs.com
id.crwdcntrl.net
id.cxense.com
id.globo.com
id.hadron.ad.gt
id5-sync.com
idsync.frontend.weborama.fr
idx.liadm.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imprammp.taboola.com
ivccf.ivcbrasil.org.br
js-sec.indexww.com
lb.eu-1-id5-sync.com
lexicon.33across.com
mab.chartbeat.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
mwzeom.zeotap.com
oa.openxcdn.net
oajs.openx.net
oglobo.globo.com
onesignal.com
p.rfihub.com
p1cluster.cxense.com
pagead2.googlesyndication.com
ping.chartbeat.net
pips.taboola.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.onaudience.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
pubmatic-match.dotomi.com
px.ads.linkedin.com
query.petametrics.com
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s.glbimg.com
s2.glbimg.com
s3.amazonaws.com
s3.glbimg.com
sb.scorecardresearch.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
static.chartbeat.com
static.criteo.net
static.infoglobo.com.br
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
t.pubmatic.com
tag.navdmp.com
tags.crwdcntrl.net
tags.t.tailtarget.com
targeting.voxus.com.br
targeting.voxus.tv
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
usergate.globo.com
usr.navdmp.com
vidstat.taboola.com
widget.perfectmarket.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.npttech.com
x.bidswitch.net
api.ipify.org
api.rlcdn.com
aps.zqtk.net
buy.tinypass.com
104.18.11.47
104.18.24.185
104.19.150.54
13.224.192.181
13.32.99.23
141.226.224.32
141.226.228.48
141.94.171.215
146.75.116.193
147.75.83.64
147.75.84.158
151.101.129.108
151.101.193.44
151.139.128.10
162.19.138.117
162.19.138.119
172.217.18.2
178.250.1.11
178.250.1.9
18.66.97.105
184.30.134.95
185.29.134.244
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.80
185.64.190.82
185.80.39.216
185.83.142.19
185.86.138.152
185.89.210.90
186.192.81.117
186.192.90.3
186.192.91.5
186.192.91.9
193.0.160.130
198.148.27.139
198.47.127.20
2.18.235.93
2001:4860:4802:34::36
201.7.177.167
201.7.177.244
213.155.156.165
216.52.2.6
23.0.93.68
23.35.236.201
23.37.42.132
2600:1901:0:8344::
2600:1f18:730:b120:ab75:64db:b6e2:17e3
2600:9000:2250:3e00:a:e047:752:b361
2600:9000:2396:2000:18:1fcd:351:7bc1
2602:803:c003:200::21
2606:4700:10::6816:1857
2606:4700:10::6816:1c97
2606:4700:10::6816:3456
2606:4700:10::6816:35fc
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:10::ac43:246e
2606:4700::6810:2a41
2606:4700::6810:5614
2606:4700::6810:ef3
2606:4700::6811:190e
2606:4700::6811:b6b1
2606:4700::6811:bab1
2606:4700::6812:1af
2606:4700::6812:d63b
2606:4700::6812:d73b
2606:4700:e0::ac40:640c
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2a00:1450:4001:806::2002
2a00:1450:4001:806::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2008
2a00:1450:4001:827::200e
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2010
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9d
2a02:2638:3::3
2a02:2638:3::c
2a02:26f0:480:392::268b
2a02:fa8:8806:16::1400
2a04:4e42:400::714
2a04:4e42:600::300
2a04:4e42::622
2a05:d018:d29:3605:ba5:3c85:9cb8:2168
2a06:98c1:3121::3
3.120.68.67
3.122.84.165
3.232.54.224
3.33.220.150
3.71.149.231
34.102.146.192
34.107.148.139
34.107.254.252
34.110.201.227
34.111.129.221
34.111.131.239
34.120.107.143
34.195.36.0
34.214.230.120
34.235.225.153
34.246.143.122
34.247.20.4
34.250.107.128
34.254.57.28
34.95.81.168
35.190.14.224
35.198.44.170
35.201.123.184
35.204.158.49
35.211.79.33
35.241.9.51
35.244.153.86
35.244.159.8
37.157.6.253
52.205.24.151
52.216.10.205
52.216.208.233
52.46.155.104
52.7.221.164
52.70.48.11
54.145.221.84
54.194.239.185
54.228.21.106
54.239.33.158
65.9.66.122
65.9.99.209
69.173.144.139
69.173.144.165
70.42.32.255
77.243.51.122
8.43.72.97
85.114.159.93
98.98.134.241
030b8969dc1b865bac2639459e02bde83499522794839cd8c8169e6d2a66b1e1
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
03bd05cfb6d0789c54678927cfbd8d3ab3c9b721cee69b3dec80dc9c521149dc
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
0773d4c1e30f6ab8858f34cc7d2f532b0c6ec2119f428506355bf4b0206a198d
087a53d2f4c3e96b44c2f552af7a3bf4936788b41a209a9d9c4c14487f484549
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce254497a0252ae08925c913b52df3b0b49e6e8fb74da254b7ab5507ef13470
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0d306bd3c87511a22b7d939dd77b67a38a258a32c3c48738da44b0ced61d3021
11e4342c37d88d69519e3d4be0ed9da7c51f1febe2abc7944745fc583b29c3a3
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825
160432a4ab163fe585f1870a1383cff7b0f9406c6aa4a41bffcec3bac28c04fa
176e5a44416d22d792cb5e1f6ee9e6fe0ea478bebdc2d0fa424564e1093ba6ef
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970
1a015c16e79e56e13973a5e5721ad34aa9f56998597d9b2f3a8b8081bfb98db1
1a8b1a5d057124c55e6627c62b0e5799deb5734f067672416c12cdb1458c4e4d
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c9ae2616da1589b48269f036d75f2206e838edeb585962383f2483616aa1451
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e4a93ca0375cf94c0f63be752fbc4c8be7a3a8b0be87654b245e0cdaeef8dbb
1f864cb16d14e6fb99bdfbc75db04c0f25d0699e27076c2541ee9edc0ee5d166
2013a05ec90ec19a60b3f1c751125681112c34d457397fa95755e43d8f3435f4
23cace87721ebac55b72d3b4ef6821926c5ba46f2783e38a96c456a874863c07
252b25968594cd957d403bc11eda13d347540fc465e5e408c1b4163647f62ebf
2540d813905d752db9b97243e168612f9d734e511bcbfcdcb2fc4927d61e0577
2565ea75dd5645983e14abacaa474b8893059112ac2331e3d68eafec1187e4e0
256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719
2615e676b3f74dcc2cbb0fe1ce37e69df9da23cbdee402679d0296505f9f40b4
26840d8e6a3847df23553537b405e9badca0dff237b0854f15d04656dd57e40e
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
26e49417bbedb84b8b8857bac8b083230999f9abc6366968c8f174e8ffc56211
27584d697f2637cf97052ecacddc32f06c6ab77d6be6ad496fc626cceddd0a88
27a8a7ad0fabd4e4a708a24f1b2bb076ebd50f0d84b4cf49fb002ffa1db0179d
27ece1cb6eb72e31b919b831c906f7d5e79066e163f0753d005cfee5749a90b3
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2b1e12c8f75a230cc1e16793f767a542a3481a5bd9343ba6a63d788a05757ebd
2be5ec9833fb7e7cc366e1a51bf5f07978b7959c25a5426c4ee22fd9ab7f3e85
2c9af135eee347fcfcdfb94bf03dce34e3d0fdd299d36c8df962bafdb397baf0
2d5c206c8047b47f0eb92bbe98c8e0d44060e9763b8426548c2c11b4c1547f98
2d609abad4a8f6f76e2cab4617ff3d0dc1d15ad28c8883b84096118129453574
2f4040c7b1106916a242d094bc8d82c98fe1dc604df91d27dcc679923e1a62a4
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2faeb72dc6c6dd034ad0fe3a1326105213eb42cc9fdde9560f645ee2dd1c4c2c
300f467d355d3a946a749f73afb6ce5046e6ba8519472fe85af003dcd9c35ac2
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
30302cf78dcf64e3868e4fa3a3bb3460884fd1dbe6d9714aa23812b4a5e78c33
31ecc2f86d5917ed4667dcaaab4a3b212720237b8466f05c3f90a05e858a3031
3211f0105eedb5873f087c4d715050124d6891cd2746f9e28b78759a80a818ca
3583f4195500ae7b688b05336cc97420c4a5808996b215cbb1000af42544bccd
38dffcaf1fac89492f7c56c600a14daf36ae42f7c21985cd4134ae113124a58f
3945a98e43cd2167bfa9e8385ffa54335b9a393fa66af78f9b9deba11bd87470
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3bdcdb94506c3affd34152599415580b3b7b52a42a4d9d7b04686b7cb13f1dab
3bf1b81bce2e18990fbc82ce3b53ddff9ee069ca382b321c55fb7053ecb89996
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40242026594be9cac07f548845d7a27d5b26319c0ab35135f41c9fae1818e7cf
41c2b84f12f882ae5b50c007eb7420b3e7f82fc2ba720eefd884246be5172eb4
41ff83d81a5671cf1d0a12bc195cb490f72b1b50b735cb4dfc045fb585726578
4237c10c4fd4720ccd07086fe9162a975f2e47d7aa922535c018e400de483146
42df2970a7b0d495eb52f6408e37f8fd67b58f1850a835f52930bd7794325486
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
432acd8192429c035f55370ab0501a7f58d69456a10b0a1bc213bd3efb6d2946
437a61ae60b332b7aa9eec651bdcb824de8ad3d0c9997314d48c80c6ba235c33
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
468e419fa26aadba5be76139ecdc6af3f4182f5b95fc24351e26f3d4a0e203cc
470a4c9c17c30aa730cf0e361eea2000bde5b26818925182c714c884a07c0c2c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ca2d0116131f61b138ff2642f341369cbc1a67473e9c34dcc7a4cc233bd2dc6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e10ab13ae88e0c4bfc4ddc931d5dde37640603a81af789bc9a38a3ab95f98ef
4e5a8df78e43e83e6ca4b7af38833a508483d29e3c5332b7dc19a0ac9b27c692
4ee1c89f35280a59e607e8bb87e34ff7598381b18ce9a1e101a444f9b3fab07c
51930a2d087b0a4e11d2f6b0301394c85df60ca5be65dfda181a67d51fadf66d
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580
53db1f9b8ef762140fb5a7ec5eb605faf2313dc70fec82001303c43e6a036f23
54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55950fbecc1e426968e132fd58bfbc2bfe9e798f809259f19b2d6be09fb8c7fc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98
592e5fa4dd91346c874bd1cd31fe1500e3238dc701d4697cbd49e4abc4c73acb
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5b4c012c740d120a384871f05af3184799f6e2b607767a5d6229e2a82aac103b
5c081239242cbe2b7a1da84f3abd6d668b403fb457d5c9ac2db62a7d1a3eccbd
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
60b0f8f7a630b8cf83d4c29ddd3e6e614b119208fe97a96cae6dc6311541671b
6113aa6c8b4abb8f3d9de3e13214876879785bf25ad316ec487578e4111509e6
6143ba9ab99e82240625df8bb6286a74476a3c95bfb065f2cd199c128306e0fe
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
6326f7db4270079d6b314193b92a6b407a4c8748685e1ad6b1bddb1c5a5aab25
6596d57ea5e89840f6a7944469e85e5c04551eb8c5950046a464607d5f44b6d0
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
686a8b472e6688c4eec7e1fc677a24587af19bf7be39254df3c140d5992853a1
68a4909c6b8a33d5355c1ef06ee9caff0286db5252efedcf509859a82cdc5463
69037cfbbc9ab8f66374ef00854ade77f64e4fa2f0ffe58213c22a14f9ceeabd
6a05165d9a0184ac75ebba2285568d340442ad78a861c1dfbac47e60a87ae36c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b96d7782f2dcd1483793ec3a5df2a41a0e2e77ac11c4a1e1f190ff763e65c98
6df7b1493ff3d350a201629d7338f87a7c03852a64249e01e8ae16cb64ed9fb3
6efa2e2abd9f75fd168f031e5679ada41dbc1477f8e6015b29e4a3da7bca4889
6f369a9077bae4d685b771b55853ced60bfbba2fa7ca6d1e2d57af852465b04a
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
721f01f7ac435b12df171ba12797e85092612ae1f5c755bb33124cf6c7ff6104
723ac9bb77e415d4f1aea6c39a2bf59cb125644f33d3b5943d3f543c2aad3dc8
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72a6cd94fab6c179392075d3fb361e269cdddfad41bb7ab385fa22a37e49a900
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7
732fff3b9174acf5bea2549e34150f32968c01a5d6aca3f2ee5ad0e238c31ba8
73586d97779db94b2d314f5bb2ff7adbb146b33ea27622b03f06602d67fa3c39
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7740eedfa43b13a0c0ef57c77c72240b994238b5a5da8be3a9a32e3bdab60aa9
775807392af29b7a91f1217ab6ed717ba35baaa024bdccc9273321f54ab51bb4
7a58e89abab305ebca1ad8d64dad7a056831973dae863b4db026f71df4c2653a
7aa7a279726838956c85e89aad86b9448f5153fbb11597f7df5530a8562aa683
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7bab8552ef40273d5c6b442e9e2ef67622abba0557dbf06361eb72ddd237adfc
7c19ef8f58637cba25330e18be705e1e80b3e5dc7ee771c15c93d26a458188ca
7ecace46d78f707e1f3ef7ff9fb10354a496ac9f707d9a7748a3eb2cdabc5518
7f1e7751de7211682870afa390d8383cddbf7845eb9d83b700752bc26602a782
802cf2b5e2d0e2deb4dd5b1ba6a4cd75f8d449c2ebdcf3ed1f72297a56707c23
8043d55dd8d92d7422f3ef2a8c03d50050449c40bbc719c81fb9f68d4c432145
817e12d4c03c5d76425e0fd8adaeb5c979daad3e847d47675f94df2b1de2094d
81c18c6a1eebd0d4249f792956e0cfed7e81dc9dbef518227d62ec1818262c22
81e004b7240a735f342101b63441c220ae2c823eb7b679a43467126815191d45
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8319cdd7d20a930a2fce947b00f02174ffe7bbc0a6db64f2b5c08b7a4ac3c4a3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8378d9f49e5f7bf2c152da37350dd8db37fb7040e0fe637f381a6b1d233f2bb4
83c06e9d5a05b2ce1316edce0e1198c7f3b66ad0218ba55f72d5f91012c3f282
84dd8ab99048f38a319fec23627b3d16345d9b419f0251f59e556cebba37db53
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
869f0fe57b34d40555a0f1843ab508897e66514b6dc803d233cc29c62e810826
870534f487f6d6ee6e4a51090ff1f3282cbaf8a8b93f81cf6bdecdbe70d5e657
874cf24c5a2c1667467dcc462ec3013987552ae78973e51644010e65eacf615a
88e76e2c2d1a17d7855cdb19e689e749458d582dd461bd1bd4372146169aadb6
8900135ccc26cae8634c6c7e4fcba0a6ad86e166167aa82a551cd9cf38841cd3
8944fe95e5e19f9e9ca26c4bbf741ef6657212f0c308b40222369a01b7d21013
8b3a09a1d2b6612573e6066eb2a84d915611279f17bc2bbde3d3a83c4291519d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f4c6cd42009734183f874ce690e21b73724cecf6b4d645945e9726372cc8274
91a198fc0c19694e2b6606ec092803daf9528b8834681b3aa3fac11361068b4c
92cf292bcd6f8b25608682634dbcbfb6b426097b95f1ca7ffc4eb03faaab6bcb
93f45bd0df53776d65c03af696f72e8857a3049863b07852ba2998ecce3160a3
94e9504599293ee1e761af2bd4631ddfce7a41a06c0059b47138c8ef365e88ee
95492967ea569084237dbcd677d3eb2e98e8e5a1c5f7951619d3106dc1514300
956bd91287fd5d85b711fd51418e53c6eeb3536134044ce39f67fb20938e160c
95a13ecc10fc5e469a886007e80da3733f87fedf70d05859d66226082b4f4f21
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
980e544366284bae811ab17858f78862fad0b373091f6b0962d3bfd40380c8e1
989302c9b2c216ed3de58e20abba9a599af2eacf5766bc7db36fa99e57971a72
98dd6e08f9ddd9fc19be6911c5b2ab872f737c6a8011f6e08e1c6cb7bce40a07
98fce106d7c6b926de1944f849015d04d38bd96ff1eada0b5242b8f109c8d9c9
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99c3b12b4cec796faf43de16f5cfe1cdbe6e500cfcc2a348f4f8c3acafc5cfd1
99cc9e872f073562fd2d2ba78857f8fb53d85a39f729b22fd181c1bdb493ec52
9bcab23547d9361974e34a690325af5e2c9498e949d5301caef339de7560187a
9de7ecdc580d8aa956401bff190c4a7543633085cdf6d12854b1441f977e8cf9
9ecd654fb8fea11bbdb6693521d7ef2854cbb4ef8a9a4acaa2573601fbbcea34
9f07eb1d3485dabe204a944ab51fd4d7b4f2247c58f170714cfb40ff118af06e
9f25c70e441b0095aaac5b3abf43366f57fe8ad1ac1bdf01d9d7b65ff221680b
a0b1a997fd25d2517e28515dddbbdcb1fed0e178b33a68d57ea08dc73c65aca0
a11d62109f30ddb0d4b4f74e8b340ccc50a471ea1e5a888a5f17631c31cf9545
a16cb06407787ea8a2f13b222a5de8a39fae0bb8fdb1b64b43f31f4b7c2c9d97
a1d363a457ec0275cbf5f456d064d0e33f61baf886a255523801abf897e34984
a26d0a6708e7988527607e7f1081462ef3ff628178932e832e656ec2a9bbfa6e
a4550120f07d127035d45263fefba51b0d3795d01beb4c4509e97132a6dd9492
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51690a59260fd30a04d20955e8e5432f7f05f90c13f04c953789d67548a66b8
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a619456956cab59152037c77c23153d6dd2f404091ead85fd12483e398bc9499
a631724cecac8cf46ece583f5717dce6335c12c4e364c837a9aa376e85b43322
a6ab368de7e8ed4e323414c2cde3a629c0ed4536bb0272eff7d1e9dc4175bc8b
a8950847ef18ff6e965b5b5e567fa02a37a56072cddddab8408d8c56c809bd0e
a9017f676ee4e38fc77f91af55f8b7bdcad440a5a379039cbb913f0cbe39a39c
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aa3ebe966a050c4716fb681161db8c5e3c966e7eef21dbc7dae3a79fd33bd535
ab1f0e0de7e9825232678592a37c79f1c0fb167aaefdf6cc1f46396c60314222
ac2b0b24d095a1cbd0b3a8a099a9df8c82013e2901a7a46a0a47c1b50d941e05
afbf64269faea29f545eb1ebe14136c6ff31826737e08f8017a114460721ef5a
b0efbbb6b4506025eb7088fcbfb05a95b8fcabdfb93da22db259d8df59e88f69
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2eb769049ebe0f15dea21f38790c0a9cc234b16d3120f3bbd9174936c582766
b3c9b6a6c74294f55695ea5e30f7f277fc9252d2b0fc27e501dcb7dddac9ccbb
b437936df752ea91990758a8c417ef66b753557e50b63ab4c72d641137c58a2d
b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b81ad1210bf4276e2651563c487f1116410f97232fcf37a85c09dffa25edda2e
b88cf0b3d88825c7bce9b274b2ec763d78bacc30ad95d7c77e4b8562a26eafb1
b926d84ed56f2239b061936da7b714dd10be0033a097264948c588f2d8c451d7
b97b2342a7580d734b7aa27d35e1889d164d0a6b968679464a745d6665462c61
b9f6160b7ea7d0645d6201d24919b7289061f8d021e3c245ad5dd7b00ec66ff2
ba2f47230e67665c0044b9ead574f0ce3a6c982af3e0c54cce6904f891a55810
bac4d2c71dd7f07736e9d97f66f70f520553d697c96507bd7baa28c158d1364b
bb396c659a45cda460f579b753cf3a53f83eb8198bd344af0a2e2d9030ef910f
bb6be0b4ad7b32a6ba0586b399bf36d98bf8075b4f7de2247adac0c6add28fcb
bcdb5befa32b733dd1b06108d4c4b05352e362d5405bbf8a61d7628209c34f67
bee300c6b91903a92f9f55dea8506a481bf78eeab57c9d9a0cbe6b9690ffcc7b
bf41966f3998def3864ceeb8bf4a88164693e655e1d3f8c961dd12fe263b77e8
bf5465aad0e1f5ba24b61b880044a479fee28b28e824ed013eae5ed662ed21b0
bfb2b363b612416c899f6e75ed4bbb046008df170337c9e63a94756700098723
c0a7b78b741975a40bcc99c4b89e39855248aa76b3c8d639c8dc39245ebe1441
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c38bd748196658c7ba2c12558029e21b5598f7dab31f35d497a2f4caa3de6641
c637bc70cc671cda4cc4885f7b5f53537f9ded298f7ddcb6a784ca244606f0ea
c7c63b43903d698f7c8b28360ce19c81b574db3288a8db01a29ac72ffba1327b
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
c93caa7559d75fc3819d382bed2e34a90e25278f9d8fa1fbb767b5f91744efeb
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cae5fd6442ffda05560ee657d96ecb6b0a7db06b6fbcdaf9c2a425c3477c6bbc
cbb1e4d098743b3dad198780d88f3a7087600f40ad870bc0f97db5c7b8ebb78f
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d01b2cf5b15e8ea0ef57c0ccc66a390b354d8dbc11410035fb73eb12ab3ee514
d038de4cbf5c12895f9b6e2246563426e5005c83282ef57f0907bdde84a36ba6
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d0ec1c807fc04cea11330336828b4047e4671044fa099619c6c57da123a51481
d229bf1402eeac97dd86330249e9d0810b749d6075d41b3b304753ee8cb64dbd
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d3224a514a8b7464936f27192704f20562f8b1900a6c49b4ee91248757462e95
d3decc75ba01ec53d1204eee13646967c5ec5ae009d0172ff3a06d38e0c8ef44
d64b24d70eadbcdbf4b5223172fea453e18531d8a48f635727d97e45659f96de
d7abe638428dd1514cec663c6fce3247c9d80ed0193b26e9ac2db4e2177d43a8
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
da5e71b6f1e87039e97ecc9bbc9cde71403f7dd52780a6df816c4c8e7d10536a
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dea42e0f179347a75dd9fa41636bd1fa1ae92397bcde89a1389eeb8c0ace0fca
df65d27fc9f41e2fab6df9d94c9c1263ff3304646d2212ec082a94965134f37f
e0ed5ccd2d5c9d9cf46509ab77ab30cf11cc810bb24d7993042f3de60e197f30
e1acaf1b84c7c6a5a7ae96e4b9cce92c540c0c8ebbb0e56f8ff473917e2e9a72
e203fc1358e2baa0e35cf6999e059b111046b3e42813527475bdbc1759556c10
e38b325d9aef4c4995ec314e18cac204ece896032223de75ffb6f99840a66dc9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f422ae8bc9e4874e20a1d051cc2cde9a2e2f0e84d8a4ef84a82d90b3b5cc79
e4ba4ab2b1432e3800536ed1327e8693bf4d829929dba37720dba11c2d69583a
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e8bf9ccc765b5576c8b86e1f75a308e112cea4c1ead476dcf94720d10fa6fb0d
e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411
e9d3165c73a7f6243cdf07498cf37514d3128c1de540fa02d8a6d6c5fdf09db1
ea8121ca5e1b56ead5b2317972ee55a7d188375c588a22c1156e216715a08082
ec791e5cedfd8ae4c682062eb440a036bfdd0922604f565c700b3919ae23ac9e
ee8bf8dcd901ed0e5c33976f2a9d890f980a20311a2cf6618fa6df6967216bf7
ee9faaa57f3990045c3ac0dbcb86f299cd13061680dede8841fb37c920eba16f
eebc9903008d6c428b3485c7e786b60bf0bda8f286cdcb46b39cec83a58e47ed
ef014757c4120b333d4ebedf948ae0884b9af0b29c2fdb6fe161c7f73ebf84b6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f02e3d6e46e1ae76e73f2c164f0249e3d700ebf9b85f66f720cb3dccde4a2683
f03041a91d6fa1fa2a8b0e108165ce663290378f354ebfdad730de06a2f9f100
f0d28b0af4819cee4c4f5ec77b7c7508ac1781e48207952356c9d1600f4ddbc8
f10d9aa5c9d4f463776916358e01b87d1229a0d462f81ab5772dee734b828136
f19edb39fafced74139e21e8bb2ecbd792611ffcbeaa8875920bf0905c0deacc
f1f1abdd1ee0f383585ff55abed09a206d7129f62d51a04a145f7430c8ae289b
f3b8b0ffb62153fce532bd01e49623a39f770f344caf695ca3b8c856e1a93a17
f4db490ba98201d5a7c18933561eeedc303c324880b4312285964fa8569c67b2
f508de7759a10dbf5113dd4031a5b437395e5905f62f5680feb2cac723e3d1ee
f54ab1e32dd2faf787fd0c28a5b92b033d19ece20de5f26114e2d13c7f5a5e96
f64bc02e9153cae9067a19404aa5f5a14520e68cc537269b72f178b4868f575e
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f740efbf89285a82cdb53beb90446663d4ae9dae829f3be68e337a66009fd25c
f770ca0db2495f24252f0ed6f642e4320c484fd5c68949d1857e51dafd515f69
f9a14368257e7ae608b41966f9d8551e61390e593400e69013ea2e39ecd097a9
fb1490b12cad5fe2a6e5f1baeee559032ec3d2753537cfcef425e9d56f865ecb
fc78b05d7e7d4011b2668f70134366bdf1f22611194c5331ad1cd3e8a3d2fdd3
fcba6d68321742b971eda8d36254297a368c6a5dba5486f36076f25d66891d9c
ff0d28d5a18aa986e18940bca36886c032fbdb64c37e9a3cfa71c4eed63e6689
ff1f3fd5c645b504972939187912b4404dfdb1fae2e9f864fd1961b07680d684