urlscan.io logo urlscan.io
SecurityTrails logo

glamour.globo.com Open in urlscan Pro
201.7.177.243  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sandramaria.online.anamarialopez.site/
Effective URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Submission: On August 25 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 210 IPs in 16 countries across 167 domains to perform 1053 HTTP transactions. The main IP is 201.7.177.243, located in Brazil and belongs to Globo Comunicacao e Participacoes SA, BR. The main domain is glamour.globo.com.
TLS certificate: Issued by R3 on August 24th 2022. Valid for: 3 months.
This is the only time glamour.globo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 23.111.174.26 29802 (HVC-AS)
4 2607:f8b0:400... 15169 (GOOGLE)
2 44.194.46.109 14618 (AMAZON-AES)
1 108.139.29.125 16509 (AMAZON-02)
1 13.226.39.28 16509 (AMAZON-02)
15 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2a03:2880:f01... 32934 (FACEBOOK)
1 2a04:4e42:400... 54113 (FASTLY)
2 201.7.177.243 28604 (Globo Com...)
7 2607:f8b0:400... 15169 (GOOGLE)
2 18.213.213.19 14618 (AMAZON-AES)
2 2a03:90c0:999... 199524 (GCORE)
1 3.212.235.1 14618 (AMAZON-AES)
2 3.209.27.218 14618 (AMAZON-AES)
30 186.192.90.3 28604 (Globo Com...)
16 2607:f8b0:400... 15169 (GOOGLE)
7 23.197.33.123 16625 (AKAMAI-AS)
10 186.192.91.9 28604 (Globo Com...)
1 131.0.25.26 28604 (Globo Com...)
9 186.192.91.5 28604 (Globo Com...)
1 1 34.110.201.227 15169 (GOOGLE)
3 12 13.225.223.90 16509 (AMAZON-02)
3 35.244.153.86 15169 (GOOGLE)
4 35.211.79.33 19527 (GOOGLE-2)
1 35.215.230.239 15169 (GOOGLE)
6 2606:4700::68... 13335 (CLOUDFLAR...)
17 151.101.66.133 54113 (FASTLY)
6 9 23.73.244.44 16625 (AKAMAI-AS)
7 201.7.177.167 28604 (Globo Com...)
1 25 151.101.193.44 54113 (FASTLY)
1 2607:f8b0:400... 15169 (GOOGLE)
1 35.198.44.170 396982 (GOOGLE-CL...)
1 186.192.81.117 28604 (Globo Com...)
2 151.101.1.44 54113 (FASTLY)
14 34.196.228.175 14618 (AMAZON-AES)
1 52.35.73.181 16509 (AMAZON-02)
2 35.215.207.122 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
8 9 52.20.189.152 14618 (AMAZON-AES)
29 54 142.251.32.98 15169 (GOOGLE)
4 6 23.209.184.224 16625 (AKAMAI-AS)
7 11 2620:100:a001::c 19750 (AS-CRITEO)
2 5 54.85.162.154 14618 (AMAZON-AES)
14 23 68.67.179.164 29990 (ASN-APPNEX)
2 7 35.190.60.146 15169 (GOOGLE)
6 14 69.173.151.100 26667 (RUBICONPR...)
6 9 207.198.113.88 13768 (COGECO-PEER1)
2 2 76.13.32.147 26101 (YAHOO-BF1)
15 17 199.127.204.147 26120 (RHYTHMONE)
2 12 141.226.224.48 200478 (TABOOLA-AS)
15 141.226.124.48 200478 (TABOOLA-AS)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.225.63.55 16509 (AMAZON-02)
58 142.251.40.98 15169 (GOOGLE)
5 2001:4860:480... 15169 (GOOGLE)
21 24 52.223.40.198 16509 (AMAZON-02)
2 2 2600:1f18:612... 14618 (AMAZON-AES)
14 15 69.12.8.74 11742 (SPOTX-IAD)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 2600:141b:13:... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 13.225.63.88 16509 (AMAZON-02)
1 13.226.39.89 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 3.92.156.8 14618 (AMAZON-AES)
2 2602:803:c002... 26667 (RUBICONPR...)
3 145.40.89.32 54825 (PACKET)
4 2607:f8b0:400... 15169 (GOOGLE)
1 34.209.30.241 16509 (AMAZON-02)
2 34.102.146.192 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
11 2620:100:a001::4 19750 (AS-CRITEO)
1 13.226.39.34 16509 (AMAZON-02)
1 3.19.38.244 16509 (AMAZON-02)
7 104.18.133.145 13335 (CLOUDFLAR...)
12 2607:f8b0:400... 15169 (GOOGLE)
1 3.19.54.139 16509 (AMAZON-02)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
10 14 141.95.98.68 16276 (OVH)
3 184.29.133.72 16625 (AKAMAI-AS)
2 54.204.100.150 14618 (AMAZON-AES)
2 22 104.36.115.109 62713 (AS-PUBMATIC)
1 2 23.92.190.68 10913 (INTERNAP-BLK)
2 6 198.148.27.139 19189 (PULSEPOINT)
5 9 199.187.193.199 47043 (SMARTADSE...)
2 3 44.208.243.83 14618 (AMAZON-AES)
2 2 74.119.119.150 19750 (AS-CRITEO)
9 9 103.229.205.243 30419 (MEDIAMATH...)
10 10 3.230.10.142 14618 (AMAZON-AES)
3 3 3.216.62.66 14618 (AMAZON-AES)
2 6 8.28.7.81 62713 (AS-PUBMATIC)
1 1 69.166.1.10 27630 (AS-XFERNET)
21 24 35.211.178.172 19527 (GOOGLE-2)
6 6 35.190.90.30 15169 (GOOGLE)
6 7 107.178.246.49 15169 (GOOGLE)
2 3 13.225.63.112 16509 (AMAZON-02)
4 4 35.207.24.140 15169 (GOOGLE)
2 11 34.98.64.218 15169 (GOOGLE)
2 3 52.223.22.214 16509 (AMAZON-02)
22 195.244.31.10 63140 (IGUANA-WO...)
1 31.220.27.155 39572 (ADVANCEDH...)
7 7 44.196.211.13 14618 (AMAZON-AES)
1 82.145.213.8 39832 (NO-OPERA)
21 184.29.132.212 16625 (AKAMAI-AS)
1 54.231.227.160 16509 (AMAZON-02)
25 2607:f8b0:400... 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
3 18.205.219.62 14618 (AMAZON-AES)
8 151.139.128.11 20446 (STACKPATH...)
19 44 63.251.28.233 13789 (INTERNAP-...)
1 1 204.62.13.72 46636 (NATCOWEB)
2 18.198.39.162 16509 (AMAZON-02)
6 8 3.218.90.66 14618 (AMAZON-AES)
6 74.119.119.139 19750 (AS-CRITEO)
7 7 151.101.194.49 54113 (FASTLY)
3 6 2600:1f18:4e9... 14618 (AMAZON-AES)
4 65.8.192.196 16509 (AMAZON-02)
1 104.36.115.111 62713 (AS-PUBMATIC)
1 104.18.18.126 13335 (CLOUDFLAR...)
1 6 34.234.190.218 14618 (AMAZON-AES)
1 34.107.148.139 15169 (GOOGLE)
1 2 63.251.86.50 32475 (SINGLEHOP...)
7 2600:141b:13:... 20940 (AKAMAI-ASN1)
3 69.192.109.215 16625 (AKAMAI-AS)
4 32 146.20.132.111 27357 (RACKSPACE)
23 35.244.182.124 15169 (GOOGLE)
5 5 2606:4700::68... 13335 (CLOUDFLAR...)
1 47.252.78.131 45102 (ALIBABA-C...)
1 1 8.2.110.134 46636 (NATCOWEB)
3 3 2620:112:f002... 6336 (TURN-US-ASN)
2 5 2620:116:800b... 14618 (AMAZON-AES)
3 35.201.123.184 15169 (GOOGLE)
1 1 34.107.184.81 15169 (GOOGLE)
2 199.38.167.129 54312 (ROCKETFUEL)
30 146.20.128.108 27357 (RACKSPACE)
15 104.105.42.146 16625 (AKAMAI-AS)
3 2600:141b:13:... 20940 (AKAMAI-ASN1)
3 7 157.90.211.246 24940 (HETZNER-AS)
8 8 67.202.105.22 32748 (STEADFAST)
1 2 67.202.105.34 32748 (STEADFAST)
3 15 51.222.39.187 16276 (OVH)
10 10 68.67.179.87 29990 (ASN-APPNEX)
10 10 50.31.142.63 23352 (SERVERCEN...)
1 4 52.1.8.172 14618 (AMAZON-AES)
3 3 34.195.71.40 14618 (AMAZON-AES)
5 14 104.18.19.126 13335 (CLOUDFLAR...)
1 37.157.4.28 198622 (ADFORM)
4 2607:f8b0:400... 15169 (GOOGLE)
1 162.19.138.118 16276 (OVH)
2 22 52.46.128.147 16509 (AMAZON-02)
1 108.138.128.105 16509 (AMAZON-02)
3 4 185.167.164.37 198622 (ADFORM)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
1 1 109.206.161.21 50245 (SERVEREL-AS)
1 1 3.12.251.213 16509 (AMAZON-02)
2 2 192.132.33.46 18568 (BIDTELLECT)
1 2600:9000:21d... 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2600:141b:13:... 20940 (AKAMAI-ASN1)
1 107.151.8.226 55081 (24SHELLS)
1 2600:141b:500... 20940 (AKAMAI-ASN1)
1 2 199.187.193.197 47043 (SMARTADSE...)
2 4 213.19.162.80 3356 (LEVEL3)
2 199.187.193.182 47043 (SMARTADSE...)
2 162.248.18.11 62713 (AS-PUBMATIC)
12 12 2606:ae80:145... 26762 (CNVR-US-EAST)
6 34.117.239.71 15169 (GOOGLE)
2 52.73.179.133 14618 (AMAZON-AES)
2 2 35.210.53.219 15169 (GOOGLE)
8 8 2600:1f18:1c9... 14618 (AMAZON-AES)
1 15.235.43.120 16276 (OVH)
1 1 3.220.112.109 14618 (AMAZON-AES)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
2 2 23.205.56.183 16625 (AKAMAI-AS)
1 34.229.3.43 14618 (AMAZON-AES)
3 4 2606:4700:440... 13335 (CLOUDFLAR...)
3 3 2600:9000:21d... 16509 (AMAZON-02)
4 192.35.249.143 11742 (SPOTX-IAD)
2 35.186.236.204 15169 (GOOGLE)
2 23.3.125.24 16625 (AKAMAI-AS)
1 2620:1ec:21::14 8068 (MICROSOFT...)
3 3 193.122.128.135 31898 (ORACLE-BM...)
9 8.28.7.83 62713 (AS-PUBMATIC)
2 2 173.231.184.20 32475 (SINGLEHOP...)
1 2 38.91.45.7 398989 (DEEPINTENT)
3 3 54.84.62.20 14618 (AMAZON-AES)
1 1 69.90.254.78 13768 (COGECO-PEER1)
1 2 54.211.243.57 14618 (AMAZON-AES)
1 1 35.211.118.13 19527 (GOOGLE-2)
2 9 23.227.139.243 55081 (24SHELLS)
3 3 23.73.241.119 16625 (AKAMAI-AS)
2 2 107.178.254.65 15169 (GOOGLE)
4 104.36.115.114 62713 (AS-PUBMATIC)
5 5 169.61.103.241 36351 (SOFTLAYER)
1 2 204.2.255.233 2914 (NTT-LTD-2914)
1 5 54.208.23.128 14618 (AMAZON-AES)
1 52.94.220.185 16509 (AMAZON-02)
8 2001:4de0:ac1... 20446 (STACKPATH...)
1 1 52.23.59.39 14618 (AMAZON-AES)
2 2 8.43.72.97 26667 (RUBICONPR...)
2 54.208.69.179 14618 (AMAZON-AES)
4 9 54.209.87.113 14618 (AMAZON-AES)
1 2620:100:a001::3 19750 (AS-CRITEO)
1 2620:100:a001... 19750 (AS-CRITEO)
1 22 35.172.99.217 14618 (AMAZON-AES)
1 1 35.227.252.103 15169 (GOOGLE)
1 1 34.95.81.168 15169 (GOOGLE)
1 1 2600:1f18:659... 14618 (AMAZON-AES)
5 5 2600:9000:21d... 16509 (AMAZON-02)
2 2 35.211.233.246 19527 (GOOGLE-2)
3 4 70.42.32.31 13789 (INTERNAP-...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 2 52.203.133.218 14618 (AMAZON-AES)
4 142.251.40.226 15169 (GOOGLE)
22 2607:f8b0:400... 15169 (GOOGLE)
1 74.119.119.147 19750 (AS-CRITEO)
2 2 124.146.215.44 2514 (INFOSPHER...)
2 23.83.76.65 395954 (LEASEWEB-...)
2 2 108.138.128.7 16509 (AMAZON-02)
4 68.67.160.137 29990 (ASN-APPNEX)
3 2600:9000:214... 16509 (AMAZON-02)
1 104.36.115.121 62713 (AS-PUBMATIC)
1 2600:141b:900... 20940 (AKAMAI-ASN1)
1 209.25.232.94 13768 (COGECO-PEER1)
2 35.174.63.80 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 74.119.119.137 19750 (AS-CRITEO)
2 74.119.119.149 19750 (AS-CRITEO)
1 2 23.5.239.40 16625 (AKAMAI-AS)
1 151.101.1.108 54113 (FASTLY)
2 2 135.125.160.160 16276 (OVH)
2 2 15.235.43.119 16276 (OVH)
1 3 142.250.65.230 15169 (GOOGLE)
2 184.29.132.198 16625 (AKAMAI-AS)
1 13.225.63.119 16509 (AMAZON-02)
1 23.205.53.73 16625 (AKAMAI-AS)
1 104.77.220.151 16625 (AKAMAI-AS)
1 2600:1f14:b4f... 16509 (AMAZON-02)
2 52.203.70.231 14618 (AMAZON-AES)
1 209.25.233.251 13768 (COGECO-PEER1)
1 1 172.104.121.22 63949 (LINODE-AP...)
1 5.161.47.120 213230 (HETZNER-C...)
1 1 104.45.178.220 8075 (MICROSOFT...)
1 195.5.165.20 44968 (IPROM-AS)
3 3 74.222.140.101 18672 (EVOCATIVE1)
1 1 141.94.170.77 16276 (OVH)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2 35.201.96.126 15169 (GOOGLE)
1 162.248.18.10 62713 (AS-PUBMATIC)
1 2 50.57.31.206 19994 (RACKSPACE)
1 1 34.102.253.54 15169 (GOOGLE)
1 1 159.65.197.210 14061 (DIGITALOC...)
3 8.28.7.79 62713 (AS-PUBMATIC)
1 2 44.193.106.97 14618 (AMAZON-AES)
6 23.209.184.201 16625 (AKAMAI-AS)
4 34.102.185.99 15169 (GOOGLE)
1 6 54.224.232.249 ()
6 2600:9000:214... ()
4 2600:1f18:1ac... ()
1 184.29.132.246 ()
3 18.208.45.24 ()
1 2600:1901:0:e... ()
1 2600:1f16:b8a... ()
1 199.250.166.129 ()
1 34.198.103.0 ()
1053 210
9    23.111.174.26 (Tampa, United States)

ASN29802 (HVC-AS, US)
PTR: 23-111-174-26.static.hvvc.us
sandramaria.online.anamarialopez.site
4    2607:f8b0:4006:807::200a (Perth Amboy, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    44.194.46.109 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-46-109.compute-1.amazonaws.com
launcher.hotmart.com
1    108.139.29.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-125.jfk50.r.cloudfront.net
images.converteai.net
1    13.226.39.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-39-28.ewr53.r.cloudfront.net
scripts.converteai.net
15    2606:4700:20::ac43:4876 (United States)

ASN13335 (CLOUDFLARENET, US)
img.imageboss.me
4    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
fastly.jsdelivr.net
2    201.7.177.243 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
glamour.globo.com
7    2607:f8b0:4006:81f::2003 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    18.213.213.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-213-19.compute-1.amazonaws.com
identification.hotmart.com
2    2a03:90c0:9996::9996 (United States)

ASN199524 (GCORE, LU)
cdn.converteai.net
1    3.212.235.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-235-1.compute-1.amazonaws.com
tracking-api.hotmart.com
2    3.209.27.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-27-218.compute-1.amazonaws.com
api.vturb.com.br
30    186.192.90.3 (Niterói, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-90-3.prt.globo.com
s3.glbimg.com
16    2607:f8b0:4006:80d::2001 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
b914bae64ee38a1f51ab4d193a1b562e.safeframe.googlesyndication.com
9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com
3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com
bb772c466fb6df497b37ef72aab4cbbb.safeframe.googlesyndication.com
7    23.197.33.123 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-33-123.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
10    186.192.91.9 (Niterói, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-91-9.prt.globo.com
s2.glbimg.com
1    131.0.25.26 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 131.0.25-26.prt.globo.com
recomendacao.globo.com
9    186.192.91.5 (Niterói, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-91-5.prt.globo.com
p.glbimg.com
s.glbimg.com
1    34.110.201.227 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 227.201.110.34.bc.googleusercontent.com
id.globo.com
12    13.225.223.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-90.jfk51.r.cloudfront.net
sb.scorecardresearch.com
3    35.244.153.86 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 86.153.244.35.bc.googleusercontent.com
cocoon.globo.com
4    35.211.79.33 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 33.79.211.35.bc.googleusercontent.com
horizon.globo.com
horizon-track.globo.com
1    35.215.230.239 (São Paulo, Brazil)

ASN15169 (GOOGLE, US)
PTR: 239.230.215.35.bc.googleusercontent.com
globo-ab.globo.com
6    2606:4700::6810:ef3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
usr.navdmp.com
cdn.navdmp.com
sync.navdmp.com
cd.navdmp.com
17    151.101.66.133 (United States)

ASN54113 (FASTLY, US)
cdn.krxd.net
consumer.krxd.net
9    23.73.244.44 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-244-44.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
secure-assets.rubiconproject.com
7    201.7.177.167 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
static.infoglobo.com.br
25    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
vidstat.taboola.com
imprchmp.taboola.com
match.taboola.com
1    2607:f8b0:4006:806::2010 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)
gadasource.storage.googleapis.com
1    35.198.44.170 (São Paulo, Brazil)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 170.44.198.35.bc.googleusercontent.com
usergate.globo.com
1    186.192.81.117 (Niterói, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-81-117.prt.globo.com
horizon-schemas.globo.com
2    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
widget.perfectmarket.com
14    34.196.228.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-228-175.compute-1.amazonaws.com
beacon.krxd.net
1    52.35.73.181 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-73-181.us-west-2.compute.amazonaws.com
ivccf.ivcbrasil.org.br
2    35.215.207.122 (São Paulo, Brazil)

ASN15169 (GOOGLE, US)
PTR: 122.207.215.35.bc.googleusercontent.com
globo-mab.globo.com
2    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
9    52.20.189.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-189-152.compute-1.amazonaws.com
usermatch.krxd.net
54    142.251.32.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net
cm.g.doubleclick.net
6    23.209.184.224 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-184-224.deploy.static.akamaitechnologies.com
stags.bluekai.com
11    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
5    54.85.162.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-162-154.compute-1.amazonaws.com
dpm.demdex.net
23    68.67.179.164 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
7    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
14    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
9    207.198.113.88 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    76.13.32.147 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com
cms.analytics.yahoo.com
17    199.127.204.147 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
12    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
sync-t1.taboola.com
sync.taboola.com
15    141.226.124.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
ch-trc-events.taboola.com
ch-match.taboola.com
ch-vid-events.taboola.com
3    2606:4700::6811:b9b1 (United States)

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
buy.tinypass.com
1    13.225.63.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-55.ewr53.r.cloudfront.net
static.hotjar.com
58    142.251.40.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
24    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
2    2600:1f18:612b:4264:5a8a:599d:c48a:3022 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
taboola-supply-partners.tremorhub.com
15    69.12.8.74 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
2    2607:f8b0:4006:81e::2008 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:3030::6815:5476 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
4    2600:141b:13:7a8::268b (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.cxense.com
1    2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
1    2607:f8b0:4006:816::200e (Perth Amboy, United States)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    13.225.63.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-88.ewr53.r.cloudfront.net
script.hotjar.com
1    13.226.39.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-39-89.ewr53.r.cloudfront.net
vars.hotjar.com
2    2607:f8b0:4006:806::200a (Perth Amboy, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2607:f8b0:4004:c09::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    3.92.156.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-156-8.compute-1.amazonaws.com
c2shb.pubgw.yahoo.com
2    2602:803:c002:200::116 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    145.40.89.32 (Ashburn, United States)

ASN54825 (PACKET, US)
p1cluster.cxense.com
comcluster.cxense.com
id.cxense.com
4    2607:f8b0:4006:81d::2002 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
1    34.209.30.241 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-30-241.us-west-2.compute.amazonaws.com
id.sharedid.org
2    34.102.146.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
2    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
11    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    13.226.39.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-39-34.ewr53.r.cloudfront.net
tags.crwdcntrl.net
1    3.19.38.244 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-38-244.us-east-2.compute.amazonaws.com
prod.uidapi.com
7    104.18.133.145 (None, )

ASN13335 (CLOUDFLARENET, US)
t.seedtag.com
cs.seedtag.com
config.seedtag.com
12    2607:f8b0:4006:807::2002 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    3.19.54.139 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-54-139.us-east-2.compute.amazonaws.com
ads.vidoomy.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
14    141.95.98.68 (France)

ASN16276 (OVH, FR)
PTR: ns3216657.ip-141-95-98.eu
id5-sync.com
3    184.29.133.72 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-133-72.deploy.static.akamaitechnologies.com
a.teads.tv
2    54.204.100.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-100-150.compute-1.amazonaws.com
prebid-a.rubiconproject.com
22    104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    23.92.190.68 (Katy, United States)

ASN10913 (INTERNAP-BLK, US)
ce.lijit.com
6    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
9    199.187.193.199 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
sync.smartadserver.com
3    44.208.243.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-243-83.compute-1.amazonaws.com
e1.emxdgt.com
cs.emxdgt.com
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
9    103.229.205.243 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
10    3.230.10.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-10-142.compute-1.amazonaws.com
match.prod.bidr.io
3    3.216.62.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-62-66.compute-1.amazonaws.com
sync.ipredictive.com
6    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
24    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
6    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
7    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
3    13.225.63.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-112.ewr53.r.cloudfront.net
aa.agkn.com
4    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
11    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
google-bidout-d.openx.net
us-u.openx.net
hcodemedia-d.openx.net
vidoomy-d.openx.net
3    52.223.22.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
22    195.244.31.10 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
visitor.omnitagjs.com
visitor-usa02.omnitagjs.com
1    31.220.27.155 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
7    44.196.211.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-211-13.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
21    184.29.132.212 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-132-212.deploy.static.akamaitechnologies.com
ads.pubmatic.com
vpaid.pubmatic.com
1    54.231.227.160 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
25    2607:f8b0:4006:816::2001 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    2607:f8b0:4006:816::2004 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)
www.google.com
3    18.205.219.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-219-62.compute-1.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
8    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
ad.lkqd.net
44    63.251.28.233 (United States)

ASN13789 (INTERNAP-BLK3, US)
ads.stickyadstv.com
1    204.62.13.72 (Clifton, United States)

ASN46636 (NATCOWEB, US)
inv-nets.admixer.net
2    18.198.39.162 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-39-162.eu-central-1.compute.amazonaws.com
a.vidoomy.com
8    3.218.90.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com
ups.analytics.yahoo.com
6    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
7    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
6    2600:1f18:4e9:5a05:453e:66f9:9eff:3281 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
4    65.8.192.196 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-8-192-196.bos50.r.cloudfront.net
c.amazon-adsystem.com
1    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
6    34.234.190.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-190-218.compute-1.amazonaws.com
pixel.adsafeprotected.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
2    63.251.86.50 (Lakeland, United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
7    2600:141b:13:694::26e5 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
s8t.teads.tv
3    69.192.109.215 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-109-215.deploy.static.akamaitechnologies.com
t.teads.tv
32    146.20.132.111 (United States)

ASN27357 (RACKSPACE, US)
v.lkqd.net
cs.lkqd.net
23    35.244.182.124 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 124.182.244.35.bc.googleusercontent.com
s.seedtag.com
ping.seedtag.com
5    2606:4700::6813:ac6c (United States)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
1    47.252.78.131 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
event.clientgear.com
1    8.2.110.134 (United States)

ASN46636 (NATCOWEB, US)
cs.krushmedia.com
3    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
5    2620:116:800b:21:c1e8:5385:5098:6bf0 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
cms.quantserve.com
pixel.quantserve.com
3    35.201.123.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.123.201.35.bc.googleusercontent.com
tags.t.tailtarget.com
d.tailtarget.com
1    34.107.184.81 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 81.184.107.34.bc.googleusercontent.com
nxd.adhaven.com
2    199.38.167.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
30    146.20.128.108 (United States)

ASN27357 (RACKSPACE, US)
t.lkqd.net
15    104.105.42.146 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-105-42-146.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    2600:141b:13::17d7:8230 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
csync.smartadserver.com
7    157.90.211.246 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.246.211.90.157.clients.your-server.de
sync.richaudience.com
8    67.202.105.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net
de.tynt.com
hde.tynt.com
15    51.222.39.187 (Canada)

ASN16276 (OVH, FR)
PTR: ip187.ip-51-222-39.net
onetag-sys.com
10    68.67.179.87 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
10    50.31.142.63 (Lincolnwood, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
4    52.1.8.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-8-172.compute-1.amazonaws.com
sync.springserve.com
vid-io-iad.springserve.com
3    34.195.71.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-71-40.compute-1.amazonaws.com
ad.360yield.com
14    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
4    2607:f8b0:4006:821::2002 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
1    162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
lb.eu-1-id5-sync.com
22    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    108.138.128.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-105.jfk50.r.cloudfront.net
api-2-0.spot.im
4    185.167.164.37 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    109.206.161.21 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.21.serverel.net
sync.e-volution.ai
1    3.12.251.213 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-12-251-213.us-east-2.compute.amazonaws.com
sync.adotmob.com
2    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
1    2600:9000:21dd:2a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2600:141b:13::17d7:822b (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
ced-ns.sascdn.com
1    107.151.8.226 (Piscataway, United States)

ASN55081 (24SHELLS, US)
s.spotim.market
1    2600:141b:5000:3a0::2c79 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
2    199.187.193.197 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync.smartadserver.com
4    213.19.162.80 (United Kingdom)

ASN3356 (LEVEL3, US)
pixel-eu.rubiconproject.com
2    199.187.193.182 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync-global.smartadserver.com
2    162.248.18.11 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
12    2606:ae80:1451:11::2010 (United States)

ASN26762 (CNVR-US-EAST, US)
prebid-match.dotomi.com
33across-match.dotomi.com
pubmatic-match.dotomi.com
amazon-tam-match.dotomi.com
pulsepoint-match.dotomi.com
6    34.117.239.71 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
2    52.73.179.133 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-179-133.compute-1.amazonaws.com
rtb.adentifi.com
2    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
8    2600:1f18:1c96:4103:ff95:23a8:870a:3383 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.tidaltv.com
1    15.235.43.120 (Canada)

ASN16276 (OVH, FR)
PTR: ns5012071.ip-15-235-43.net
gu.dyntrk.com
1    3.220.112.109 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-112-109.compute-1.amazonaws.com
media.sabio.us
1    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
2    23.205.56.183 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-56-183.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    34.229.3.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com
loadm.exelator.com
4    2606:4700:4400::6812:230b (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
3    2600:9000:21da:a400:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
4    192.35.249.143 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
search.spotxchange.com
2    35.186.236.204 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 204.236.186.35.bc.googleusercontent.com
x.vindicosuite.com
2    23.3.125.24 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-125-24.deploy.static.akamaitechnologies.com
video-ads.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    193.122.128.135 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
9    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    173.231.184.20 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: lga-cassandra-1.sys.adgear.com
cm.adgrx.com
2    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
3    54.84.62.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-62-20.compute-1.amazonaws.com
pm.w55c.net
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
2    54.211.243.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-243-57.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    35.211.118.13 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 13.118.211.35.bc.googleusercontent.com
r.bidswitch.net
9    23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.spotim.market
3    23.73.241.119 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-241-119.deploy.static.akamaitechnologies.com
px.owneriq.net
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
4    104.36.115.114 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
5    169.61.103.241 (Brooklyn, United States)

ASN36351 (SOFTLAYER, US)
PTR: f1.67.3da9.ip4.static.sl-reverse.com
um.simpli.fi
2    204.2.255.233 (Fort Lauderdale, United States)

ASN2914 (NTT-LTD-2914, US)
pmp.mxptint.net
5    54.208.23.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-23-128.compute-1.amazonaws.com
sync.aniview.com
1    52.94.220.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
8    2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
cdn.stickyadstv.com
1    52.23.59.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-59-39.compute-1.amazonaws.com
jadserve.postrelease.com
2    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    54.208.69.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-69-179.compute-1.amazonaws.com
rtb.gumgum.com
9    54.209.87.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-87-113.compute-1.amazonaws.com
match.sharethrough.com
1    2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)
rtb.va.us.criteo.com
1    2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)
ads.us.criteo.com
22    35.172.99.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-99-217.compute-1.amazonaws.com
usersync.gumgum.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    34.95.81.168 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
1    2600:1f18:6593:f602:3fd7:c8e3:cbda:5fe9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
1f2e7.v.fwmrm.net
5    2600:9000:21da:ac00:f:9375:3400:93a1 (United States)

ASN16509 (AMAZON-02, US)
usersync.octillion.tv
2    35.211.233.246 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 246.233.211.35.bc.googleusercontent.com
a.sportradarserving.com
4    70.42.32.31 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    85.114.159.93 (Waldshut-Tiengen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    52.203.133.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-133-218.compute-1.amazonaws.com
um2.eqads.com
4    142.251.40.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net
googleads4.g.doubleclick.net
22    2607:f8b0:4006:81d::2006 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)
cat.va.us.criteo.com
2    124.146.215.44 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    23.83.76.65 (Los Angeles, United States)

ASN395954 (LEASEWEB-USA-LAX, US)
usw1.smartadserver.com
2    108.138.128.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-7.jfk50.r.cloudfront.net
cr-p1.ladsp.com
4    68.67.160.137 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
nym1-ib.adnxs.com
3    2600:9000:2140:400:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)
vpaid.springserve.com
1    104.36.115.121 (United States)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
1    2600:141b:9000::687c:2c0 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
apps.sascdn.com
1    209.25.232.94 (Canada)

ASN13768 (COGECO-PEER1, CA)
node-p2w-1utzoa.sitescout.com
2    35.174.63.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-63-80.compute-1.amazonaws.com
q.adrta.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
7    74.119.119.137 (United States)

ASN19750 (AS-CRITEO, US)
PTR: pix.va1.vip.prod.criteo.com
pix.us.criteo.net
2    74.119.119.149 (United States)

ASN19750 (AS-CRITEO, US)
csm.us.criteo.net
2    23.5.239.40 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-5-239-40.deploy.static.akamaitechnologies.com
ssl.connextra.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
2    135.125.160.160 (France)

ASN16276 (OVH, FR)
PTR: ns3198892.ip-135-125-160.eu
c.eu1.dyntrk.com
2    15.235.43.119 (Canada)

ASN16276 (OVH, FR)
PTR: ns5012066.ip-15-235-43.net
c.us1.dyntrk.com
3    142.250.65.230 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f6.1e100.net
ad.doubleclick.net
2    184.29.132.198 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-132-198.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    13.225.63.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-119.ewr53.r.cloudfront.net
pix.adrta.com
1    23.205.53.73 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-53-73.deploy.static.akamaitechnologies.com
sync.teads.tv
1    104.77.220.151 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-220-151.deploy.static.akamaitechnologies.com
su.addthis.com
1    2600:1f14:b4f:4b01:546e:1973:3083:feba (Boardman, United States)

ASN16509 (AMAZON-02, US)
ipv6.adrta.com
2    52.203.70.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-70-231.compute-1.amazonaws.com
adrta.com
1    209.25.233.251 (Canada)

ASN13768 (COGECO-PEER1, CA)
viewability-events-p2w.sitescout.com
1    172.104.121.22 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1731-22.members.linode.com
gocm.c.appier.net
1    5.161.47.120 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.120.47.161.5.clients.your-server.de
matching.truffle.bid
1    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
3    74.222.140.101 (United States)

ASN18672 (EVOCATIVE1, US)
PTR: 74.222.140.101.CUSTOMER.VPLS.NET
match.bnmla.com
1    141.94.170.77 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh
pixel.onaudience.com
2    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    162.248.18.10 (United States)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
3    8.28.7.79 (United States)

ASN62713 (AS-PUBMATIC, US)
vid.pubmatic.com
2    44.193.106.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-106-97.compute-1.amazonaws.com
io.narrative.io
6    23.209.184.201 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-184-201.deploy.static.akamaitechnologies.com
aktrack.pubmatic.com
4    34.102.185.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.185.102.34.bc.googleusercontent.com
b.t.tailtarget.com
tt-12765-5.seg.t.tailtarget.com
t.tailtarget.com
6    54.224.232.249 (None, )

ASN- ()
vast.adsafeprotected.com
unified.adsafeprotected.com
6    2600:9000:2140:dc00:8:48e:53c0:93a1 (None, )

ASN- ()
static.adsafeprotected.com
4    2600:1f18:1aca:4282:66a7:18bc:d1f9:4f18 (None, )

ASN- ()
dt.adsafeprotected.com
1    184.29.132.246 (None, )

ASN- ()
s-static.innovid.com
3    18.208.45.24 (None, )

ASN- ()
s.pixsrvcs.com
1    2600:1901:0:ee17:: (None, )

ASN- ()
mcdonalds.smart.link
1    2600:1f16:b8a:8e00:8730:7e48:c66:3404 (None, )

ASN- ()
rtr.innovid.com
1    199.250.166.129 (None, )

ASN- ()
vae-bid.adsrvr.org
1    34.198.103.0 (None, )

ASN- ()
s.update.stickyadstv.com
Apex Domain
Subdomains		 Transfer
94 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 214
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
stats.g.doubleclick.net — Cisco Umbrella Rank: 108
googleads.g.doubleclick.net — Cisco Umbrella Rank: 52
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 303
ad.doubleclick.net — Cisco Umbrella Rank: 206
748 KB
76 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 672
image6.pubmatic.com — Cisco Umbrella Rank: 634
ads.pubmatic.com — Cisco Umbrella Rank: 492
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 493
image8.pubmatic.com — Cisco Umbrella Rank: 603
image2.pubmatic.com — Cisco Umbrella Rank: 877
image4.pubmatic.com — Cisco Umbrella Rank: 881
t.pubmatic.com — Cisco Umbrella Rank: 4539
vpaid.pubmatic.com — Cisco Umbrella Rank: 5558
simage4.pubmatic.com — Cisco Umbrella Rank: 1252
aud.pubmatic.com — Cisco Umbrella Rank: 5194
vid.pubmatic.com — Cisco Umbrella Rank: 10384
aktrack.pubmatic.com — Cisco Umbrella Rank: 964
397 KB
70 lkqd.net
ad.lkqd.net — Cisco Umbrella Rank: 20373
v.lkqd.net — Cisco Umbrella Rank: 5041
cs.lkqd.net — Cisco Umbrella Rank: 3013
t.lkqd.net — Cisco Umbrella Rank: 17337
230 KB
62 googlesyndication.com
b914bae64ee38a1f51ab4d193a1b562e.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com
3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com
bb772c466fb6df497b37ef72aab4cbbb.safeframe.googlesyndication.com
394 KB
53 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 652
cdn.stickyadstv.com — Cisco Umbrella Rank: 4923
s.update.stickyadstv.com
612 KB
52 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 997
trc.taboola.com — Cisco Umbrella Rank: 707
trc-events.taboola.com — Cisco Umbrella Rank: 1565
vidstat.taboola.com — Cisco Umbrella Rank: 2361
ch-trc-events.taboola.com — Cisco Umbrella Rank: 5297
imprchmp.taboola.com — Cisco Umbrella Rank: 5309
ch-match.taboola.com — Cisco Umbrella Rank: 5420
ch-vid-events.taboola.com — Cisco Umbrella Rank: 5016
sync-t1.taboola.com — Cisco Umbrella Rank: 1134
sync.taboola.com — Cisco Umbrella Rank: 984
match.taboola.com — Cisco Umbrella Rank: 3043
276 KB
50 rubiconproject.com
ads.rubiconproject.com — Cisco Umbrella Rank: 2406
token.rubiconproject.com — Cisco Umbrella Rank: 711
fastlane.rubiconproject.com — Cisco Umbrella Rank: 519
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3006
pixel.rubiconproject.com — Cisco Umbrella Rank: 327
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1015
eus.rubiconproject.com — Cisco Umbrella Rank: 582
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2237
video-ads.rubiconproject.com — Cisco Umbrella Rank: 8816
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 959
202 KB
49 glbimg.com
s3.glbimg.com — Cisco Umbrella Rank: 60004
s2.glbimg.com — Cisco Umbrella Rank: 60957
p.glbimg.com — Cisco Umbrella Rank: 97222
s.glbimg.com — Cisco Umbrella Rank: 70060
1 MB
40 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 230
secure.adnxs.com — Cisco Umbrella Rank: 463
nym1-ib.adnxs.com — Cisco Umbrella Rank: 1270
cdn.adnxs.com — Cisco Umbrella Rank: 1411
acdn.adnxs.com — Cisco Umbrella Rank: 604
86 KB
40 krxd.net
cdn.krxd.net — Cisco Umbrella Rank: 1459
beacon.krxd.net — Cisco Umbrella Rank: 515
consumer.krxd.net — Cisco Umbrella Rank: 1892
usermatch.krxd.net — Cisco Umbrella Rank: 1240
428 KB
30 seedtag.com
t.seedtag.com — Cisco Umbrella Rank: 13356
s.seedtag.com — Cisco Umbrella Rank: 7362
cs.seedtag.com — Cisco Umbrella Rank: 18319
config.seedtag.com — Cisco Umbrella Rank: 18737
ping.seedtag.com
178 KB
27 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 304
s.amazon-adsystem.com — Cisco Umbrella Rank: 282
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1260
63 KB
25 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 292
r.bidswitch.net — Cisco Umbrella Rank: 6171
11 KB
25 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 371
insight.adsrvr.org
vae-bid.adsrvr.org
13 KB
24 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1284
usersync.gumgum.com — Cisco Umbrella Rank: 1974
7 KB
22 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 280
174 KB
22 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 596
vast.adsafeprotected.com
static.adsafeprotected.com
dt.adsafeprotected.com
unified.adsafeprotected.com
321 KB
22 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1265
visitor-usa02.omnitagjs.com — Cisco Umbrella Rank: 8621
5 KB
22 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 407
dis.criteo.com — Cisco Umbrella Rank: 712
mug.criteo.com — Cisco Umbrella Rank: 2790
rtb.va.us.criteo.com — Cisco Umbrella Rank: 5419
ads.us.criteo.com — Cisco Umbrella Rank: 2156
cat.va.us.criteo.com — Cisco Umbrella Rank: 2686
73 KB
20 criteo.net
static.criteo.net — Cisco Umbrella Rank: 655
pix.us.criteo.net — Cisco Umbrella Rank: 2272
csm.us.criteo.net — Cisco Umbrella Rank: 2215
192 KB
19 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 521
search.spotxchange.com — Cisco Umbrella Rank: 450
13 KB
18 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 600
csync.smartadserver.com — Cisco Umbrella Rank: 3864
sync.smartadserver.com — Cisco Umbrella Rank: 1678
ssbsync.smartadserver.com — Cisco Umbrella Rank: 939
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1937
usw1.smartadserver.com — Cisco Umbrella Rank: 18359
26 KB
18 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 796
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 943
ups.analytics.yahoo.com — Cisco Umbrella Rank: 278
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 488
10 KB
16 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1301
id5-sync.com — Cisco Umbrella Rank: 508
43 KB
16 globo.com
glamour.globo.com
recomendacao.globo.com — Cisco Umbrella Rank: 120876
id.globo.com — Cisco Umbrella Rank: 245500
cocoon.globo.com — Cisco Umbrella Rank: 85562
horizon.globo.com — Cisco Umbrella Rank: 61773
globo-ab.globo.com — Cisco Umbrella Rank: 83832
usergate.globo.com — Cisco Umbrella Rank: 72714
horizon-schemas.globo.com — Cisco Umbrella Rank: 64369
globo-mab.globo.com — Cisco Umbrella Rank: 74075
horizon-track.globo.com — Cisco Umbrella Rank: 53389
151 KB
15 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
7 KB
15 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 539
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 456
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 525
14 KB
15 imageboss.me
img.imageboss.me — Cisco Umbrella Rank: 281001
34 KB
14 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 999
events-ssc.33across.com — Cisco Umbrella Rank: 2418
5 KB
14 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1278
s8t.teads.tv — Cisco Umbrella Rank: 2886
t.teads.tv — Cisco Umbrella Rank: 2388
sync.teads.tv — Cisco Umbrella Rank: 1030
134 KB
14 openx.net
oajs.openx.net — Cisco Umbrella Rank: 3064
u.openx.net — Cisco Umbrella Rank: 705
google-bidout-d.openx.net — Cisco Umbrella Rank: 2947
us-u.openx.net — Cisco Umbrella Rank: 399
hcodemedia-d.openx.net — Cisco Umbrella Rank: 40693
vidoomy-d.openx.net — Cisco Umbrella Rank: 34723
rtb.openx.net — Cisco Umbrella Rank: 1517
3 KB
12 dotomi.com
prebid-match.dotomi.com — Cisco Umbrella Rank: 2522
33across-match.dotomi.com — Cisco Umbrella Rank: 3771
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3549
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 5099
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 6447
4 KB
12 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 194
446 KB
12 google.com
ampcid.google.com — Cisco Umbrella Rank: 1867
adservice.google.com — Cisco Umbrella Rank: 88
www.google.com — Cisco Umbrella Rank: 9
3 KB
12 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 146
6 KB
11 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 570
7 KB
11 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 602
node-p2w-1utzoa.sitescout.com — Cisco Umbrella Rank: 168685
viewability-events-p2w.sitescout.com — Cisco Umbrella Rank: 22009
8 KB
10 spotim.market
s.spotim.market — Cisco Umbrella Rank: 7712
sync.spotim.market — Cisco Umbrella Rank: 1731
5 KB
10 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 572
6 KB
10 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 504
4 KB
9 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 544
3 KB
9 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 476
5 KB
9 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 361
164 KB
9 anamarialopez.site
sandramaria.online.anamarialopez.site
36 KB
8 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1122
3 KB
8 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 509
tags.bluekai.com — Cisco Umbrella Rank: 486
5 KB
7 springserve.com
sync.springserve.com — Cisco Umbrella Rank: 3836
vpaid.springserve.com — Cisco Umbrella Rank: 10370
vid-io-iad.springserve.com — Cisco Umbrella Rank: 7937
313 KB
7 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1918
3 KB
7 tailtarget.com
tags.t.tailtarget.com — Cisco Umbrella Rank: 59863
d.tailtarget.com — Cisco Umbrella Rank: 70679
b.t.tailtarget.com — Cisco Umbrella Rank: 55546
tt-12765-5.seg.t.tailtarget.com — Cisco Umbrella Rank: 143641
t.tailtarget.com — Cisco Umbrella Rank: 5975
24 KB
7 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 590
1 KB
7 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 754
2 KB
7 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 464
807 B
7 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 4785
p1cluster.cxense.com — Cisco Umbrella Rank: 7043
comcluster.cxense.com — Cisco Umbrella Rank: 4555
id.cxense.com — Cisco Umbrella Rank: 8989
67 KB
7 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 310
id.rlcdn.com — Cisco Umbrella Rank: 592
api.rlcdn.com Failed
948 B
7 infoglobo.com.br
static.infoglobo.com.br — Cisco Umbrella Rank: 197106
72 KB
7 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 887
57 KB
7 gstatic.com
fonts.gstatic.com
90 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
gadasource.storage.googleapis.com — Cisco Umbrella Rank: 55676
imasdk.googleapis.com — Cisco Umbrella Rank: 440
313 KB
6 adrta.com
q.adrta.com — Cisco Umbrella Rank: 2397
pix.adrta.com — Cisco Umbrella Rank: 3139
ipv6.adrta.com — Cisco Umbrella Rank: 2527
adrta.com — Cisco Umbrella Rank: 1606
34 KB
6 aniview.com
player.aniview.com — Cisco Umbrella Rank: 1628
sync.aniview.com — Cisco Umbrella Rank: 2462
3 KB
6 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 929
868 B
6 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 522
5 KB
6 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1049
3 KB
6 navdmp.com
tag.navdmp.com — Cisco Umbrella Rank: 24463
usr.navdmp.com — Cisco Umbrella Rank: 28862
cdn.navdmp.com — Cisco Umbrella Rank: 5189
sync.navdmp.com — Cisco Umbrella Rank: 8544
cd.navdmp.com — Cisco Umbrella Rank: 232187
6 KB
5 octillion.tv
usersync.octillion.tv
2 KB
5 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 851
2 KB
5 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1307
c.eu1.dyntrk.com — Cisco Umbrella Rank: 5005
c.us1.dyntrk.com — Cisco Umbrella Rank: 2050
3 KB
5 adform.net
cm.adform.net — Cisco Umbrella Rank: 1550
c1.adform.net — Cisco Umbrella Rank: 612
2 KB
5 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 976
cms.quantserve.com — Cisco Umbrella Rank: 1072
pixel.quantserve.com — Cisco Umbrella Rank: 458
11 KB
5 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 942
2 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
40 KB
5 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 201
4 KB
5 hotmart.com
launcher.hotmart.com — Cisco Umbrella Rank: 203077
identification.hotmart.com — Cisco Umbrella Rank: 215014
tracking-api.hotmart.com — Cisco Umbrella Rank: 86788
9 KB
4 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 744
1 KB
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 816
s.tribalfusion.com — Cisco Umbrella Rank: 2148
2 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 792
d.turn.com — Cisco Umbrella Rank: 983
2 KB
4 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 958
1 KB
4 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 936
ap.lijit.com — Cisco Umbrella Rank: 654
3 KB
4 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1220
bcp.crwdcntrl.net — Cisco Umbrella Rank: 820
sync.crwdcntrl.net — Cisco Umbrella Rank: 728
10 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 158
137 KB
4 converteai.net
images.converteai.net — Cisco Umbrella Rank: 359381
scripts.converteai.net — Cisco Umbrella Rank: 367868
cdn.converteai.net — Cisco Umbrella Rank: 294551
186 KB
3 pixsrvcs.com
s.pixsrvcs.com
54 KB
3 bnmla.com
match.bnmla.com — Cisco Umbrella Rank: 2815
2 KB
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1018
2 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 783
2 KB
3 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1099
2 KB
3 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 740
1 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 668
1 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 671
849 B
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 418
1 KB
3 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 461
2 KB
3 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1010
1 KB
3 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 1258
cs.emxdgt.com — Cisco Umbrella Rank: 952
529 B
3 vidoomy.com
ads.vidoomy.com — Cisco Umbrella Rank: 20932
a.vidoomy.com — Cisco Umbrella Rank: 9834
6 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 619
script.hotjar.com — Cisco Umbrella Rank: 853
vars.hotjar.com — Cisco Umbrella Rank: 858
68 KB
3 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 7044
cdn.tinypass.com — Cisco Umbrella Rank: 5170
buy.tinypass.com — Cisco Umbrella Rank: 4159
96 KB
3 jsdelivr.net
fastly.jsdelivr.net — Cisco Umbrella Rank: 93615
cdn.jsdelivr.net — Cisco Umbrella Rank: 422
8 KB
2 innovid.com
s-static.innovid.com Failed
s.innovid.com Failed
rtr.innovid.com
2 MB
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 3943
643 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1070
1 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 4545
624 B
2 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1891
mwzeom.zeotap.com — Cisco Umbrella Rank: 1478
896 B
2 connextra.com
ssl.connextra.com — Cisco Umbrella Rank: 9869
1016 B
2 ladsp.com
cr-p1.ladsp.com — Cisco Umbrella Rank: 16846
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1000
2 KB
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 3830
563 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2550
966 B
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 5320
965 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 794
717 B
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1369
835 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 913
547 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1500
1 KB
2 vindicosuite.com
x.vindicosuite.com — Cisco Umbrella Rank: 11162
967 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 5040
745 B
2 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1195
69 B
2 sascdn.com
ced-ns.sascdn.com — Cisco Umbrella Rank: 2661
apps.sascdn.com — Cisco Umbrella Rank: 8386
4 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 111
430 B
2 bttrack.com
bttrack.com — Cisco Umbrella Rank: 745
805 B
2 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1475
hde.tynt.com — Cisco Umbrella Rank: 4682
3 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 743
1 KB
2 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 3290
16 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
113 KB
2 tremorhub.com
taboola-supply-partners.tremorhub.com — Cisco Umbrella Rank: 3201
1 KB
2 perfectmarket.com
widget.perfectmarket.com — Cisco Umbrella Rank: 3366
34 KB
2 vturb.com.br
api.vturb.com.br — Cisco Umbrella Rank: 344902
133 B
1 smart.link
mcdonalds.smart.link
94 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2578
534 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4114
462 B
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3653
400 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6445
281 B
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3963
348 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 7014
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2343
395 B
1 addthis.com
su.addthis.com — Cisco Umbrella Rank: 2363
507 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 219
5 KB
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1558
452 B
1 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 3338
536 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 2596
269 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1147
538 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1330
674 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 370
572 B
1 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1363
324 B
1 sabio.us
media.sabio.us — Cisco Umbrella Rank: 30919
236 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 933
1 KB
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1370
730 B
1 e-volution.ai
sync.e-volution.ai — Cisco Umbrella Rank: 2474
506 B
1 spot.im
api-2-0.spot.im — Cisco Umbrella Rank: 2926
191 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1638
331 B
1 adhaven.com
nxd.adhaven.com — Cisco Umbrella Rank: 43314
276 B
1 krushmedia.com
cs.krushmedia.com — Cisco Umbrella Rank: 5112
571 B
1 clientgear.com
event.clientgear.com — Cisco Umbrella Rank: 1932
106 B
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1269
contextual.media.net Failed
454 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2604
582 B
1 amazonaws.com
s3.amazonaws.com
14 KB
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2800
463 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 3867
46 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 992
763 B
1 uidapi.com
prod.uidapi.com — Cisco Umbrella Rank: 3344
5 KB
1 sharedid.org
id.sharedid.org — Cisco Umbrella Rank: 3504
904 B
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 3893
4 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 4337
3 KB
1 ivcbrasil.org.br
ivccf.ivcbrasil.org.br — Cisco Umbrella Rank: 114472
461 B
0 doubleverify.com Failed
cdn.doubleverify.com Failed
0 indexww.com Failed
js-sec.indexww.com Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 nexac.com Failed
r.nexac.com Failed
0 wtfismyip.com Failed
wtfismyip.com Failed
1053 167
Domain Requested by
54 cm.g.doubleclick.net 29 redirects glamour.globo.com
google-bidout-d.openx.net
onetag-sys.com
eus.rubiconproject.com
googleads.g.doubleclick.net
rtb.gumgum.com
3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com
9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com
44 ads.stickyadstv.com 19 redirects glamour.globo.com
ad.lkqd.net
cdn.stickyadstv.com
30 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.googletagservices.com
9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com
3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com
glamour.globo.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
ad.doubleclick.net
pagead2.googlesyndication.com
30 t.lkqd.net ad.lkqd.net
30 securepubads.g.doubleclick.net tags.tiqcdn.com
securepubads.g.doubleclick.net
sandramaria.online.anamarialopez.site
www.googletagservices.com
a.teads.tv
bb772c466fb6df497b37ef72aab4cbbb.safeframe.googlesyndication.com
30 s3.glbimg.com glamour.globo.com
p.glbimg.com
s.glbimg.com
s3.glbimg.com
tags.tiqcdn.com
25 cs.lkqd.net 4 redirects ad.lkqd.net
glamour.globo.com
25 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com
3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com
glamour.globo.com
bb772c466fb6df497b37ef72aab4cbbb.safeframe.googlesyndication.com
ad.doubleclick.net
pagead2.googlesyndication.com
24 x.bidswitch.net 21 redirects glamour.globo.com
onetag-sys.com
23 ib.adnxs.com 14 redirects glamour.globo.com
ads.pubmatic.com
googleads.g.doubleclick.net
vpaid.springserve.com
acdn.adnxs.com
22 s0.2mdn.net 9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com
3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com
bb772c466fb6df497b37ef72aab4cbbb.safeframe.googlesyndication.com
ad.doubleclick.net
s0.2mdn.net
22 usersync.gumgum.com 1 redirects s.spotim.market
rtb.gumgum.com
22 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
onetag-sys.com
s.amazon-adsystem.com
eus.rubiconproject.com
bh.contextweb.com
ssum-sec.casalemedia.com
match.sharethrough.com
rtb.gumgum.com
glamour.globo.com
22 s.seedtag.com t.seedtag.com
cs.seedtag.com
onetag-sys.com
hde.tynt.com
eus.rubiconproject.com
ads.pubmatic.com
config.seedtag.com
22 simage2.pubmatic.com 2 redirects glamour.globo.com
ads.pubmatic.com
22 match.adsrvr.org 21 redirects ads.pubmatic.com
17 visitor.omnitagjs.com glamour.globo.com
cs.seedtag.com
visitor.omnitagjs.com
player.aniview.com
ssbsync.smartadserver.com
eus.rubiconproject.com
s.spotim.market
ads.pubmatic.com
15 onetag-sys.com 3 redirects cs.seedtag.com
onetag-sys.com
s.spotim.market
15 eus.rubiconproject.com cs.seedtag.com
visitor.omnitagjs.com
eus.rubiconproject.com
hde.tynt.com
player.aniview.com
rtb.gumgum.com
ads.rubiconproject.com
ads.pubmatic.com
15 sync.search.spotxchange.com 14 redirects cs.seedtag.com
15 img.imageboss.me sandramaria.online.anamarialopez.site
14 ads.pubmatic.com securepubads.g.doubleclick.net
cs.seedtag.com
visitor.omnitagjs.com
hde.tynt.com
ads.pubmatic.com
s.spotim.market
rtb.gumgum.com
vpaid.pubmatic.com
14 id5-sync.com 10 redirects cdn.id5-sync.com
sync.richaudience.com
ads.pubmatic.com
14 beacon.krxd.net tag.navdmp.com
glamour.globo.com
cdn.krxd.net
13 ch-trc-events.taboola.com glamour.globo.com
cdn.taboola.com
13 cdn.taboola.com sandramaria.online.anamarialopez.site
cdn.taboola.com
client
glamour.globo.com
12 www.googletagservices.com securepubads.g.doubleclick.net
9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com
3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com
config.seedtag.com
nym1-ib.adnxs.com
www.googletagservices.com
bb772c466fb6df497b37ef72aab4cbbb.safeframe.googlesyndication.com
ad.doubleclick.net
12 sb.scorecardresearch.com 3 redirects glamour.globo.com
cdn.taboola.com
11 static.criteo.net securepubads.g.doubleclick.net
ads.us.criteo.com
11 sync.1rx.io 11 redirects
11 gum.criteo.com 7 redirects static.criteo.net
11 cdn.krxd.net tags.tiqcdn.com
cdn.krxd.net
10 b1sync.zemanta.com 10 redirects
10 secure.adnxs.com 10 redirects
10 match.prod.bidr.io 10 redirects
10 s2.glbimg.com glamour.globo.com
s3.glbimg.com
9 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
um2.eqads.com
9 match.sharethrough.com 4 redirects s.amazon-adsystem.com
match.sharethrough.com
9 sync.spotim.market 2 redirects ads.pubmatic.com
s.spotim.market
onetag-sys.com
9 image2.pubmatic.com ads.pubmatic.com
9 sync.mathtag.com 9 redirects
9 pixel-sync.sitescout.com 6 redirects glamour.globo.com
config.seedtag.com
9 usermatch.krxd.net 8 redirects ads.pubmatic.com
9 cdn.ampproject.org glamour.globo.com
cdn.ampproject.org
9 sandramaria.online.anamarialopez.site sandramaria.online.anamarialopez.site
8 cdn.stickyadstv.com ad.lkqd.net
cdn.stickyadstv.com
8 sync.tidaltv.com 8 redirects
8 ssc-cms.33across.com 8 redirects
8 ups.analytics.yahoo.com 6 redirects onetag-sys.com
8 ad.lkqd.net sandramaria.online.anamarialopez.site
ad.lkqd.net
8 trc.taboola.com 1 redirects cdn.taboola.com
imprchmp.taboola.com
ch-match.taboola.com
glamour.globo.com
8 s.glbimg.com glamour.globo.com
s.glbimg.com
tags.tiqcdn.com
s3.glbimg.com
7 vpaid.pubmatic.com vpaid.springserve.com
blank
ad.lkqd.net
7 pix.us.criteo.net ads.us.criteo.com
7 sync.richaudience.com 3 redirects cs.seedtag.com
sync.richaudience.com
7 v.lkqd.net ad.lkqd.net
7 s8t.teads.tv glamour.globo.com
7 sync-tm.everesttech.net 7 redirects
7 www.google.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com
3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com
7 sync.srv.stackadapt.com 7 redirects
7 pixel.tapad.com 6 redirects glamour.globo.com
7 pixel.rubiconproject.com 2 redirects onetag-sys.com
eus.rubiconproject.com
7 sync-t1.taboola.com imprchmp.taboola.com
ch-match.taboola.com
glamour.globo.com
7 token.rubiconproject.com 4 redirects glamour.globo.com
eus.rubiconproject.com
7 static.infoglobo.com.br tags.tiqcdn.com
static.infoglobo.com.br
7 tags.tiqcdn.com glamour.globo.com
tags.tiqcdn.com
7 fonts.gstatic.com fonts.googleapis.com
glamour.globo.com
6 static.adsafeprotected.com cdn.stickyadstv.com
static.adsafeprotected.com
blank
6 aktrack.pubmatic.com glamour.globo.com
6 events-ssc.33across.com hde.tynt.com
eus.rubiconproject.com
ads.pubmatic.com
6 secure-assets.rubiconproject.com 6 redirects
6 pixel.adsafeprotected.com 1 redirects ads.pubmatic.com
static.adsafeprotected.com
6 pr-bh.ybp.yahoo.com 3 redirects google-bidout-d.openx.net
ads.pubmatic.com
ssum-sec.casalemedia.com
6 us-u.openx.net 1 redirects google-bidout-d.openx.net
config.seedtag.com
ads.pubmatic.com
6 mug.criteo.com glamour.globo.com
6 odr.mookie1.com 6 redirects
6 image6.pubmatic.com 2 redirects ads.pubmatic.com
6 rtb-csync.smartadserver.com 2 redirects glamour.globo.com
ssbsync.smartadserver.com
6 bh.contextweb.com 2 redirects glamour.globo.com
s.amazon-adsystem.com
bh.contextweb.com
6 sync.targeting.unrulymedia.com 4 redirects glamour.globo.com
6 stags.bluekai.com 4 redirects glamour.globo.com
6 consumer.krxd.net cdn.krxd.net
5 unified.adsafeprotected.com 1 redirects
5 usersync.octillion.tv 5 redirects
5 sync.aniview.com 1 redirects player.aniview.com
eus.rubiconproject.com
5 um.simpli.fi 5 redirects
5 visitor-usa02.omnitagjs.com visitor.omnitagjs.com
5 ssum-sec.casalemedia.com 3 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
5 csync.loopme.me 5 redirects
5 www.google-analytics.com tags.tiqcdn.com
www.googletagmanager.com
glamour.globo.com
5 idsync.rlcdn.com 1 redirects glamour.globo.com
config.seedtag.com
5 dpm.demdex.net 2 redirects glamour.globo.com
config.seedtag.com
4 dt.adsafeprotected.com
4 nym1-ib.adnxs.com config.seedtag.com
nym1-ib.adnxs.com
cdn.adnxs.com
4 googleads4.g.doubleclick.net googleads.g.doubleclick.net
ad.doubleclick.net
4 sync.outbrain.com 3 redirects rtb.gumgum.com
4 search.spotxchange.com ad.lkqd.net
4 prebid-match.dotomi.com 4 redirects
4 pixel-eu.rubiconproject.com 2 redirects onetag-sys.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 c.amazon-adsystem.com s3.amazonaws.com
c.amazon-adsystem.com
4 rtb.mfadsrvr.com 4 redirects
4 sync.taboola.com 2 redirects glamour.globo.com
4 t.seedtag.com securepubads.g.doubleclick.net
t.seedtag.com
4 adservice.google.com securepubads.g.doubleclick.net
4 cdn.cxense.com cdn.tinypass.com
cdn.cxense.com
4 connect.facebook.net sandramaria.online.anamarialopez.site
connect.facebook.net
4 fonts.googleapis.com sandramaria.online.anamarialopez.site
glamour.globo.com
3 s.pixsrvcs.com cdn.stickyadstv.com
s.pixsrvcs.com
3 vid-io-iad.springserve.com vpaid.springserve.com
3 vid.pubmatic.com vpaid.pubmatic.com
3 match.bnmla.com 3 redirects
3 ad.doubleclick.net 1 redirects www.googletagservices.com
3 vpaid.springserve.com ad.lkqd.net
3 px.owneriq.net 3 redirects
3 pm.w55c.net 3 redirects
3 sync.technoratimedia.com 3 redirects
3 s.ad.smaato.net 3 redirects
3 creativecdn.com 3 redirects
3 ad.360yield.com 3 redirects
3 sync.smartadserver.com 3 redirects
3 csync.smartadserver.com cs.seedtag.com
csync.smartadserver.com
3 ad.turn.com 3 redirects
3 t.teads.tv glamour.globo.com
3 eb2.3lift.com 2 redirects glamour.globo.com
3 aa.agkn.com 2 redirects ads.pubmatic.com
3 sync.ipredictive.com 3 redirects
3 a.teads.tv securepubads.g.doubleclick.net
a.teads.tv
3 horizon-track.globo.com s3.glbimg.com
3 ads.rubiconproject.com tags.tiqcdn.com
ads.rubiconproject.com
3 cocoon.globo.com s.glbimg.com
2 insight.adsrvr.org
2 b.t.tailtarget.com d.tailtarget.com
2 d.tailtarget.com sandramaria.online.anamarialopez.site
d.tailtarget.com
2 io.narrative.io 1 redirects glamour.globo.com
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 adrta.com pix.adrta.com
2 simage4.pubmatic.com ads.pubmatic.com
2 acdn.adnxs.com config.seedtag.com
ads.pubmatic.com
2 bb772c466fb6df497b37ef72aab4cbbb.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 c.us1.dyntrk.com 2 redirects
2 c.eu1.dyntrk.com 2 redirects
2 ssl.connextra.com 1 redirects config.seedtag.com
2 csm.us.criteo.net ads.us.criteo.com
2 q.adrta.com config.seedtag.com
q.adrta.com
2 cr-p1.ladsp.com 2 redirects
2 usw1.smartadserver.com glamour.globo.com
config.seedtag.com
2 tg.socdm.com 2 redirects
2 cs.emxdgt.com 2 redirects
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 a.sportradarserving.com 2 redirects
2 pulsepoint-match.dotomi.com 2 redirects
2 config.seedtag.com sandramaria.online.anamarialopez.site
2 googleads.g.doubleclick.net 9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com
sandramaria.online.anamarialopez.site
2 amazon-tam-match.dotomi.com 2 redirects
2 rtb.gumgum.com s.amazon-adsystem.com
glamour.globo.com
2 pixel-us-east.rubiconproject.com 2 redirects
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 pubmatic-match.dotomi.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 pippio.com 2 redirects
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 match.deepintent.com 1 redirects ads.pubmatic.com
2 cm.adgrx.com 2 redirects
2 pixel.quantserve.com 1 redirects glamour.globo.com
2 video-ads.rubiconproject.com ad.lkqd.net
2 x.vindicosuite.com ad.lkqd.net
2 sync.crwdcntrl.net glamour.globo.com
2 s.tribalfusion.com 1 redirects ads.pubmatic.com
2 a.tribalfusion.com 2 redirects
2 cms.quantserve.com 1 redirects 9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com
2 tags.bluekai.com 2 redirects
2 pool.admedo.com 2 redirects
2 rtb.adentifi.com glamour.globo.com
ads.pubmatic.com
2 33across-match.dotomi.com 2 redirects
2 image8.pubmatic.com onetag-sys.com
2 ssbsync-global.smartadserver.com onetag-sys.com
2 ssbsync.smartadserver.com 1 redirects visitor.omnitagjs.com
2 www.facebook.com glamour.globo.com
2 bttrack.com 2 redirects
2 id.rlcdn.com 1 redirects visitor.omnitagjs.com
2 3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 p.rfihub.com ad.lkqd.net
2 ap.lijit.com 1 redirects ads.pubmatic.com
2 a.vidoomy.com glamour.globo.com
2 u.openx.net 1 redirects glamour.globo.com
2 match.taboola.com glamour.globo.com
ads.pubmatic.com
2 dis.criteo.com 2 redirects
2 ce.lijit.com 1 redirects glamour.globo.com
2 prebid-a.rubiconproject.com ads.rubiconproject.com
2 oajs.openx.net 1 redirects glamour.globo.com
2 cdn.id5-sync.com securepubads.g.doubleclick.net
sandramaria.online.anamarialopez.site
2 oa.openxcdn.net securepubads.g.doubleclick.net
2 fastlane.rubiconproject.com ads.rubiconproject.com
ads.pubmatic.com
2 c2shb.pubgw.yahoo.com ads.rubiconproject.com
2 imasdk.googleapis.com s3.glbimg.com
2 www.googletagmanager.com tags.tiqcdn.com
s0.2mdn.net
2 taboola-supply-partners.tremorhub.com 2 redirects
2 sync.navdmp.com glamour.globo.com
2 cms.analytics.yahoo.com 2 redirects
2 cdn.jsdelivr.net ads.rubiconproject.com
2 globo-mab.globo.com s3.glbimg.com
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
2 api.vturb.com.br cdn.converteai.net
2 cdn.converteai.net scripts.converteai.net
cdn.converteai.net
2 identification.hotmart.com launcher.hotmart.com
2 glamour.globo.com sandramaria.online.anamarialopez.site
glamour.globo.com
2 launcher.hotmart.com sandramaria.online.anamarialopez.site
launcher.hotmart.com
1 s.update.stickyadstv.com
1 vae-bid.adsrvr.org
1 rtr.innovid.com
1 mcdonalds.smart.link
1 s-static.innovid.com
1 ping.seedtag.com t.seedtag.com
1 vast.adsafeprotected.com cdn.stickyadstv.com
1 t.tailtarget.com
1 tt-12765-5.seg.t.tailtarget.com d.tailtarget.com
1 match.adsby.bidtheatre.com 1 redirects
1 ads.playground.xyz 1 redirects
1 aud.pubmatic.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 mweb.ck.inmobi.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 viewability-events-p2w.sitescout.com pix.adrta.com
1 ipv6.adrta.com pix.adrta.com
1 su.addthis.com config.seedtag.com
1 sync.teads.tv config.seedtag.com
1 pix.adrta.com q.adrta.com
1 cdn.adnxs.com nym1-ib.adnxs.com
1 cdnjs.cloudflare.com ads.us.criteo.com
1 node-p2w-1utzoa.sitescout.com config.seedtag.com
1 apps.sascdn.com config.seedtag.com
1 t.pubmatic.com ads.pubmatic.com
1 cat.va.us.criteo.com ads.us.criteo.com
1 dsp.adfarm1.adition.com 1 redirects
1 1f2e7.v.fwmrm.net 1 redirects
1 euexchangesync.digitaleast.mobi 1 redirects
1 rtb.openx.net 1 redirects
1 ads.us.criteo.com 3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com
1 rtb.va.us.criteo.com sandramaria.online.anamarialopez.site
1 jadserve.postrelease.com 1 redirects
1 aax-eu.amazon-adsystem.com ssbsync.smartadserver.com
1 r.bidswitch.net 1 redirects
1 ums.acuityplatform.com 1 redirects
1 px.ads.linkedin.com eus.rubiconproject.com
1 vidoomy-d.openx.net ad.lkqd.net
1 loadm.exelator.com glamour.globo.com
1 d.turn.com 1 redirects
1 media.sabio.us 1 redirects
1 gu.dyntrk.com glamour.globo.com
1 player.aniview.com visitor.omnitagjs.com
1 s.spotim.market visitor.omnitagjs.com
1 ced-ns.sascdn.com csync.smartadserver.com
1 rules.quantcount.com secure.quantserve.com
1 sync.adotmob.com 1 redirects
1 sync.e-volution.ai 1 redirects
1 api-2-0.spot.im visitor.omnitagjs.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 cm.adform.net cs.seedtag.com
1 sync.springserve.com 1 redirects
1 hde.tynt.com cs.seedtag.com
1 de.tynt.com 1 redirects
1 nxd.adhaven.com 1 redirects
1 cs.seedtag.com t.seedtag.com
1 tags.t.tailtarget.com t.seedtag.com
1 secure.quantserve.com t.seedtag.com
1 cs.krushmedia.com 1 redirects
1 event.clientgear.com ad.lkqd.net
1 prebid.media.net ads.pubmatic.com
1 htlb.casalemedia.com ads.pubmatic.com
1 hbopenbid.pubmatic.com ads.pubmatic.com
1 hcodemedia-d.openx.net ads.pubmatic.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 inv-nets.admixer.net 1 redirects
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 s3.amazonaws.com securepubads.g.doubleclick.net
1 t.adx.opera.com glamour.globo.com
1 s.uuidksinc.net glamour.globo.com
1 sync.go.sonobi.com 1 redirects
1 e1.emxdgt.com glamour.globo.com
1 ads.vidoomy.com securepubads.g.doubleclick.net
1 prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 id.sharedid.org securepubads.g.doubleclick.net
1 id.cxense.com cdn.cxense.com
1 comcluster.cxense.com cdn.cxense.com
1 b914bae64ee38a1f51ab4d193a1b562e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 p1cluster.cxense.com cdn.cxense.com
1 stats.g.doubleclick.net www.google-analytics.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 ampcid.google.com www.google-analytics.com
1 c2.piano.io cdn.tinypass.com
1 buy.tinypass.com cdn.tinypass.com
1 www.npttech.com static.infoglobo.com.br
1 cdn.tinypass.com experience.tinypass.com
1 static.hotjar.com tags.tiqcdn.com
1 ch-vid-events.taboola.com glamour.globo.com
1 ch-match.taboola.com vidstat.taboola.com
1 imprchmp.taboola.com vidstat.taboola.com
1 experience.tinypass.com static.infoglobo.com.br
1 vidstat.taboola.com cdn.taboola.com
1 cd.navdmp.com glamour.globo.com
1 trc-events.taboola.com cdn.taboola.com
1 ivccf.ivcbrasil.org.br glamour.globo.com
1 cdn.navdmp.com tag.navdmp.com
1 horizon-schemas.globo.com s3.glbimg.com
1 usr.navdmp.com tag.navdmp.com
1 usergate.globo.com tags.tiqcdn.com
1 gadasource.storage.googleapis.com tags.tiqcdn.com
1 tag.navdmp.com tags.tiqcdn.com
1 globo-ab.globo.com p.glbimg.com
1 horizon.globo.com glamour.globo.com
1 id.globo.com 1 redirects
1 p.glbimg.com glamour.globo.com
1 recomendacao.globo.com glamour.globo.com
1 tracking-api.hotmart.com launcher.hotmart.com
1 fastly.jsdelivr.net sandramaria.online.anamarialopez.site
1 scripts.converteai.net sandramaria.online.anamarialopez.site
1 images.converteai.net sandramaria.online.anamarialopez.site
0 cdn.doubleverify.com Failed ad.lkqd.net
0 contextual.media.net Failed ads.pubmatic.com
0 js-sec.indexww.com Failed ads.pubmatic.com
0 s.innovid.com Failed
0 api.rlcdn.com Failed ads.pubmatic.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 r.nexac.com Failed glamour.globo.com
0 wtfismyip.com Failed sandramaria.online.anamarialopez.site
1053 334
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.converteai.net
Amazon		 2021-10-20 -
2022-11-18		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-09 -
2023-06-09		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-03 -
2022-09-01		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-21 -
2023-04-22		 a year crt.sh
glamour.globo.com
R3		 2022-08-24 -
2022-11-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
data.hotmart.com
Amazon		 2022-01-04 -
2023-02-01		 a year crt.sh
vturb2.converteai.net
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
hotmart.com
Amazon		 2022-06-12 -
2023-07-11		 a year crt.sh
*.vturb.com.br
Amazon		 2021-12-17 -
2023-01-16		 a year crt.sh
s3.glbimg.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-05-21 -
2023-05-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
*.glbimg.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-05-29 -
2023-05-30		 a year crt.sh
recomendacao.globo.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-01-04 -
2023-01-04		 a year crt.sh
cocoon.globo.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-10-15 -
2022-10-15		 a year crt.sh
horizon.globo.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-11-11 -
2022-11-11		 a year crt.sh
globo-ab.globo.com
R3		 2022-06-21 -
2022-09-19		 3 months crt.sh
cdn.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-30 -
2022-12-29		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.infoglobo.com.br
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-11-17 -
2022-11-17		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.storage.googleapis.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
usergate.globo.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-05-13 -
2023-05-13		 a year crt.sh
horizon-schemas.globo.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-04-04 -
2023-04-04		 a year crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-24 -
2023-01-25		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
consumer.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-07		 a year crt.sh
*.ivcbrasil.org.br
Amazon		 2022-05-31 -
2023-06-29		 a year crt.sh
globo-mab.globo.com
R3		 2022-06-19 -
2022-09-17		 3 months crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
horizon-track.globo.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-11-11 -
2022-11-11		 a year crt.sh
*.piano.io
Sectigo RSA Domain Validation Secure Server CA		 2021-08-19 -
2022-09-18		 a year crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.cxense.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-17 -
2023-04-17		 a year crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2022-04-27 -
2023-04-26		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
id.sharedid.org
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2022-08-09 -
2022-11-07		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.uidapi.com
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-06 -
2022-09-05		 a year crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-05-08		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2022-05-18 -
2023-06-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
uuidksinc.net
R3		 2022-07-18 -
2022-10-16		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-18		 a year crt.sh
s3.amazonaws.com
Amazon		 2022-04-01 -
2023-03-30		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
ad.lkqd.net
R3		 2022-08-01 -
2022-10-30		 3 months crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-19 -
2023-05-19		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.lkqd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-27 -
2023-07-18		 a year crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-28 -
2023-04-28		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-10 -
2023-07-10		 a year crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-24 -
2023-05-24		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.spot.im
Amazon		 2021-11-04 -
2022-12-02		 a year crt.sh
*.sascdn.com
DigiCert SHA2 Secure Server CA		 2021-09-13 -
2022-09-13		 a year crt.sh
s.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2022-08-05 -
2022-11-03		 3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-12-30 -
2023-01-03		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-07 -
2022-11-30		 6 months crt.sh
adentifi.com
Amazon		 2022-08-05 -
2023-09-03		 a year crt.sh
*.dyntrk.com
R3		 2022-08-22 -
2022-11-20		 3 months crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh
mpp.vindicosuite.com
GTS CA 1D4		 2022-08-09 -
2022-11-07		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
sync.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2022-07-28 -
2022-10-26		 3 months crt.sh
*.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-12 -
2023-02-12		 a year crt.sh
*.gumgum.com
Amazon		 2021-10-15 -
2022-11-12		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.va.us.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-05 -
2022-10-30		 3 months crt.sh
*.us.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-07-28 -
2022-10-22		 3 months crt.sh
um3.eqads.com
Amazon		 2022-06-11 -
2023-07-09		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.ad-server.k8s.ggops.com
Amazon		 2022-02-09 -
2023-03-10		 a year crt.sh
*.springserve.com
Amazon		 2022-03-31 -
2023-04-29		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.adrta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-26 -
2023-06-26		 a year crt.sh
*.us.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-23 -
2022-09-19		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
truffle.bid
R3		 2022-07-21 -
2022-10-19		 3 months crt.sh
*.iprom.net
R3		 2022-06-19 -
2022-09-17		 3 months crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
events-ssc.33across.com
GTS CA 1D4		 2022-07-21 -
2022-10-19		 3 months crt.sh
unified.adsafeprotected.com
Amazon		 2022-03-10 -
2023-04-09		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-04-10 -
2023-05-08		 a year crt.sh
*.innovid.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-08 -
2023-04-11		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
pixsrvcs.com
R3		 2022-08-01 -
2022-10-30		 3 months crt.sh
*.smart.link
Sectigo RSA Domain Validation Secure Server CA		 2021-08-24 -
2022-09-08		 a year crt.sh
update.stickyadstv.com
R3		 2022-08-01 -
2022-10-30		 3 months crt.sh

This page contains 156 frames:

Primary Page: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Frame ID: 86558AFEFC134E263167343A70766585
Requests: 332 HTTP requests in this frame

Frame: https://glamour.globo.com/login-callback.ghtml
Frame ID: 8310450C540F154B2571C1E0922BF38F
Requests: 2 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: E6A9A6E3E73A5C5E5ED9654FB8B2510F
Requests: 19 HTTP requests in this frame

Frame: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7P9ACFgPhFd8KigZCGwThFd8KigZCGwUAAAAGBvQHJGXZbHYL08qt8MxcbtFytVkrDCPDWjNyGBariXE3mTmHQFKWzWa3MK3cCs_M5RYtV5u1wjAyrDUjh2Gxmhh3k5lzCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8b1NB0Onyue73O7HD7XZe7zuy3-O0av9svdtpcntPz7PLL_aanx-nwSwaL5V4x2atdZqPf8vK8RX63wu536z1vtcvt8rzVDqfnrbL7LA-Pw-T3vEUut2SwWM51RtPbbAcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DYDxDYGkk4Mh7Sanw-4w_M1Ozz8AAAAAQAAAAABIAAp4T0sAPs7KTv7_________YwboM29k_v___28WegAefAAehAAAAC6G6u9ZG1Q8FbaIDhiKGAEAAACcYh2IHk3qhMqi6v__v98K4AoAIEBweg06PUt3UOItDAAAoEAsQRrSCDPMjGNsgR4Wv9_ssGv8bpf9_________5v9n_2jCXmEI6UJs3riqv0CAgCs_QICALCpGwDAmwBcyLWg6XS47vWah91kebgdlqfDrrebnXaXXWF3uB2Wp8PsN7ysd83T9PKLLgBWpxC74WywmwxWu9kBAAAA3P3____jJUhDGmGGmXHogczKYrENNxuLw2RxTVYr18ZmGMwmK89kuFyuTIPtbSkvO0uhI6T3hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02t9ADEYDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEgZVlsdktJm6Fb2Nci2YW31phXKzWms1uNRiZXBOHybQWvT6mh2EwXDgnU3yg2-VTuV0uLdvL8nk5tigYcLYXydMinegmG-dkY3KNbDaHaTDYjFwz38blmjhWntFgONxYxBLNySKdyC77zspisQ03G4vDZHFNVivXxmYYzCYrz2S4XK5Mg31hZVlsdouJW-HbGNeimcW3VhgXq7Vms1sNRibXxGEyrUWvj-lhGAwXzsm-MZstRoPRaDPaN2azxWgwGm1G-w6Z6WNuWIy-oTnlkXlFy2t1enMYFC6DxTstWqStw9FnlPmsEddps4x-JlafOOM1KDwHj-lji_5Fnm3lay0ZFY6DRRFLBBfpRGVymv6Wh8_st_jdOrPD7XddLmKJ0nSRTvRip83lOT3PLr_cb3p6nA6_ZLBY7hWTvdplNvotL89b5Hcr7H633vNWu9wuz1vtcHreKrvP8vA4TH7PW-RySwaL5VxnNL3NFrFEcLpIJ6KX8XRR_5EhZru5cDjXzRWzySoBAAAAAAAAACxhyrwJAAAAwGkwu9Vyt1rngQxWw8FwtVwAiT9Q3R_6e9nWCPWJXbzWBzuxWe7G4saPKcrkNP0tD5_Zb_G7dWaH2--6XBlAwk2UefNnglir1bIGAAAQwAYAAAjg1s1bIOkU_____x8HAAAgI0cPAABAvw_E9MaFUi_8yE-Am9Vi!&cmcv=&pix=undefined&cb=1661404435349&uv=3219&tms=1661404435349&abt=aat1_vB!adh5c-1_vA!ecp_vA!inc_all_video_vA!spa2_vA!t45!t45!tvrReverse1_vB!ufm_vE&ru=http://sandramaria.online.anamarialopez.site/&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=e2337a4e-a3fe-4953-a0d0-3da015b872f9&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: EFDD326C531ADF87CFACB4ACA5CB020E
Requests: 4 HTTP requests in this frame

Frame: https://ch-match.taboola.com/sync?dast=V7P9ACFgPhFd8KigZCGwThFd8KigZCGwUAAAAGBvQHJGXZbHYL08qt8MxcbtFytVkrDCPDWjNyGBariXE3mTmHQFKWzWa3MK3cCs_M5RYtV5u1wjAyrDUjh2Gxmhh3k5lzCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8b1NB0Onyue73O7HD7XZe7zuy3-O0av9svdtpcntPz7PLL_aanx-nwSwaL5V4x2atdZqPf8vK8RX63wu536z1vtcvt8rzVDqfnrbL7LA-Pw-T3vEUut2SwWM51RtPbbAcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DYDxDYGkk4Mh7Sanw-4w_M1Ozz8AAAAAQAAAAABIAAp4T0sAPs7KTv7_________YwboM29k_v___28WegAefAAehAAAAC6G6u9ZG1Q8FbaIDhiKGAEAAACcYh2IHk3qhMqi6v__v98K4AoAIEBweg06PUt3UOItDAAAoEAsQRrSCDPMjGNsgR4Wv9_ssGv8bpf9_________5v9n_2jCXmEI6UJs3riqv0CAgCs_QICALCpGwDAmwBcyLWg6XS47vWah91kebgdlqfDrrebnXaXXWF3uB2Wp8PsN7ysd83T9PKLLgBWpxC74WywmwxWu9kBAAAA3P3____jJUhDGmGGmXHogczKYrENNxuLw2RxTVYr18ZmGMwmK89kuFyuTIPtbSkvO0uhI6T3hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02t9ADEYDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEgZVlsdktJm6Fb2Nci2YW31phXKzWms1uNRiZXBOHybQWvT6mh2EwXDgnU3yg2-VTuV0uLdvL8nk5tigYcLYXydMinegmG-dkY3KNbDaHaTDYjFwz38blmjhWntFgONxYxBLNySKdyC77zspisQ03G4vDZHFNVivXxmYYzCYrz2S4XK5Mg31hZVlsdouJW-HbGNeimcW3VhgXq7Vms1sNRibXxGEyrUWvj-lhGAwXzsm-MZstRoPRaDPaN2azxWgwGm1G-w6Z6WNuWIy-oTnlkXlFy2t1enMYFC6DxTstWqStw9FnlPmsEddps4x-JlafOOM1KDwHj-lji_5Fnm3lay0ZFY6DRRFLBBfpRGVymv6Wh8_st_jdOrPD7XddLmKJ0nSRTvRip83lOT3PLr_cb3p6nA6_ZLBY7hWTvdplNvotL89b5Hcr7H633vNWu9wuz1vtcHreKrvP8vA4TH7PW-RySwaL5VxnNL3NFrFEcLpIJ6KX8XRR_5EhZru5cDjXzRWzySoBAAAAAAAAACxhyrwJAAAAwGkwu9Vyt1rngQxWw8FwtVwAiT9Q3R_6e9nWCPWJXbzWBzuxWe7G4saPKcrkNP0tD5_Zb_G7dWaH2--6XBlAwk2UefNnglir1bIGAAAQwAYAAAjg1s1bIOkU_____x8HAAAgI0cPAABAvw_E9MaFUi_8yE-Am9Vi!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 585EC6783DCDBACB2406F3E976ED71D8
Requests: 4 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 2AEF601173FF762AE9BB129467926EE1
Requests: 19 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html
Frame ID: 0A65903B699F2B55B21D456E61B4D4D5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: E566F97955B45699B9F700C0130E5AAD
Requests: 4 HTTP requests in this frame

Frame: https://b914bae64ee38a1f51ab4d193a1b562e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AE3EFA156543F3E66F5EE9965DD337FF
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCgOL1cOmn1ODb4jZVEv3b20iUQqrelWDRce_2vonTdistwMLpZVC6S9XcwmcQQ1i2i2pGyuUlhwFixJW9bOEEKbUm599JDiNKhKe4A8h_mI2bmpZA2B0ixm8UlbhVFT-95ahj6BjNriIep7TVMuW3zZsBjTsXAUNSGrSqWj4lY5RGuOEyma8JIrGKWWNEIchYLhxspyEz6JhEnLJ1fC332ynLAIsM-jOpaSs2Z6CgyAh4Krs0Bg6SrPzsDAj9-oR7-mWG07Kqm_COgQY65qnVWzo2IQ6MxVlc-2S2ahWO8WUB0kpM95r-4YjVzAdIjpNSlapCYg&sai=AMfl-YTmvyT-4vIBH2P7DbX6jHmf3mQmLFlV4xq9-2Uo8w6yS7_PZsR9WfXYXsr3m3C8-ZYkL1kSC023NU9Muy1ZHxQ2b-H4TNMmSHNgGDx2pgheVRkM82u6LPcynUaNNpw&sig=Cg0ArKJSzN-aDiHBleV4EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7DDE0F6E1560F41FBE26422F2D2621CB
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBhbVfMnvfbvhACpbsIul9dCVY5HpkuMA5weEkjRxK-4Fzzu9mvNjklusAxbiQ5NIMS5NUIEfRK9UVIJG1pg4GrlBCdvoavhGtb4GIRKfwFiHU5hS0epbn0YwtmAOhnC7oD3eE2UpmFJFTf8PFMn5JswLWRb7iy0jiL3v_3PuyF8w0cLqfBCBXSEn4GaKbM58hcLonGUl9AJv2d4IhNyLKU2j_66aSnOMxV8NCsylh0NcgERN_BrodgY-1iN3BroacYfNLe0_z8E9zfUdJ4qQg6TX2bfmrB8h-sFs51Uk3oOBhJ7Hs96-lrFnLdVNU0LqedZXPIbNKUg&sai=AMfl-YTl8_pxUaTqBEvPYRZPhO35JvHf6AwwVIzoLojLL9_naqufTmfnfPtiJVmJ5ROcGiMFhdeKCtKPWGmm2cVOS4USn-KTspy-PSGj9b1Dhmtq8czpV0Ldt8uAGXheqw&sig=Cg0ArKJSzLFZldVH7LZUEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: E2E8FFC935204BD161934FDC71A049DD
Requests: 24 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssPJE2SxLRoFOE-92OzPWSLxQD7F_B8RLUJBmJPFVIQ5vqiETcFTYwb2gw4s5vPDewnuvMwn8yzSeRR16XJz4RgRID0M-ZCtUVL1oZjvuZd_tvTWy7Bfg5ZnFNn7KofB32Xd6gwPE7JWbDn2uKxIQr0A-7DUZ9lI83a2MkrplUs4Ge_Um2DSiNGBGZrwL31KzRZkUJJAUwgJ4PinbY5sEBZprLboh3hEiVLNL96ihCQXiZ4pMRO4ueWIV-5QbMU5Sky2cm9p5vbaaiGqithSMwBnmXaksgYUwhf8lo1acltZ5fsZESjcTqq-1kWVlSSmvT0lVItHH0UTQ&sai=AMfl-YSraimwJVwq08ofimpP11DVFqmn0cfG4haCi97jhe3E0Fegr_DOG0GgM9744Ms85V160fLN7yebYr_WVZnmlXeh0XmRuJdrZUjp4vmrBgFthnaQLjR-2XePWPv37Q&sig=Cg0ArKJSzAzX2WDmAxBHEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 67372E563B945E500F920C5388E76569
Requests: 4 HTTP requests in this frame

Frame: https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L78LAY60-1Y-88US
Frame ID: 1CCAC7B9175AD3B6E9D6E828F45735B5
Requests: 21 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssx0Rxt9hO3OdYRiRJbnK_XlgJ3IuX_M1mUxalkdvSFmyCwwOHF72lGbKxIiNKGEj-jYo69ccAfn9wm7my5cJjBuTscZmeiUmI088OCriHQJJm4K1CMhXgdQMft9ZUwqKg6mMsIZTYkp-s8438j0Eth0yNyLTFjQ72-3TyboWmIMJBpS9IT88mwzV_1HmL9DcuDH3Es5pA-LN_UQP_aA8a5KyjhszjaYLcDL4wUq9q0JYTUFV6uo9pBi6rEkoUCeUa_Wdx6DJUuNuZYTtBZQG87idjuiaLYDNNR39QmYPj63zXzqjJ6X4bBWv389c_XIT0HMTh42F9Eig&sai=AMfl-YR6x40aaum1x3QappdlDQ5h9hHEF03i7HT9L9AzbXaJkJ3rWH_Nnt45l86BE7tyoTa24w50PR9e9eVYcQhpdn24LVdCszYXlU8V4whGA4cnqcjCIWH7c3kfbherKrI&sig=Cg0ArKJSzIyv9MgjCTGlEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 589711488C5F07485C3796B76D2CF01B
Requests: 34 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRUICKhJhqQe5UQb__9AS9_EF5ZY0Dsr_Q9KVZrNQnIFu7lXBbU9w_6ChRIkXnkRN9-GOlepiIVcTlR75EKsJFRxtQLg7ucnrveWQ81UFUY0AYJ95ppqQOZkzZV38s6Qsz_reri0QLgy5JbTyofBoDLEGL8I-ileR9EW5CgFHSkWDpiVZHgXWukfz6q4umy5vniB10ogM9cWR1h81UCR4vJFYFzDUPCJCr7y-4J7X-3K3S348yQOwAEA61_9YyJ4_aBQ48HyZpc_qtD6ud72gkqoIlIzBKc_KPFghPzF6U-Zc5bYKh_2w0oMIYF4S-b3HbT9xcqaaPUA&sai=AMfl-YSWqvGLEPFYXt0rbFjpAs5OMOkKYR_n5teJvyU3paLLQtvMzKHb4gl-hSTq4LpX9Z9KSR2uRMLf8hroGwkkil0uCuYrOzq0PaGTbqwecFEZp3PVzRwGQoaY4INJcQ&sig=Cg0ArKJSzCRsPPcOdsX_EAE&uach_m=[UACH]&adurl=
Frame ID: 10D8DE784CA645A5C762F4C7367A886F
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=glamour.globo.com
Frame ID: 37AC87E10950D406E3643444F56BAC84
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 106163A2DD2917F0BA91A85057178E41
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 94FFF5644CA06AC48EFB887E1ACF135D
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 4FEA92C0C92A4F5E13FFFF77C6DFC042
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 7FE79568CA70BD304165E29A1101B810
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 548E425B59408CA6B2A4D2367BE42CE9
Requests: 9 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 43A112DA0BEBDCCD362FADAB56AE73BB
Requests: 6 HTTP requests in this frame

Frame: https://secure.quantserve.com/quant.js
Frame ID: 63101FE002FE00B2E529EA85CAC5CA36
Requests: 3 HTTP requests in this frame

Frame: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Frame ID: 4C8AD531E4DF0B83067DC2FD32519162
Requests: 15 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: C61E630630DC9FCA74CD018BAE962137
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 13231A1012199627FF08D4B163721C42
Requests: 22 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 6C3DD84BD595C8BA61FD981780693B47
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Frame ID: 19E34FA2AAF5EDC6254A2794C96233E3
Requests: 11 HTTP requests in this frame

Frame: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Frame ID: 445B577202E5F1252923442CFD897EA1
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Frame ID: 94892EF451E28317B80FF5708795978D
Requests: 22 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1661404438252&pubconsent=&euconsent=&hasConsent=1&rd=1
Frame ID: B948C311510F5D60332B67D2D1A4FB99
Requests: 4 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Frame ID: 9613E696FF2CAF2892FB46EDF4BEB8E6
Requests: 6 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Frame ID: 806F2D77BF8BAD9C8EC7A8E87C527E81
Requests: 18 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75601b04186d260
Frame ID: CBBF918DB94CC2BE8F3ABB62F8522384
Requests: 15 HTTP requests in this frame

Frame: https://9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 827EDCD24B5DC05F1AFC31C52787D454
Requests: 1 HTTP requests in this frame

Frame: https://3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 6AAFE69D582CBBBF0A6B9F78723363B3
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 8117956E2590AA70A04350F72E63CC4B
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&dcc=t
Frame ID: 0127BC203B3B9B784D896726488DB738
Requests: 1 HTTP requests in this frame

Frame: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Frame ID: 07235AF873E596129D56FFC83C238068
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Frame ID: 99A4137D8169A673E0BC1D76752CCF15
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Frame ID: D5794681E3CB46995A1D85021B0A4498
Requests: 3 HTTP requests in this frame

Frame: https://player.aniview.com/ssync/5e0e296628a061270b21ccab/ssync.html?pid=5e0e296628a061270b21ccab&r=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3De8ecb87ff2ef3a3b16ba16c51e7986ac%26visitor%3D%5BAV_UID%5D%26name%3DOPENWEB_VIDEO&gdpr=0&gdpr_consent=
Frame ID: DDE53BBFEC3506A3B63758D59C0FE03E
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Frame ID: A10EF9A69120A9AD1E6C5F726069A7E2
Requests: 2 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Frame ID: 046C29841EB8C28E428BF141B975596D
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: FC9A1E0BEC88862AFDF95431E51AC1A7
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 395A17E1913C332C4E3D6C3E5C505D1F
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Frame ID: 8A6738FBC6C73220787F34BE4ED28C82
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C2C07D3D000452F73AB2D1729FFF7E3B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1DF95D804E48BAEAD2913A28CAE57BE8
Requests: 2 HTTP requests in this frame

Frame: https://9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 4BB27D4D95A2972604706C126DC78BE0
Requests: 15 HTTP requests in this frame

Frame: https://3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 78E4662958458C01B2707673CC0FB54A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 31DC49B75D41059C87A7026944AF811C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 73BE3CCD8AC0262F908066604F65C956
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: C469BFCA9E5D686DE508C9EC9455B50F
Requests: 4 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4
Frame ID: 0F6123EF97398C8AAC5F443AF0C7F272
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YwcFFQACNb5MfABN&gdpr=0&gdpr_consent=
Frame ID: 8B8C2761DC2E279E8A4DB9BF00126D8C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b9936307-0516-4500-b3ae-7b63940e6617&gdpr=0&gdpr_consent=
Frame ID: 45D34223A4D58FBE978B5BE87ADFA436
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD9KU7GDgoAABMQ-KCgjw
Frame ID: 1386DF10A3E153830731E463EA1412C2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=b9bcf920-2434-11ed-9deb-2ee29163ff26
Frame ID: CD8C67A4C4336E088E51904947E83334
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 4BAA93B642C52FD49E1871375EFDA853
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 7D4422A74680A40FDB09333332C76048
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=DStGRj0VSaBPBl_Yc4F1YKdYB6I
Frame ID: AC64CD533A748E965CC7801B499F8D25
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:iEZ61Qhz1Or5bN5&gdpr=0&gdpr_consent=
Frame ID: ECAA5199F90BFB024BC1A3D8A5DB0639
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=688269761907
Frame ID: 0EE2A71036E9FD9D54722A35850D7818
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 08044ECDE17BDD7F53351A6E1478A732
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4
Frame ID: E36006F44C5C0EF9A83E9BD8A449CEA7
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005
Frame ID: 54AE1A608BBAB404011D3480AE07678A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Frame ID: 71968D4D528DB8CAF050C92185005CA1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7146908391105684336
Frame ID: E4D9C5D132E47DE79B79C8DCD5B9CC8A
Requests: 1 HTTP requests in this frame

Frame: https://s.seedtag.com/cs/cookiesync/pubmatic?channeluid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4
Frame ID: 87A03A2667E9AB2226A702CE3B0C7461
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 707234D1E86325D5F2AA4F729FAB6EE9
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: DB9FA8F9077CD9B4976F7901E79D7D33
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 1A8A1E799DB56AB9CB62072135850C94
Requests: 16 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: ABA54B2D3A4B981A5DBFADB4717E91C9
Requests: 9 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 0FE660F157BE6D014510A77C0EDAA949
Requests: 6 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Frame ID: CBD30BC3FEE1F69FBD916DB7C0A0501F
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAEdjib_cKtugMRVkoTAAAAAAA&expiration=1661490839&is_secure=true
Frame ID: E2156523D036C1242DE3BD877589A289
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=7412760816595641933&ex=appnexus.com
Frame ID: 043A8BA35752F85474F089BAAF313E3B
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2850636057255575426400
Frame ID: 61FE959068E82713C57FB19FDCE8B8F7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEJvK6wEYv43-zwEwAQ&v=APEucNWxJ5CX9m3RSWI3M5jFZtisr7goeH1Hj20bduRzK40I2gL3YzdvdWhQFD0WTj0FbUZ7eS9Or1wJlw6fTBzjxGma6aUkMg
Frame ID: 887C8733704BBE344522A9BF610C4A9E
Requests: 5 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=YwcFFgAGgokIaAY0AAAnMNxKp9bCD7dQ1Ixnqw&u=%7CdPGRhl%2B7%2BMWgpPFIpCJqMtCJIuSB7aEzylITgSDLOdw%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MTceYYGR9Jp5gwJSFuY1ZhN1_Ei2GJq8gd_G0tw1r14hnbYpVmvZEeZ3grlLUx-z4YYgXcAXP-xm45dOpRMTQ2S5iczFkxYc4DVGYC46ATP-k6EYWtuYZ03Fn2IUxSqnA_ihx5X8BFdchR5NyXI4oYxBTP2vLFJ5UMkfKCLc84eaNK2weWxmJ71gTfmFr8odm5bxqiOQJ--htYWPUtQ7RKgLoSbTX6T59wBkzS5n5CjsxYsz6Cs9dCgWg904mlqCZzn9F_BGivAe1umNo23lypsKXgoF0-WcHUiCJBaJJm13slpbs8eEc1FyD8sMMR46ul6bAZOhIsMZyQwgNT9Rc1vQ9KulDUKYGLE_O4T_q71i1dk-CTLivbkQd8NiriMGMz4oD1Uj0l3d6g9UZ3wHDOqD9RBRmTkxUKli2P7duAyr0zhZFthEV5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTXExFgUHY4mFGrSMoPMPsM6AuAecge-wXNqkqap0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN6ABrN3-6APIAQngAgCoAwGqBNQCT9DBe3BZCAmn095o1iZouRKGQHDII5v-6LFV0nXaKTdGgkpaKzANBAqC5gW_mk3z7OXElD4oa-YJ4kAMQMRerD2-_XB52qxxOfsLXCsJT8BaFEmWq3WE0JKS_jgO8WM1wCJRDc7rXco8ACI66A4Y-E4Ade9Fqbg24omZB7vHKkQ14Qvpyn6PkoIfi_Kj5dKUoyuX_O8V-4jFqjJxaWdz1eZ7jZ29K2rqOBvCQcPLXW_3RT_qtEmNLkS0LfmikJe0lJOdPFjmR2lDGN2dlyOsT3XGggo6FntlmBPAEH8q8IIu4RBn2gPpBGXWW47nZMqdEB0p-Gk2u16ro0T9lzyza6zdWOY2QeAUSt5LoG80ZKFlx1mb_EHkmYjuD7g3PGE8Xow-dROFmlJXWaCak2gL4Cozx_xj2hyqt6qcKSqXc9GZQZSbSwZFA30QjYN6gRTPlZXkvOAEAYAG8svvvtjL7-1JoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1BBFSwNw0F-QD9vVwmK83CozIVhQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Frame ID: 3F1E027971F7402837757E0EC37F097F
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D8437BDCB95FBCE600A8E8D4495C4E23
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=glamour.globo.com
Frame ID: EED5A2D1B12D0DFAA5BACC4A6C86EC9D
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: 1B5925992A85A20205A71ED79C6F9D97
Requests: 14 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=488792&extuid=y-T4gubExE2uHl11yJqiA0EIqbv8Nl_EL6mCu_FFk-~A
Frame ID: CDD1448C237F60D35790C55AAFB44A5F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Frame ID: 71CECC7C49475C60E1AC16362C4F13E9
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=271858&extuid=7412760816595641933
Frame ID: 845D51F94D63D2AC371827D03AACF323
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=57064f8d-a433-4deb-abfa-d29f4601b0af&biddername=55&key=7412760816595641933
Frame ID: A26FB1D6B057088B7AA6A3B74A52C343
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Frame ID: 372079F260CF41015EE120813CBBB5B8
Requests: 3 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=57064f8d-a433-4deb-abfa-d29f4601b0af&biddername=2&key=b7a4120e-2434-11ed-a1bf-1184b4c80503
Frame ID: 02D60B9EEE2C9533749120CD614C5539
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=57064f8d-a433-4deb-abfa-d29f4601b0af&biddername=72&pid=5e0e296628a061270b21ccab&key=ac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553
Frame ID: 972D3C243F01EEA04B3DCB0FCEE9F031
Requests: 1 HTTP requests in this frame

Frame: https://config.seedtag.com/standard-iframe/index.v1.html
Frame ID: 2880BE26E586D9BB34F82446E92664CC
Requests: 10 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 20D4FEE95D1933A62766CB36DAE24246
Requests: 2 HTTP requests in this frame

Frame: https://config.seedtag.com/standard-iframe/index.v1.html
Frame ID: F062BD6CB4FE58E3766208400750CED9
Requests: 18 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=b9936307-0516-4500-b3ae-7b63940e6617&gdpr=&gdpr_consent=
Frame ID: 32A0312F415929C4B9224C3969ACE1DC
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=YwcFFQACNb5MfABN&gdpr=&gdpr_consent=
Frame ID: 13E74872C698A3716856DFAC95AA9D66
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV81MzQ5ZTI5ZS1lNTczLTQ2M2EtODA0Mi03MjhkMTAzZWUzOWI=&gdpr=&gdpr_consent=
Frame ID: E6DF1936F0152429B8D762D30D95A322
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 546E939E3904ECED49D10D3DFE2AB88F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=f392b494-04f1-4190-8b81-965c828ca97a
Frame ID: 80B19B012D55408522C20C6226BA96DE
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&i=7412760816595641933brt54361661404439995180b7
Frame ID: 95C82110ACCD5580752AB0ECBF7AA9EE
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=YwcFGMCo8YsAAGFHD0UAAAAA
Frame ID: BB60867D931F80D70EA431951258DA1B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=YwcFFiEqvqgxgytikig15QAA%26468
Frame ID: AD06B33D45E288B9E3B8E067D3E99002
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=v9oQfujxQcoR0TJPtVBy&pi=gumgum
Frame ID: 6E93D2AEFD3E450CF3717CE41CF1517B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 3B1D9D1310A9997FA18F5775B638DE84
Requests: 2 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Frame ID: FC79184133E7A9643F4E60348852777E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7591EA6159CAE5DDCEB909FECA071DE9
Requests: 9 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22721247772133994770%22%2c%22adomain%22%3a%22unidosus.org%22%2c%22page%22%3a%221383108%22%2c%22format%22%3a%2278373%22%2c%22crid%22%3a%226117171%22%2c%22dsp%22%3a%2268%22%2c%22buyer%22%3a%2211760%22%2c%22cid%22%3a%222172825%22%2c%22adid%22%3a%22%22%2c%22hash%22%3a%22-5241868059446901536%22%7d
Frame ID: 879CEEFC9581FD0004EA64293D59C2E1
Requests: 1 HTTP requests in this frame

Frame: https://bb772c466fb6df497b37ef72aab4cbbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: FC1BA2F3A50EDF52C0253549C6FA7AE4
Requests: 1 HTTP requests in this frame

Frame: https://pixel-sync.sitescout.com/dmp/asyncPixelSync?nid=64&wb=1&hdid=0
Frame ID: C0F52222ADD1EFF27557904C6E816E16
Requests: 6 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N1305047.278396BETGENIUS/B28373530.344142128;dc_ver=90.265;sz=250x250;u_sd=1;gdpr=0;dc_adk=1221982917;ord=nrhpkp;click=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FIuAO_euH2T-0TzLjXRDJPwAAAIA9CiFAsm1IW9zL0j_a5sb0hCXjP8SWpVTGDiBx_7pedyaZkyQWBQdjAAAAAAH9XAGpDwAAmBwAAAIAAAAuGZ4WRVUlAAAAAABVU0QAQlJMAPoA-gBPgQAAAAABAgUCAAAAAKoAFCVQGgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%25217xVpdQiQ-ssZEK6y-LQBGMWqlQEgACgAMZqZmZmZme0_OglOWU0yOjU3MDdAjy9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjU3MDc%3D%2Fbn%3D92044%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fglamour.globo.com$2,https%3A%2F%2Fglamour.globo.com%2F$0;xdt=1;crlt=zTkeA1GAIu;gcsr=m;stc=1;chaa=1;sttr=166;prcl=s
Frame ID: 74545E2BD3E607A211F04EC71B745389
Requests: 10 HTTP requests in this frame

Frame: https://bb772c466fb6df497b37ef72aab4cbbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: D7F7EDF2287AB07FBD1EB8C4F353C9A2
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=4009&pub_id=1986072
Frame ID: 1FD275BA0C2405D976E914806B5DBE31
Requests: 3 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1661404438606,,
Frame ID: D158CD7B5883A283902D89F27F8205E7
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 86100E0117963F4181F69CDAAB0751A2
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 915116BA291CEA7B78084E47325CAD7F
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
Frame ID: E0EAED2DA95AE43D524253810DBE9198
Requests: 20 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 626265EE98306C3B7668B6DFFA5F8923
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=RyHUwfMiBie0bkVxGQUHYw
Frame ID: 9B7C26D0D0541100FCCB03684504F5D7
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: CAF9942A624CD9FED40FB46A3340E96D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=81181572-18f0-40ef-b32f-bbf09c56b563
Frame ID: 95AA0F26DAEF0FE242E7C78C2F15E329
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic
Frame ID: 5E270168F5AC87D9015D4EDC58EAACC0
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: BC6E616F2A540BCC325036A36525F6D9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=accd1af1-c842-451b-9d73-e43091cf9536
Frame ID: 7B928E96C4435B465A36B79802EBD653
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3E9CCFB3269E467B9622CCC5F9172B9A
Frame ID: 1FB2C1E9562517E1575680CB813660C9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Frame ID: CDE6CB619388AA657A3A446807A5ED14
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 9395B8B61653B8F776DF9A346F6E7CE0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 04D05BF13DD5B96DE020287B72C4EA80
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 80F0C6F867B31AD7226147F2BE745854
Requests: 2 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/sync?uid=2fe1084ffe44c28350116ec0a0a1c2d1&name=PUBMATIC&visitor=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4
Frame ID: 69A6AE0E6D2E2576A236621E66AB1C53
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 83E1CE45E305DA49164857EABB98DBFA
Requests: 7 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4
Frame ID: 840C7D4F6A7548B7E7A2A8CDCC8F0A82
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 294D485C9CB8B4D292BE4B9E6F8A7BA1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 81D63897EB6C87E172BD61F4B4D0F90A
Requests: 2 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Frame ID: DD00FC65E1ECB2988635C67E5C005149
Requests: 5 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1661404438606,,
Frame ID: 4F33F8C7BDA124821BBB690CF86999AD
Requests: 4 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=448580&extuid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4
Frame ID: B97A8445F54CC4B0604A8B9EF71038AE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5B4BA818B8CF6274D53F3B6E7AA0973B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 132D6C6CB21A19605632E950199E9FC6
Requests: 7 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Frame ID: 103083B4151D4009DA321D755E88EF41
Requests: 5 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1661404438606,,
Frame ID: 71737429BAE51ED15A7FFAD021EEDD75
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 79A4BF2D137B5AE4554774752C8742A4
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 1982603596CFF412454823AFE5C60810
Requests: 5 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: CC80102AE4021C1285D46FFD4B21015C
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: DA29350AB47CA51473E3B821F995311C
Requests: 5 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: D86681A41FC086ADE55CEC876202B65F
Requests: 5 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/ias/v1/vpaid.2022.04.25-15.52-2acd3d8.js
Frame ID: FD5E272D28F3FC72DE747C0994FD57E2
Requests: 5 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/ias/v1/vpaid.2022.04.25-15.52-2acd3d8.js
Frame ID: 2BA2D397B2CEA77CB8D77E7E1C82988A
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 83463018C21ED1C173690C0C3C8F94C0
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 885249CCE1CD01C83BD5EF69545195C6
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CB7039401529A3D704F6138E935C5453
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=de65e540-1353-4e70-af8f-72c6944458e2&gdpr=0
Frame ID: 8DCB0612178808E6E69862ADACE63B36
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: FF9A4DB711849851DCD07BE3FEE7DC07
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 72726E67B432F139944BB929DA3C1011
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Frame ID: BDAB2FA67E028F43A1BCE755DED40436
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2410EL&prvid=77&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 9E09F5AC80BEA0D7F8A1DC5E2E942092
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dvtp_src.js?ctx=21728770&cmp=DV485761&sid=Verve&plc=Verve-IQM_20210404001_VidJS&adsrv=0&advid=3891363&dvtagver=6.1.src&ppid=302&DVP_PP_IMP_ID=1989333300081602300&DVP_DV_TT=1&DVP_DV_CT=2&tagtype=video&DVP_C1=&DVP_C2=&DVP_PUB=430&DVP_SITE=1142899&DVP_CRT=919134&DVP_PP_BUNDLE_ID=&DVP_PP_AUCTION_IP=167.88.7.162&DVPX_PP_AUCTION_UA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F104.0.5112.101%20Safari%2F537.36&turl=http%3A%2F%2Fglamour.globo.com%2F
Frame ID: C7C3074A1305BA30E92AC3B9009772D9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Melhores do ano: os memes mais engraçados de 2019 | Lifestyle | Glamour

Page URL History Show full URLs

  1. http://sandramaria.online.anamarialopez.site/ Page URL
  2. https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.g... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • tag\.navdmp\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

1053
Requests

75 %
HTTPS

22 %
IPv6

167
Domains

334
Subdomains

210
IPs

16
Countries

10667 kB
Transfer

28486 kB
Size

374
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sandramaria.online.anamarialopez.site/ Page URL
  2. https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95
  • https://id.globo.com/auth/realms/globo.com/protocol/openid-connect/auth?client_id=glamour%40apps.globoid&redirect_uri=https%3A%2F%2Fglamour.globo.com%2Flogin-callback.ghtml&state=0f6f6781-96b2-4845-8d1b-9d66bc651614&response_mode=fragment&response_type=code&scope=openid&nonce=35084ede-85ed-46bc-89ab-861ed8f1ea7f&prompt=none&code_challenge=VeT5kDd5sGy8i2xVnEkndZMwnXD7_sk4hcwOiahzm_k&code_challenge_method=S256 HTTP 302
  • https://glamour.globo.com/login-callback.ghtml
Request Chain 99
  • https://sb.scorecardresearch.com/c2/6035227/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 101
  • https://sb.scorecardresearch.com/p?c1=2&c2=6035227&ns__t=1661404433171&ns_c=UTF-8&c8=Melhores%20do%20ano%3A%20os%20memes%20mais%20engra%C3%A7ados%20de%202019%20%7C%20Lifestyle%20%7C%20Glamour&c7=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&c9=http%3A%2F%2Fsandramaria.online.anamarialopez.site%2F HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=6035227&ns__t=1661404433171&ns_c=UTF-8&c8=Melhores%20do%20ano%3A%20os%20memes%20mais%20engra%C3%A7ados%20de%202019%20%7C%20Lifestyle%20%7C%20Glamour&c7=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&c9=http%3A%2F%2Fsandramaria.online.anamarialopez.site%2F
Request Chain 155
  • https://usermatch.krxd.net/um/v2?partner=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=UENlRm9sTnc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cm=&google_nid=krux_digital&google_hm=UENlRm9sTnc&google_tc= HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEMJR6cxpMpUXsiymBJ9omoA&google_cver=1
Request Chain 156
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=UENlRm9sTnc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm=&google_hm=UENlRm9sTnc&google_tc= HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEARJrdk94A1THWJaM2ymCgM&google_cver=1
Request Chain 158
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://gum.criteo.com/sync?s=1&c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=UgnTLHMU3ji8pfoae38FlvVZUVula0Ex
Request Chain 160
  • https://dpm.demdex.net/ibs:dpid=66757&&dpuuid=PCeFolNw HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=66757&&dpuuid=PCeFolNw
Request Chain 161
  • https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fadnxs_uid%3D%24UID HTTP 302
  • https://beacon.krxd.net/usermatch.gif?adnxs_uid=7412760816595641933
Request Chain 162
  • https://ib.adnxs.com/mapuid?member=1780&user=PCeFolNw HTTP 307
  • https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember%3D1780%26user%3DPCeFolNw
Request Chain 165
  • https://usermatch.krxd.net/um/v2?partner=sitescout HTTP 302
  • https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=PCeFolNw HTTP 302
  • https://pixel-sync.sitescout.com/connectors/krux/usersync?cookieQ=1&foreign_id=PCeFolNw
Request Chain 166
  • https://usermatch.krxd.net/um/v2?partner=verizon HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=KRUX&_hosted_id=PCeFolNw HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-TH6R.stE2pu0Eh5i4G4tFcsZ9twuY31fig--~A
Request Chain 167
  • https://usermatch.krxd.net/um/v2?partner=navegg HTTP 302
  • https://sync.navdmp.com/sync?prtid=30&salid=PCeFolNw
Request Chain 168
  • https://sync.1rx.io/usersync/krux/PCeFolNw?dspret=1 HTTP 302
  • https://sync.1rx.io/usersync/krux/PCeFolNw?zcc=1&cb=1661404434804 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005
Request Chain 216
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=f392b494-04f1-4190-8b81-965c828ca97a
Request Chain 217
  • https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP 302
  • https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=3f972114ac3847b7be822442042c77eb&orig=video
Request Chain 218
  • https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D0%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D0%26&__user_check__=1&sync_id=b7a4059c-2434-11ed-9b8d-11a1e3200403 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b7a4120e-2434-11ed-a1bf-1184b4c80503&orig=video&us_privacy=1---gdpr=0&
Request Chain 219
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=f392b494-04f1-4190-8b81-965c828ca97a
Request Chain 220
  • https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP 302
  • https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=5f350149733c4ce48fb900e652a587e5&orig=video
Request Chain 221
  • https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D0%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D0%26&__user_check__=1&sync_id=b7a41282-2434-11ed-a1bf-1184b4c80503 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b7a4120e-2434-11ed-a1bf-1184b4c80503&orig=video&us_privacy=1---gdpr=0&
Request Chain 256
  • https://usermatch.krxd.net/um/v2?partner=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=UENlRm9sTnc HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEMJR6cxpMpUXsiymBJ9omoA&google_cver=1
Request Chain 257
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=UENlRm9sTnc HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEMJR6cxpMpUXsiymBJ9omoA&google_cver=1
Request Chain 259
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=LDN6h48jnZwlBFoOOyku7lJ8c_bZpf4r
Request Chain 262
  • https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID HTTP 302
  • https://beacon.krxd.net/usermatch.gif?adnxs_uid=7412760816595641933
Request Chain 266
  • https://usermatch.krxd.net/um/v2?partner=sitescout HTTP 302
  • https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=PCeFolNw
Request Chain 267
  • https://usermatch.krxd.net/um/v2?partner=verizon HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=KRUX&_hosted_id=PCeFolNw HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-TH6R.stE2pu0Eh5i4G4tFcsZ9twuY31fig--~A
Request Chain 268
  • https://usermatch.krxd.net/um/v2?partner=navegg HTTP 302
  • https://sync.navdmp.com/sync?prtid=30&salid=PCeFolNw
Request Chain 269
  • https://sync.1rx.io/usersync/krux/PCeFolNw?dspret=1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005
Request Chain 299
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&rid=esp&cc=1
Request Chain 307
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L78LAY60-1Y-88US
Request Chain 308
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEOjqwE-PEDx0SMlcthIYlxU&google_cver=1
Request Chain 310
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92
Request Chain 311
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=f392b494-04f1-4190-8b81-965c828ca97a
Request Chain 312
  • https://ce.lijit.com/merge?pid=42&3pid=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 316
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=8c70ec81-2319-4d1a-a663-78be1b2e2a11
Request Chain 317
  • https://id5-sync.com/s/464/9.gif?puid=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/6/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/2/6/2.gif?puid=7412760816595641933&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOAlGWnG9thL1fr_OIVdW5XyPkXFOYhFbqxgIaTA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F5%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/3/5/3.gif?puid=b9936307-0516-4500-b3ae-7b63940e6617&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=f392b494-04f1-4190-8b81-965c828ca97a&ttl=%%TTL%% HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAD9KU7GDgoAABMQ-KCgjw HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F796%2F2%2F6.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/796/2/6.gif?puid=4c12d306-7bd7-45ec-a97a-8304a6a92f40&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F429%2F1%2F7.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/464/429/1/7.gif?puid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F434%2F0%2F8.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/464/434/0/8.gif?puid=fe9dd889-665a-426c-864c-a01eef9241c6&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOAlGWnG9thL1fr_OIVdW5XyPkXFOYhFbqxgIaTA
Request Chain 318
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ce95d937-04dc-4d9f-a5f7-40c522420de0&ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10602036474860944696&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dtaboola%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10602036474860944696&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dtaboola%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=35311a1f-8b8c-4ce6-925a-329ee2037a4d&ssp=taboola&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10602036474860944696&ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=213520604254002659520&ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10602036474860944696&ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=ce95d937-04dc-4d9f-a5f7-40c522420de0
Request Chain 319
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ac760d52-1f1a-400d-96a6-ce79bebf6dfd HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ac760d52-1f1a-400d-96a6-ce79bebf6dfd&tbid=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&query=taboola_hm%3Dac760d52-1f1a-400d-96a6-ce79bebf6dfd&isDirect=0
Request Chain 321
  • https://eb2.3lift.com/xuid?mid=7772&xuid=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&dongle=tbla HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Request Chain 324
  • https://sync.srv.stackadapt.com/sync?nid=140 HTTP 302
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=DStGRj0VSaBPBl_Yc4F1YKdYB6I
Request Chain 327
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=0503e3b0-984e-4551-a19c-665cdd4ab6a4
Request Chain 347
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=252806910.250996441334139906.7024693 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dvidoomy%26bsw_param%3Dce95d937-04dc-4d9f-a5f7-40c522420de0%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=b2babc02caac49d6a21d1daadc38396f&ssp=vidoomy&bsw_param=ce95d937-04dc-4d9f-a5f7-40c522420de0&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=ce95d937-04dc-4d9f-a5f7-40c522420de0
Request Chain 348
  • https://ups.analytics.yahoo.com/ups/58610/occ HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-T4gubExE2uHl11yJqiA0EIqbv8Nl_EL6mCu_FFk-~A
Request Chain 358
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=globo.com&sn=ChromeSyncframe&so=0&topUrl=glamour.globo.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=FUGrB3w0elF6WTkrYVBId0JGSlFIMk1oY1M0Zld1R0w0bUxjQ1dhUWpqbXhnZkhKYWRmeDdMUEZGajRWMStLL3dES3hZaE1jZHQrVm9ycFVEOFlXT0lYbERnMkdINmhVY1Z0R2FDNG1meFJOSVBLT0I2T29CeGlpWkxNaldBWS81aGlRNTlrUlpPMDNXWHM1c3Exc1FmbmNOdWlSMkg2aE80WXNzN21wc01DeXNuQ2RXcGFyd3hqakJZekt2Rmd2R2U2NnQySEo0QTQ0M2l2YWRzMUljalFWWGpCNk12djF5ZDFTd29KRndFQVBaNHJ2ZHBTSmd0VkxCS3lVVC9ZeW4yOUMyZ2pYS2NHVFRPM1BqWHBMdC9hZk51UT09fA&cppv=2
Request Chain 363
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YwcFFQACNb5MfABN HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YwcFFQACNb5MfABN&_test=YwcFFQACNb5MfABN
Request Chain 365
  • https://match.adsrvr.org/track/cmf/openx?oxid=82390093-724f-7406-d332-67da7c371210&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=f392b494-04f1-4190-8b81-965c828ca97a&ttd_puid=82390093-724f-7406-d332-67da7c371210&gdpr=0&gdpr_consent=
Request Chain 367
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPfd-znVGqJM3u54KC-xeVo&google_cver=1
Request Chain 371
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fglamour.globo.com%2F&domain=glamour.globo.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=b7_punxDcFpWbFV0UHhNc0FpOUhVZGNQQWpqYUpyajVHcmNRUmpJcjkvR3BSNDlwaXBWZ0Eya1ZtQTE5Z3RTUGZWRzVrK1R5Y0tqbUdiWVZ4Skg5RkFQajQ4NHRjdmZUR0o2aHcxalV6eEs5eTE5cjJnVWNsM1lJOXA1RlY0NHgzU1pFZmpQSUxoTEdkS0tyc0Nya0xHcDdibFFQK3k0ME1qYkR6VFhveXNqYngwb2VTM1FOZG5iMHJxdktwVmI0ZFdaUVNEMjVGTndmSmxNSDZmOU9tNUNBVlVGVDZrN2xTUlY1am9DVmJDa29YODR1S0l6VG11UjdhYm1WNUllWWovR0lBSnhENTV6WFdac2RTSnNycWM2L3hNUT09fA&cppv=2
Request Chain 402
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=49a415b1-b09f-4e1b-9d32-f3f5e3270315
Request Chain 403
  • https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
  • https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=UvxcDMZkrL8
Request Chain 404
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP 302
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=sTNI9fkRROA&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=22e6ac08-c7ee-4333-a411-38f9eccaa61c
Request Chain 405
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4061702563327631275
Request Chain 406
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=DStGRj0VSaBPBl_Yc4F1YKdYB6I
Request Chain 414
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=726141dc-155d-42c4-8647-150879cac71e
Request Chain 415
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4133760157365559211
Request Chain 416
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=DStGRj0VSaBPBl_Yc4F1YKdYB6I
Request Chain 417
  • https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID HTTP 302
  • https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_5d3bfd0b-5cc9-4162-b30d-c3160311b330
Request Chain 426
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=seedtag&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Request Chain 429
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1661404438252&pubconsent=&euconsent=&hasConsent=1 HTTP 302
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1661404438252&pubconsent=&euconsent=&hasConsent=1&rd=1
Request Chain 430
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Request Chain 434
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fappnexus%3Fchanneluid%3D%24UID HTTP 302
  • https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=7412760816595641933
Request Chain 435
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=3050&url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsmart%3Fchanneluid%3D%5Bsas_uid%5D HTTP 302
  • https://s.seedtag.com/cs/cookiesync/smart?channeluid=1526083351859992907
Request Chain 436
  • https://b1sync.zemanta.com/usersync/seedtag?puid=&gdpr=0&gdpr_consent=&us_privacy=$USPCONSENT&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__ HTTP 302
  • https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=&gdpr=0&us_privacy=$USPCONSENT
Request Chain 437
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=5jrh0rv&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://s.seedtag.com/cs/cookiesync/ttd?channeluid=f392b494-04f1-4190-8b81-965c828ca97a
Request Chain 438
  • https://x.bidswitch.net/sync?ssp=seedtag&user_id=&gdpr=0&gdpr_consent=&us_privacy=$USPCONSENT HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ce95d937-04dc-4d9f-a5f7-40c522420de0&ssp=seedtag&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10602036474860944696&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dseedtag%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=35311a1f-8b8c-4ce6-925a-329ee2037a4d&ssp=seedtag&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10602036474860944696&ssp=seedtag&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=213520604254002659520&ssp=seedtag&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10602036474860944696&ssp=seedtag&gdpr=0&gdpr_consent= HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=ce95d937-04dc-4d9f-a5f7-40c522420de0
Request Chain 439
  • https://sync.search.spotxchange.com/partner?adv_id=8651&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fspotx%3Fchanneluid%3D%24SPOTX_USER_ID HTTP 302
  • https://s.seedtag.com/cs/cookiesync/spotx?channeluid=b7a4120e-2434-11ed-a1bf-1184b4c80503
Request Chain 440
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Frichaudience%3Fchanneluid%3D%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcs.seedtag.com%2F HTTP 303
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fuid%3D[sas_uid]&gdpr_consent=&nwid=2441/ HTTP 302
  • https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=1526083351859992907
Request Chain 441
  • https://sync.search.spotxchange.com/partner?source=249286 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D&uid=CAESEFV7Cp-ELskG5BWWIaeo94g&google_cver=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=spotx&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7028&uid=f392b494-04f1-4190-8b81-965c828ca97a&img=1 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YwcFFQACNb5MfABN&img=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/sx?gdpr=0&gdpr_consent= HTTP 303
  • https://sync.search.spotxchange.com/partner?adv_id=8304&uid=AAD9KU7GDgoAABMQ-KCgjw&gdpr=0 HTTP 302
  • https://sync.springserve.com/usersync?redirect_url=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D8876%26uid%3DSS_UUID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8876&uid=af99dbf2-1628-441e-8880-4f6c398bdd41 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=44&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7308&uid=ac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=30&redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6653%26uid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6653&uid=b9936307-0516-4500-b3ae-7b63940e6617&gdpr=0&gdpr_consent=
Request Chain 442
  • https://ad.360yield.com/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=7a6a2a8e-bcf4-4ed3-9df8-974d3b475beb
Request Chain 443
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191730&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D&s=191730&C=1 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=YwcFFiEqvqgxgytikig15QAA%26468
Request Chain 444
  • https://ups.analytics.yahoo.com/ups/58427/occ HTTP 302
  • https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-T4gubExE2uHl11yJqiA0EIqbv8Nl_EL6mCu_FFk-~A
Request Chain 446
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsovrn%3Fchanneluid%3D%24UID HTTP 307
  • https://s.seedtag.com/cs/cookiesync/sovrn?channeluid=FNAZaQZHODOZrd-dQ5WMojSM
Request Chain 460
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&dcc=t
Request Chain 461
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2fa9fdb29%26visitor%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=7412760816595641933&gdpr=0&gdpr_consent=
Request Chain 462
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26visitor%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=7412760816595641933&gdpr=0&gdpr_consent=
Request Chain 464
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=adyoulike HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=adyoulike HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=2938986838554184882&ssp=adyoulike HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=ce95d937-04dc-4d9f-a5f7-40c522420de0&name=BIDSWITCH
Request Chain 466
  • https://creativecdn.com/cm-notify?pi=adyoulike HTTP 302
  • https://creativecdn.com/cm-notify?pi=adyoulike&tc=1 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=v9oQfujxQcoR0TJPtVBy&name=RTB_HOUSE&pi=adyoulike&tc=1
Request Chain 467
  • https://match.prod.bidr.io/cookie-sync/aul HTTP 303
  • https://match.prod.bidr.io/cookie-sync/aul?_bee_ppp=1 HTTP 303
  • https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAD9KU7GDgoAABMQ-KCgjw&name=BEESWAX
Request Chain 468
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=f392b494-04f1-4190-8b81-965c828ca97a&name=THE_TRADE_DESK
Request Chain 469
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdpr_consent= HTTP 307
  • https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=49a415b1-b09f-4e1b-9d32-f3f5e3270315%20&gdpr_consent=null&gdpr=0
Request Chain 470
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visitor%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=ZkrtzuAFEUlvAYJ9b3aF&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGNZQW2ZJ5LJCU2QKOKRAV6TSBKREVMRK7GFPTEJTUORWD2NZSGATHK2LEHVTDEZBZGEZTMY3GGUZWIZLEMU3WMOBTMJQTCNRRG4YWCMZXMZSGIJTWNFZWS5DPOI6VU23SOR5HKQKGIVKWY5SBLFFDSYRTMFDA&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGNZQW2ZJ5LJCU2QKOKRAV6TSBKREVMRK7GFPTEJTUORWD2NZSGATHK2LEHVTDEZBZGEZTMY3GGUZWIZLEMU3WMOBTMJQTCNRRG4YWCMZXMZSGIJTWNFZWS5DPOI6VU23SOR5HKQKGIVKWY5SBLFFDSYRTMFDA HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=ZkrtzuAFEUlvAYJ9b3aF
Request Chain 471
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visitor%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=4BFK5PS6DwFZltdDeQ6H&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGNZQW2ZJ5LJCU2QKOKRAV6QSBJZHEKURGOR2GYPJXGIYCM5LJMQ6WEZDFMY3GEZBZGVRDONBVGBRDIZJWGJQTGMTEMI4GGN3EHBRTSZBGOZUXG2LUN5ZD2NCCIZFTKUCTGZCHORS2NR2GIRDFKE3EQ&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGNZQW2ZJ5LJCU2QKOKRAV6QSBJZHEKURGOR2GYPJXGIYCM5LJMQ6WEZDFMY3GEZBZGVRDONBVGBRDIZJWGJQTGMTEMI4GGN3EHBRTSZBGOZUXG2LUN5ZD2NCCIZFTKUCTGZCHORS2NR2GIRDFKE3EQ HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=4BFK5PS6DwFZltdDeQ6H
Request Chain 472
  • https://sync.e-volution.ai/4460e88f3323cf4d9f4263656a846075.gif?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dfcd0c0bfff5af32579cdcdb6ff804bf8%26visitor%3D%5BUID%5D%26name%3Devolution&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=fcd0c0bfff5af32579cdcdb6ff804bf8&visitor=13726d7f-6977-4550-a7db-0cdae1a573f6&name=evolution
Request Chain 473
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_user_id%7D HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=080e220407f59d2375b542c5
Request Chain 474
  • https://sync.srv.stackadapt.com/sync?nid=33 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-0d2b4646-3d15-49a0-4f06-5fd873817560$ip$167.88.7.162&name=STACKADAPT
Request Chain 475
  • https://ads.stickyadstv.com/user-matching?id=3538&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=7ab967d40b91570ff51c4cdaa51fe5d6&name=FREEWHEEL&visitor=fe54cc25c25d36983adbdcfa7f1e5df
Request Chain 476
  • https://sync.search.spotxchange.com/partner?adv_id=8778&redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D5a6dfefcb43521ff293762793ad668db%26visitor%3D%24SPOTX_USER_ID%26name%3DSPOTX HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=5a6dfefcb43521ff293762793ad668db&visitor=b7a4120e-2434-11ed-a1bf-1184b4c80503&name=SPOTX
Request Chain 477
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=61ce30ab-3031-4665-ab46-6176ea45d255&name=BIDTELLECT
Request Chain 489
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Request Chain 491
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Request Chain 494
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=b9936307-0516-4500-b3ae-7b63940e6617&gdpr=1&gdpr_consent=
Request Chain 496
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7412760816595641933
Request Chain 498
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgtNr4Jd20-r3Nd-_YE-r02yv7iWZPZ91Gg
Request Chain 500
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=6mON_wj9cjVVAHwHbQc8chvp3hRGSuH1Uhy8wk7geOI
Request Chain 502
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESECkUQc7MQb3vaAN2yO4JSeQ&google_cver=1
Request Chain 503
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=60863dfcb0300d88&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAEzq8HA9WfKgMI9uhdAAAAAAA&expiration=1661490838&is_secure=true
Request Chain 505
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=f392b494-04f1-4190-8b81-965c828ca97a&gdpr=0&gdpr_consent=
Request Chain 510
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 511
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1661404438471.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Request Chain 512
  • https://ssc-cms.33across.com/ps/?_=1661404438471.&ri=0010b00002MptHCAAZ&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X HTTP 302
  • https://s.seedtag.com/cs/cookiesync/33across?channeluid=211953387054738
Request Chain 513
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=the33across&bsw_param=ce95d937-04dc-4d9f-a5f7-40c522420de0&google_hm=Y2U5NWQ5MzctMDRkYy00ZDlmLWE1ZjctNDBjNTIyNDIwZGUw HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEIDBcEaPwoKFCl6lH1849VY&google_cver=1&ssp=the33across&bsw_param=ce95d937-04dc-4d9f-a5f7-40c522420de0 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=ce95d937-04dc-4d9f-a5f7-40c522420de0 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=ce95d937-04dc-4d9f-a5f7-40c522420de0&ts=1661404439&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 514
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1661404438471.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=b9936307-0516-4500-b3ae-7b63940e6617
Request Chain 515
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-H2suebFE2uFmQvpVK.YNZK2pcDW85jNB~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-H2suebFE2uFmQvpVK.YNZK2pcDW85jNB%7EA&ts=1661404438&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 516
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=321a8abee5440d88&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAInp0402VtUwMtOkq7AAAAAAA&expiration=1661490838&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAInp0402VtUwMtOkq7AAAAAAA&ts=1661404439&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 519
  • https://sync.1rx.io/usersync2/lkqd HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=540383273 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/f392b494-04f1-4190-8b81-965c828ca97a HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D7%26partnerUserId%3DRX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005
Request Chain 520
  • https://x.bidswitch.net/sync?ssp=lkqd HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=lkqd&bsw_custom_parameter=ce95d937-04dc-4d9f-a5f7-40c522420de0 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=lkqd&bsw_custom_parameter=ce95d937-04dc-4d9f-a5f7-40c522420de0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=f968a81c-24b9-43f6-bccc-4d204b63a3c4&user_group=1&ssp=lkqd&bsw_param=ce95d937-04dc-4d9f-a5f7-40c522420de0 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=12&partnerUserId=ce95d937-04dc-4d9f-a5f7-40c522420de0&redirect=%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D43%26partnerUserId%3Dce95d937-04dc-4d9f-a5f7-40c522420de0%26redirect%3D%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D46%2526partnerUserId%253Dce95d937-04dc-4d9f-a5f7-40c522420de0 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=43&partnerUserId=ce95d937-04dc-4d9f-a5f7-40c522420de0&redirect=//cs.lkqd.net/cs?partnerId%3D46%26partnerUserId%3Dce95d937-04dc-4d9f-a5f7-40c522420de0 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=46&partnerUserId=ce95d937-04dc-4d9f-a5f7-40c522420de0
Request Chain 521
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D13%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=13&partnerUserId=49a415b1-b09f-4e1b-9d32-f3f5e3270315
Request Chain 522
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=e0d6q5j&ttd_tpi=1 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=22&partnerUserId=f392b494-04f1-4190-8b81-965c828ca97a
Request Chain 523
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3162 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3162&s_h=1 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=23&partnerUserId=836fed23-7215-42d7-a9cd-46dcadc71f24
Request Chain 525
  • https://media.sabio.us/imp_pixel?invsrc=11&secure=1 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=39&partnerUserId=3186156469227133224
Request Chain 526
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd&s_h=1 HTTP 302
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=836fed23-7215-42d7-a9cd-46dcadc71f24&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1266 HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/836fed23-7215-42d7-a9cd-46dcadc71f24/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F HTTP 302
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F HTTP 302
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=836fed23-7215-42d7-a9cd-46dcadc71f24?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1262 HTTP 302
  • https://tags.bluekai.com/site/5379?id=836fed23-7215-42d7-a9cd-46dcadc71f24&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1263 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=281&buid=836fed23-7215-42d7-a9cd-46dcadc71f24&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265
Request Chain 527
  • https://sync-tm.everesttech.net/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D HTTP 302
  • https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YwcFFQACNb5MfABN
Request Chain 528
  • https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D53%26partnerUserId%3D%25%25VGUID%25%25 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=53&partnerUserId=Q6k5Ho6QyMMh&ev=1&pid=561322
Request Chain 530
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=c1ROSTlma1JST0E HTTP 302
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEI9GgYVgUKMu2vY45oqh87k&google_cver=1
Request Chain 531
  • https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=76&gdpr=0&partnerUserId=m2LBm51kwJqAM8ablDDcnM9lw5SAMJOYmmg8JMNc
Request Chain 532
  • https://match.prod.bidr.io/cookie-sync/lkq HTTP 303
  • https://match.prod.bidr.io/cookie-sync/lkq?_bee_ppp=1 HTTP 303
  • https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAD9KU7GDgoAABMQ-KCgjw
Request Chain 533
  • https://a.tribalfusion.com/i.match?p=b30&u=sTNI9fkRROA&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b30&u=sTNI9fkRROA&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662273532428326
Request Chain 534
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=118 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=ac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553%26partner_url%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D97%2526partnerUserId%253Dac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553
Request Chain 535
  • https://s.ad.smaato.net/c/?adExInit=v HTTP 302
  • https://s.ad.smaato.net/c/?adExInit=v&cookieCheck=1 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=109&partnerUserId=b4a6277b
Request Chain 547
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=seedtag&khaos=L78LAY60-1Y-88US HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=L78LAY60-1Y-88US
Request Chain 562
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f392b494-04f1-4190-8b81-965c828ca97a&gdpr=0&gdpr_consent=&expires=30
Request Chain 563
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc4TEFZNjAtMVktODhVUw==
Request Chain 564
  • https://id.rlcdn.com/709414.gif HTTP 307
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Request Chain 565
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/9Xttg-bKrYq9LQpqe5Rgdcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1492735796315124983
Request Chain 566
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L78LAY60-1Y-88US
Request Chain 567
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTFmN2U4NTFjNGMwNzM1YzQ5YTRlOTk0MzA3YzZhYWI0NDFjMTNlYw
Request Chain 568
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECbhBv2KRW5KngDWRpgkxKM&google_cver=1
Request Chain 569
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=T7Fr36hJSV-c7vmsOng--Q&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=T7Fr36hJSV-c7vmsOng--Q
Request Chain 572
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YwcFFQACNb5MfABN&gdpr=0&gdpr_consent=
Request Chain 573
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b9936307-0516-4500-b3ae-7b63940e6617&gdpr=0&gdpr_consent=
Request Chain 574
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEOUtVN0dEZ29BQUJNUS1LQ2dqdw&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAD9KU7GDgoAABMQ-KCgjw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas,pp,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD9KU7GDgoAABMQ-KCgjw
Request Chain 575
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=b9bcf920-2434-11ed-9deb-2ee29163ff26
Request Chain 577
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 578
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=DStGRj0VSaBPBl_Yc4F1YKdYB6I
Request Chain 579
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:iEZ61Qhz1Or5bN5&gdpr=0&gdpr_consent=
Request Chain 580
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=688269761907
Request Chain 581
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 582
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=dc4f063f-f7b8-45c6-a293-d1cc572e3038&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4
Request Chain 583
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005&rndcb=3959895559 HTTP 302
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=adconductor&bsw_custom_parameter=ce95d937-04dc-4d9f-a5f7-40c522420de0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=ce95d937-04dc-4d9f-a5f7-40c522420de0&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dadconductor%26bsw_param%3Dce95d937-04dc-4d9f-a5f7-40c522420de0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=35311a1f-8b8c-4ce6-925a-329ee2037a4d%252Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D393%2526user_id%253D0%2526ssp%253Dadconductor%2526bsw_param%253Dce95d937-04dc-4d9f-a5f7-40c522420de0&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f392b494-04f1-4190-8b81-965c828ca97a&ttd_puid=35311a1f-8b8c-4ce6-925a-329ee2037a4d%2Chttps%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dadconductor%26bsw_param%3Dce95d937-04dc-4d9f-a5f7-40c522420de0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=adconductor&bsw_param=ce95d937-04dc-4d9f-a5f7-40c522420de0 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/ce95d937-04dc-4d9f-a5f7-40c522420de0?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D708476%26extuid%3DRX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005
Request Chain 584
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Request Chain 585
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7146908391105684336&uid=Q7146908391105684336&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7146908391105684336
Request Chain 587
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Fsay_w7nSxqLjFcGg-xXxA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 588
  • https://idsync.rlcdn.com/420486.gif?partner_uid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4 HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=a643c133815814059bf820cefad24df11989064d79f0e9e445365b2e8eb945f7791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBhNjQzYzEzMzgxNTgxNDA1OWJmODIwY2VmYWQyNGRmMTE5ODkwNjRkNzlmMGU5ZTQ0NTM2NWIyZThlYjk0NWY3NzkxNDI2YjU0MTdkY2UyMRAAGgwIl4qcmAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBhNjQzYzEzMzgxNTgxNDA1OWJmODIwY2VmYWQyNGRmMTE5ODkwNjRkNzlmMGU5ZTQ0NTM2NWIyZThlYjk0NWY3NzkxNDI2YjU0MTdkY2UyMRAAGgwIl4qcmAYSBAgCEABCAEoA&google_gid=CAESEBUOm74xS29LNCthdG1ed6c&google_cver=1 HTTP 307
  • https://usermatch.krxd.net/um/v2?partner=liveramp_identity
Request Chain 589
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b9936307-0516-4500-b3ae-7b63940e6617
Request Chain 590
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTZDNkIyRkYtMEVFNy00QjFBLThCOEMtNTcwNjgzRUM1N0M0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 591
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENLEqg5jVyahLHe9rFjerEc&google_cver=1
Request Chain 592
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3E9CCFB3269E467B9622CCC5F9172B9A
Request Chain 593
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4133760157365559211&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 594
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f392b494-04f1-4190-8b81-965c828ca97a
Request Chain 596
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-IXMmn81E2uXH3eBjYY2nll3KiJ6lpC4-~A&gdpr=0&gdpr_consent=
Request Chain 597
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3b6c1c42bb8d0d88&is_secure=true&networkId=17100&version=1&nuid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAEzq8HA9WfNwNAS1JfAAAAAAA&expiration=1661490839&nuid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 598
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=aLjWWm6-11tz6dFaZ-rLXTy_1FVz6oRZabKDRwhB
Request Chain 599
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4c12d306-7bd7-45ec-a97a-8304a6a92f40&gdpr=0&gdpr_consent=
Request Chain 600
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7412760816595641933&gdpr=0&gdpr_consent=
Request Chain 602
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=ac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553&gdpr=0&gdpr_consent=
Request Chain 603
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B342_F5267841_E6DDDAF5&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 604
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=ce95d937-04dc-4d9f-a5f7-40c522420de0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=ac760d52-1f1a-400d-96a6-ce79bebf6dfd&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ce95d937-04dc-4d9f-a5f7-40c522420de0&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 605
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2938986838554184882
Request Chain 606
  • https://sync.aniview.com/ssync?pid=5e0e296628a061270b21ccab&r=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3De8ecb87ff2ef3a3b16ba16c51e7986ac%26visitor%3D%5BAV_UID%5D%26name%3DOPENWEB_VIDEO&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=e8ecb87ff2ef3a3b16ba16c51e7986ac&visitor=57064f8d-a433-4deb-abfa-d29f4601b0af&name=OPENWEB_VIDEO
Request Chain 609
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fdcm%3Fpid%3Df7a5db36-1d5c-4c26-81b6-b4d0807faffb%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=1526083351859992907&gdpr=0&gdpr_consent=
Request Chain 610
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MTUyNjA4MzM1MTg1OTk5MjkwNw==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEHtnxbRFVyOM6Nn2N7ZkwhA&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 611
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=7412760816595641933&gdpr=0&gdpr_consent=
Request Chain 612
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=b9936307-0516-4500-b3ae-7b63940e6617&gdpr=0&gdpr_consent=
Request Chain 613
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fuid%3D[sas_uid]&gdpr_consent=&nwid=2441/ HTTP 302
  • https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=1526083351859992907
Request Chain 614
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.richaudience.com%2Fa939d25b950298d0a5d324cea4fcd3d1%2F%3Fuid%3D$UID HTTP 302
  • https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=7412760816595641933
Request Chain 615
  • https://id5-sync.com/s/286/9.gif?puid=05f21773-f47a-411e-9835-1zz1661404438&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.richaudience.com%2Fa6c163b098d05a413cd1682e26fae172%2F%3Fuid%3D%7BID5UID%7D HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAD9KU7GDgoAABMQ-KCgjw
Request Chain 620
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&khaos=L78LAY60-1Y-88US HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=L78LAY60-1Y-88US&name=RUBICON
Request Chain 621
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=b4a6277b
Request Chain 622
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=3E9CCFB3269E467B9622CCC5F9172B9A&ex=simpli.fi&status=ok
Request Chain 623
  • https://jadserve.postrelease.com/suid/101959?ntv_r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dnativo.com%26id%3DNTV_USER_ID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=9adff691-ed5d-479d-b514-d1110f5a2550
Request Chain 624
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=L78LAY60-1Y-88US HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=L78LAY60-1Y-88US HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L78LAY60-1Y-88US&ts=1661404439&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 630
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=6787ac86c57e0c8f&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAEdjib_cKtugMRVkoTAAAAAAA&expiration=1661490839&is_secure=true
Request Chain 631
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=7412760816595641933&ex=appnexus.com
Request Chain 632
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2850636057255575426400
Request Chain 653
  • https://ups.analytics.yahoo.com/ups/58558/occ HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=488792&extuid=y-T4gubExE2uHl11yJqiA0EIqbv8Nl_EL6mCu_FFk-~A
Request Chain 655
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=7412760816595641933
Request Chain 656
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005&rndcb=3848292515 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=ce95d937-04dc-4d9f-a5f7-40c522420de0&google_hm=Y2U5NWQ5MzctMDRkYy00ZDlmLWE1ZjctNDBjNTIyNDIwZGUw HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEIDBcEaPwoKFCl6lH1849VY&google_cver=1&ssp=adconductor&bsw_param=ce95d937-04dc-4d9f-a5f7-40c522420de0 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/ce95d937-04dc-4d9f-a5f7-40c522420de0?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005
Request Chain 657
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D%24%7BUID%7D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=bbe78f5c-cbd0-47ef-b8be-a7cffd6cd09d
Request Chain 659
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Fredir%3Dhttps%253A%252F%252Fvisitor.omnitagjs.com%252Fvisitor%252Fsync%253Fuid%253D9f93135e824096b627ff609f5cdee636%2526visitor%253D%257Buid%257D%2526name%253DOPENWEB HTTP 302
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D9f93135e824096b627ff609f5cdee636%26visitor%3D%7Buid%7D%26name%3DOPENWEB HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=26228ea582814d32&name=OPENWEB
Request Chain 662
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D57064f8d-a433-4deb-abfa-d29f4601b0af%26biddername%3D55%26key%3D%24UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=57064f8d-a433-4deb-abfa-d29f4601b0af&biddername=55&key=7412760816595641933
Request Chain 663
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Request Chain 664
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D57064f8d-a433-4deb-abfa-d29f4601b0af%26biddername%3D2%26key%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=57064f8d-a433-4deb-abfa-d29f4601b0af&biddername=2&key=b7a4120e-2434-11ed-a1bf-1184b4c80503
Request Chain 665
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D57064f8d-a433-4deb-abfa-d29f4601b0af%26biddername%3D72%26pid%3D5e0e296628a061270b21ccab%26key%3D%7BuserId%7D HTTP 302
  • https://tags.bluekai.com/site/17724?id=ac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D57064f8d-a433-4deb-abfa-d29f4601b0af%26biddername%3D72%26pid%3D5e0e296628a061270b21ccab%26key%3Dac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=57064f8d-a433-4deb-abfa-d29f4601b0af&biddername=72&pid=5e0e296628a061270b21ccab&key=ac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553
Request Chain 667
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=dVd1TlMzeWU1NzFhWmRsM3hWSDg5Zw&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESELlVgrr-X_DkIcRpsEM6dd0&google_cver=1
Request Chain 668
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=31c5401296010cb7&is_secure=true&networkId=14200&version=1&nuid= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAEzq8HA9WfRQNXsbifAAAAAAA&expiration=1661490839&nuid=&is_secure=true
Request Chain 670
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f392b494-04f1-4190-8b81-965c828ca97a&expiration=1663996439&gdpr=0&gdpr_consent=
Request Chain 671
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YwcFFiEqvqgxgytikig15QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJ-fnXC2YIyqIitxXHLpWW4&google_cver=1
Request Chain 673
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YwcFFiEqvqgxgytikig15QAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAlLal_DCrqs217s0xqcj_c&google_cver=1
Request Chain 674
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=4BFK5PS6DwFZltdDeQ6H&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2NCCIZFTKUCTGZCHORS2NR2GIRDFKE3EQ HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2NCCIZFTKUCTGZCHORS2NR2GIRDFKE3EQ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=4BFK5PS6DwFZltdDeQ6H
Request Chain 675
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=93113cb9-e328-4c2e-b34a-9991d55dc977
Request Chain 676
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YwcFFiEqvqgxgytikig15QAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YwcFFiEqvqgxgytikig15QAAAdQAAAIB
Request Chain 680
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=fe54cc25c25d36983adbdcfa7f1e5df&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3dnull&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=eb2a1_7135677735229362965&gdpr=0&gdpr_consent=null HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZmU1NGNjMjVjMjVkMzY5ODNhZGJkY2ZhN2YxZTVkZg==&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEG0Wq4BRZBhjS2gABp9kSa0&google_cver=1&gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=f392b494-04f1-4190-8b81-965c828ca97a HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/fe54cc25c25d36983adbdcfa7f1e5df?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-ItZDHJdE2oOnPKGc.qGRG.LCS3ggetcoEc1ftiqu~A HTTP 302
  • https://usersync.octillion.tv/fw HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1554userId=cd078586-9b7a-4fab-9889-34e181b61ebd
Request Chain 684
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=f392b494-04f1-4190-8b81-965c828ca97a&gdpr=0&gdpr_consent=
Request Chain 685
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=61ce30ab-3031-4665-ab46-6176ea45d255&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Request Chain 686
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=7412760816595641933
Request Chain 687
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=7412760816595641933
Request Chain 688
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-fnXC2YIyqIitxXHLpWW4&google_cver=1
Request Chain 689
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwcFFiEqvqgxgytikig15QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-fnXC2YIyqIitxXHLpWW4&google_cver=1
Request Chain 690
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPSJN6PSOWssHdkcds62kHQ&google_cver=1
Request Chain 691
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQxMjc2MDgxNjU5NTY0MTkzMw%3D%3D
Request Chain 692
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=7412760816595641933
Request Chain 693
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_5349e29e-e573-463a-8042-728d103ee39b&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=d666fe2e-869f-4d4b-87b8-12e8f1df79be&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=ce95d937-04dc-4d9f-a5f7-40c522420de0
Request Chain 694
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28VA0xnkEo53AA9mHXGnnXuSoYAJ-ZE7Rp7annoNiYD60TqT1euGUpHrMKqAJUGotx%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28VA0xnkEo53AA9mHXGnnXuSoYAJ-ZE7Rp7annoNiYD60TqT1euGUpHrMKqAJUGotx%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_5349e29e-e573-463a-8042-728d103ee39b&obuid=ENC(VA0xnkEo53AA9mHXGnnXuSoYAJ-ZE7Rp7annoNiYD60TqT1euGUpHrMKqAJUGotx) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://dsp.adfarm1.adition.com/cookie/?ssp=25 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7135677739533858959
Request Chain 695
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=7504a4e3-5a5a-4c50-b449-7737b4671356
Request Chain 696
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-0d2b4646-3d15-49a0-4f06-5fd873817560$ip$167.88.7.162
Request Chain 697
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-F7AlrO1E2peDWrw_jNbbaAkfRJInYusxzsAj~A
Request Chain 698
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=4c12d306-7bd7-45ec-a97a-8304a6a92f40
Request Chain 699
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=34D0F340BBB6452EA27D42C1AC0AC8BC
Request Chain 700
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP 303
  • https://usersync.gumgum.com/usersync?b=dit&i=di_aabd891a9a2b4d83a138e
Request Chain 701
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_5349e29e-e573-463a-8042-728d103ee39b&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=4BFK5PS6DwFZltdDeQ6H&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHU2EERSLGVIFGNSEO5DFU3DUMRCGKUJWJA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHU2EERSLGVIFGNSEO5DFU3DUMRCGKUJWJA HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=4BFK5PS6DwFZltdDeQ6H
Request Chain 702
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=7a6a2a8e-bcf4-4ed3-9df8-974d3b475beb
Request Chain 703
  • https://sync.1rx.io/usersync2/floor6?gdpr=&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F1506%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=5112774868 HTTP 302
  • https://sync.1rx.io/usersync3/centro/1506/ac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553?zcc=0&sspret=1&rndcb=5112774868 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005
Request Chain 704
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=Q6k5Ho6QyMMh&ev=1&pid=558355
Request Chain 705
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=1526083351859992907
Request Chain 709
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 715
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=globo.com&sn=ChromeSyncframe&so=3&topUrl=glamour.globo.com&bundle=i5QzMF92NXpJUjJwNG85cjlzZHpZYTQzcTRFJTJGSGJJQzd4emR4aHF1JTJCQ051SW5HSzhuTWtqV2ZSR3htNktkVCUyRmg0ODgxdThFTVlOdWIlMkZjR2dzUTBSN2VNckhYSW4lMkZhSHNhZlRlUWhWT3NQRzhlVSUyRkZOMCUyQlZhTWk2T3c0VjdxTm4zMlBVWW44a2JBT3lsejVCYlVCOXhSVzcydyUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=7qw493xzUFZVM0hUSll3VHhTL0k3M0c1MGhYQWJoSURLRWpaWUc2MzVteURxZGV5RlA2Qk1EWng5Z0xLWit3WFVSckk2YWRGNE1IUW1Samg0NXpPeWRmOTFHUlh4ZGpaak9jYTU5UEZ4ZmNMcEJoUEhNdHNleHV1bWIxaXI0WnpRaytyU2UvQVBYTVNoR244NzMyQXEyVXROQXk3bnpQczRyanpYcVJ5YmkrZER5bVhYK3pOaHdsYk1qdDdTcmdTRyt5cEcvWTU4RTdabS9va1c0bnpZWDlXSlptVEpOdjRvRndoUXBwMm5aSnBzeU1BK2tBTFZ2ODkrZ1YrK1JXR3BmZGkzVW5oRG1QRDRQQWs1RW5IcVk5bzc4Zz09fA&cppv=2
Request Chain 722
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=1eo9jUQpnoIYoddd-cZ0_X0-nCVCo1LHUx8KEgShFdY
Request Chain 724
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=b9936307-0516-4500-b3ae-7b63940e6617&gdpr=1&gdpr_consent=
Request Chain 726
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7412760816595641933
Request Chain 729
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESECkUQc7MQb3vaAN2yO4JSeQ&google_cver=1
Request Chain 730
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=367b5a0bc1350c8f&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAEhG6WkJB6lgMzD6MrAAAAAAA&expiration=1661490840&is_secure=true
Request Chain 732
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=f392b494-04f1-4190-8b81-965c828ca97a&gdpr=0&gdpr_consent=
Request Chain 734
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=b9936307-0516-4500-b3ae-7b63940e6617&gdpr=&gdpr_consent=
Request Chain 735
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=YwcFFQACNb5MfABN&gdpr=&gdpr_consent=
Request Chain 738
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=f392b494-04f1-4190-8b81-965c828ca97a
Request Chain 739
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=7412760816595641933&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&i=7412760816595641933brt54361661404439995180b7
Request Chain 740
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=YwcFGMCo8YsAAGFHD0UAAAAA
Request Chain 741
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=YwcFFiEqvqgxgytikig15QAA%26468
Request Chain 742
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=v9oQfujxQcoR0TJPtVBy&pi=gumgum
Request Chain 743
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 745
  • https://px.owneriq.net/ecmg?google_gid=CAESEP8VHVMmZ7I_EruHCQmuNqE&google_cver=1&google_push=AehlK4A0wfjFGt3PzbYhBNWeOzMUDxwCdPEPMDXbgcN2i4Hgibevmfzt6cXjyD2vWMtiL9KJ_oD9BYW19la7kg8H2IyHyVn6K34G5dzokDnBrgNsJAaJuvjAV-bnu7Yky8WF574ksmRy-oY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AehlK4A0wfjFGt3PzbYhBNWeOzMUDxwCdPEPMDXbgcN2i4Hgibevmfzt6cXjyD2vWMtiL9KJ_oD9BYW19la7kg8H2IyHyVn6K34G5dzokDnBrgNsJAaJuvjAV-bnu7Yky8WF574ksmRy-oY&google_cver=1&google_gid=CAESEP8VHVMmZ7I_EruHCQmuNqE&google_hm=UTcxNDY5MDgzOTExMDU2ODQzMzZQ
Request Chain 746
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECZemA3XhkustYxw4oGb34Y&google_cver=1&google_push=AehlK4CiGII6jpK4oaYFjL3KbKpRKlXVbjpUgocH7AWELtps0cQMWoqQUbyBkXq1OUmx5EiRfe3qZbVIUASdPb3o24xU5hoGa881aGrpFWfMD1UE114v5oOub7n-tJwrT74njDuZAa8_7w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aUVaNjFRaHoxT3I1Yk41&google_gid=CAESECZemA3XhkustYxw4oGb34Y&google_cver=1&google_push=AehlK4CiGII6jpK4oaYFjL3KbKpRKlXVbjpUgocH7AWELtps0cQMWoqQUbyBkXq1OUmx5EiRfe3qZbVIUASdPb3o24xU5hoGa881aGrpFWfMD1UE114v5oOub7n-tJwrT74njDuZAa8_7w
Request Chain 747
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEDYfQoeFMrsCAXvvqNFSZck&google_cver=1&google_push=AehlK4B0ooyyqUQrXcz9vBXLTF1HboDaTAYovUKPgn02ibLNAgZ_FcmkG8sQariq0-6cNiyKU6km0syy4JMgwfuT5TmtefoNiXxn8ahVLqDhoh0Is-CkyG1W7gClIpIXLIHucuBSNC7mUQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WXdjRkZRQUNOYjVNZkFCTg==&google_gid=CAESEDYfQoeFMrsCAXvvqNFSZck&google_cver=1&google_push=AehlK4B0ooyyqUQrXcz9vBXLTF1HboDaTAYovUKPgn02ibLNAgZ_FcmkG8sQariq0-6cNiyKU6km0syy4JMgwfuT5TmtefoNiXxn8ahVLqDhoh0Is-CkyG1W7gClIpIXLIHucuBSNC7mUQ
Request Chain 748
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=AehlK4D2hml7D4OLTG5-lyUX1rvaC684a8cERbpyhRizFawW6U8H7prTOZ1__PLIV0RUuBbvzXBKuHXDIKmZVVSuqG36lPVh8ZJcXHu69ime7QUBSurpUhDH8M81UxdtfVhB6tToPIlotMY&google_gid=CAESEN3c1fTgBpDOVnHzvBr4ndY&google_cver=1 HTTP 302
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AehlK4D2hml7D4OLTG5-lyUX1rvaC684a8cERbpyhRizFawW6U8H7prTOZ1__PLIV0RUuBbvzXBKuHXDIKmZVVSuqG36lPVh8ZJcXHu69ime7QUBSurpUhDH8M81UxdtfVhB6tToPIlotMY&google_gid=CAESEN3c1fTgBpDOVnHzvBr4ndY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AehlK4D2hml7D4OLTG5-lyUX1rvaC684a8cERbpyhRizFawW6U8H7prTOZ1__PLIV0RUuBbvzXBKuHXDIKmZVVSuqG36lPVh8ZJcXHu69ime7QUBSurpUhDH8M81UxdtfVhB6tToPIlotMY&google_hm=ARzIwV8l0Nl3ks8ADsd_tJCaJMA
Request Chain 750
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESED-cGYRIFCaSy2zJP2jjwLY&google_cver=1&google_push=AehlK4AjktPQZ0qHMsSnF7BVtMTZY4yS_JNS0rAkb5allHAswxDEsc_Q2IyqrLv-erNBwgmS2fgsbskDYhKkhWZzHqJSMManCtzcXMKAyQYYm_UdbLXJugcqsWywx6ngMXYLAGDzMLqA7w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Fsay_w7nSxqLjFcGg-xXxA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4AjktPQZ0qHMsSnF7BVtMTZY4yS_JNS0rAkb5allHAswxDEsc_Q2IyqrLv-erNBwgmS2fgsbskDYhKkhWZzHqJSMManCtzcXMKAyQYYm_UdbLXJugcqsWywx6ngMXYLAGDzMLqA7w
Request Chain 751
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEEo1iLAsz_5JsyVOu5gB3Qk&google_cver=1&google_push=AehlK4BO0uixntxKnyAJbk2_d8o17zMyEMROYj--tS-SDqktAvMuqPjI8gR-PWKUWX3m9HZL-r2smf681hzdgAu7dtDZmGb8cGLjeY90Ro9NjhASWH2vIFirZGjxa-01pOSZeZSKHZOesUo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4BO0uixntxKnyAJbk2_d8o17zMyEMROYj--tS-SDqktAvMuqPjI8gR-PWKUWX3m9HZL-r2smf681hzdgAu7dtDZmGb8cGLjeY90Ro9NjhASWH2vIFirZGjxa-01pOSZeZSKHZOesUo&google_hm=WXdjRkdNQ284WG9BQVB6NEt3c0FBQUFB
Request Chain 754
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZmU1NGNjMjVjMjVkMzY5ODNhZGJkY2ZhN2YxZTVkZg==&gdpr=0&gdpr_consent=
Request Chain 755
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=fe54cc25c25d36983adbdcfa7f1e5df&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 787
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17184&khaos=L78LAY60-1Y-88US HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=L78LAY60-1Y-88US
Request Chain 790
  • https://ssl.connextra.com/WynnBet/selector/image?client=WynnBet&placement=DDM_APN_SB_US_IN_Display_Impression_Pixel_1x1&_cb=1403933271&apnauc=8151531570527049412&bidid=8151531570527049412&dspid=3bc1d7fd2e HTTP 302
  • https://ssl.connextra.com/servlet/controller?service=DDM_SB_US_IN_Display_Impression_Pixel_1x1&pubhost=config.seedtag.com&image=image%2Fgif&client=WynnBet&placement=DDM_APN_SB_US_IN_Display_Impression_Pixel_1x1&_cb=1403933271&apnauc=8151531570527049412&bidid=8151531570527049412&dspid=3bc1d7fd2e
Request Chain 797
  • https://um.simpli.fi/gp_match?google_gid=CAESEC2Bb2z7jcGYBNJJB9KGjYM&google_cver=1&google_push=AehlK4BgWAoWup3u-DEb-6YTh2PB1DhP-VZECygrZjfssYx9MLv6VmNQCBiLYlzMqm_HI1p6umKWhoM1UVT--6cG7gcpdGP4mAZwjaMCP3OTFOzCWlgSyFa9B_ty7_J5OwTs30JFV7Gft2u7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3E9CCFB3269E467B9622CCC5F9172B9A&google_push=AehlK4BgWAoWup3u-DEb-6YTh2PB1DhP-VZECygrZjfssYx9MLv6VmNQCBiLYlzMqm_HI1p6umKWhoM1UVT--6cG7gcpdGP4mAZwjaMCP3OTFOzCWlgSyFa9B_ty7_J5OwTs30JFV7Gft2u7
Request Chain 798
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEN7K2nlfOaMg3Jw-QPWnfS4&google_cver=1&google_push=AehlK4B1iHdLy29iGd6CbD2yxQZIDorMJUo09XGVup_oLPXNQEgvmkefTj-Ago5CV6liVUHJF1B2ckabTN-xHi5FVq4CTAF-37kwqO6ZvwUNlTv96U7QKVXksJi2l-wMz5P5Y_emiWTdvm_7nw HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEN7K2nlfOaMg3Jw-QPWnfS4&google_cver=1&google_push=AehlK4B1iHdLy29iGd6CbD2yxQZIDorMJUo09XGVup_oLPXNQEgvmkefTj-Ago5CV6liVUHJF1B2ckabTN-xHi5FVq4CTAF-37kwqO6ZvwUNlTv96U7QKVXksJi2l-wMz5P5Y_emiWTdvm_7nw&prevuid=05030002_63070518da3cd&knw= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4B1iHdLy29iGd6CbD2yxQZIDorMJUo09XGVup_oLPXNQEgvmkefTj-Ago5CV6liVUHJF1B2ckabTN-xHi5FVq4CTAF-37kwqO6ZvwUNlTv96U7QKVXksJi2l-wMz5P5Y_emiWTdvm_7nw&google_hm=MDUwMzAwMDJfNjMwNzA1MThkYTNjZA%3D%3D
Request Chain 799
  • https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEN7K2nlfOaMg3Jw-QPWnfS4&google_cver=1&google_push=AehlK4A_GUf6fMzpRsz8Sct6Bks3VLBj1brWSGXPBG4lIoPMxhvUgXdx__7fOXS2sboIULffT-3bnivSvzTGhKAatjzT4HCJ6Eyn_w1m38moyn5D3aFQSaDjwJcjx05R6v-cJyniUGcDtOrDCw HTTP 302
  • https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEN7K2nlfOaMg3Jw-QPWnfS4&google_cver=1&google_push=AehlK4A_GUf6fMzpRsz8Sct6Bks3VLBj1brWSGXPBG4lIoPMxhvUgXdx__7fOXS2sboIULffT-3bnivSvzTGhKAatjzT4HCJ6Eyn_w1m38moyn5D3aFQSaDjwJcjx05R6v-cJyniUGcDtOrDCw&prevuid=04030002_63070518b4116&knw= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AehlK4A_GUf6fMzpRsz8Sct6Bks3VLBj1brWSGXPBG4lIoPMxhvUgXdx__7fOXS2sboIULffT-3bnivSvzTGhKAatjzT4HCJ6Eyn_w1m38moyn5D3aFQSaDjwJcjx05R6v-cJyniUGcDtOrDCw&google_hm=MDQwMzAwMDJfNjMwNzA1MThiNDExNg%3D%3D
Request Chain 800
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEJ7crAwBT7gtFVWaH3-Khu4&google_cver=1&google_push=AehlK4B4t-OJNDqk2kEfjV74T3pHgs1P1CGV8G6uE5-uohlqsY6sronoCDum3XqDcn814-0vcSTrWZ5vxHC62ALufC5EF9TYW_PLnKCv7CzciGeYVvFro81DBhBK6-ZNAnRaZEPJ8UOq3my0-w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4B4t-OJNDqk2kEfjV74T3pHgs1P1CGV8G6uE5-uohlqsY6sronoCDum3XqDcn814-0vcSTrWZ5vxHC62ALufC5EF9TYW_PLnKCv7CzciGeYVvFro81DBhBK6-ZNAnRaZEPJ8UOq3my0-w&google_hm=NEJGSzVQUzZEd0ZabHRkRGVRNkg=
Request Chain 801
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEDc6b_2ZqF1DD5V6ArUvh5Q&google_cver=1&google_push=AehlK4ABukSkxiH1og1H_C8Bg9QNr4aNqgDnmAOKAgGup6MpwK8A2FE5QBUB_aErWk7Nknfa3GA4zRKF4IUlWQ9ouXWZVyHybMkALC5mZj53C7xszhb7vjqGtWwAqD0rPCkgFvaqyxvalbwBaQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=DStGRj0VSaBPBl_Yc4F1YKdYB6I&google_push=AehlK4ABukSkxiH1og1H_C8Bg9QNr4aNqgDnmAOKAgGup6MpwK8A2FE5QBUB_aErWk7Nknfa3GA4zRKF4IUlWQ9ouXWZVyHybMkALC5mZj53C7xszhb7vjqGtWwAqD0rPCkgFvaqyxvalbwBaQ
Request Chain 802
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEBiPd289w-KuEyjrW4BUGfM&google_cver=1&google_push=AehlK4Batjmp9--4IC0w_GF_cRPWHQZX268KJsGMcm3dPSknuCt9-bGsgWe7ItOzynnSKMwKqM7SFTUshH-OR_w2Efvly69b0ZKVI4uQbyDHXTYLSuLpuD1Q44Nv6gO9gQZ-XDEl26hbx9_DH-k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=rHYNUh8aQA2Wps55vr9t_Q==&no_redirect=1&google_push=AehlK4Batjmp9--4IC0w_GF_cRPWHQZX268KJsGMcm3dPSknuCt9-bGsgWe7ItOzynnSKMwKqM7SFTUshH-OR_w2Efvly69b0ZKVI4uQbyDHXTYLSuLpuD1Q44Nv6gO9gQZ-XDEl26hbx9_DH-k
Request Chain 848
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 849
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=RyHUwfMiBie0bkVxGQUHYw
Request Chain 851
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=81181572-18f0-40ef-b32f-bbf09c56b563
Request Chain 854
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D HTTP 302
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
  • https://match.bnmla.com/usersync?dspid=6&uuid=3E9CCFB3269E467B9622CCC5F9172B9A HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D HTTP 307
  • https://match.bnmla.com/usersync?dspid=170&uuid=34D0F340BBB6452EA27D42C1AC0AC8BC HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=accd1af1-c842-451b-9d73-e43091cf9536
Request Chain 855
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3E9CCFB3269E467B9622CCC5F9172B9A
Request Chain 856
  • https://pixel.onaudience.com/?partner=214&mapped=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=59f616327039d82b HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1821a04c-d5bf-4814-527e-b33eb5d68ed3&reqId=d2788f05-3bcc-4821-40cb-c1a0b0daa10c&zcluid=59f616327039d82b&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEBK2-wYAkc2WHuoSZkW6RGU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1821a04c-d5bf-4814-527e-b33eb5d68ed3&reqId=d2788f05-3bcc-4821-40cb-c1a0b0daa10c&zcluid=59f616327039d82b&zdid=1332
Request Chain 857
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4&addseg=10,33,39
Request Chain 858
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 860
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7412760816595641933
Request Chain 861
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:16d9abf7-a0d1-4154-b85b-1fe4335d8615&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 892
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fglamour.globo.com%2F&domain=glamour.globo.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=94oQbHx4OHJDRmd0VUdLTlczUGhhRFdzMks0aExmdTlRUm4vKzhONkF0Yll1TmxNb011MG9NdXdZQ1NCYy9nWmYyMUljUFZnN21RUFM5YTFlNm4vclI2dEY4WG0wdTlkTkVxUlIrOWhCTmFsL2xzaTFXQUp3YzR5dk4zWHlsWFRVaG1GWmZiSTVSM3RwTkpicGV4NFcyUjhVWlRNQ2tnVnpQR3BYY0YvdDd5ZGRpMEw2NnpBcGxISHZCWUJoTEhsZ003ZGljTlRPeHdCSU9pcHFtSTJIblRobXpwejdCNGRhTVNVV2tlNHozM1pXY0NuZnVRUmNaR3MxSEtPdXo4ZnZjVUJQVFFQdmZYYklkYjJUUkRUdVg0SjdZdz09fA&cppv=2
Request Chain 904
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=bb6cea50-2434-11ed-aa3b-121f5922b911&companyId=673&id=pubmatic_id:16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4
Request Chain 906
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D35311a1f-8b8c-4ce6-925a-329ee2037a4d%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7412760816595641933&pt=35311a1f-8b8c-4ce6-925a-329ee2037a4d%2C
Request Chain 931
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=null%26userId%3D$UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=null&userId=7412760816595641933 HTTP 302
  • https://usersync.octillion.tv/fw?gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1554userId=cd078586-9b7a-4fab-9889-34e181b61ebd
Request Chain 937
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZmU1NGNjMjVjMjVkMzY5ODNhZGJkY2ZhN2YxZTVkZg==&gdpr=0&gdpr_consent=
Request Chain 939
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=fe54cc25c25d36983adbdcfa7f1e5df&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 965
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://usersync.octillion.tv/fw?gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1554userId=cd078586-9b7a-4fab-9889-34e181b61ebd
Request Chain 970
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZmU1NGNjMjVjMjVkMzY5ODNhZGJkY2ZhN2YxZTVkZg==&gdpr=0&gdpr_consent=
Request Chain 971
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=fe54cc25c25d36983adbdcfa7f1e5df&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 1010
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://usersync.octillion.tv/fw?gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1554userId=cd078586-9b7a-4fab-9889-34e181b61ebd
Request Chain 1013
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZmU1NGNjMjVjMjVkMzY5ODNhZGJkY2ZhN2YxZTVkZg==&gdpr=0&gdpr_consent=
Request Chain 1014
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=fe54cc25c25d36983adbdcfa7f1e5df&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 1040
  • https://unified.adsafeprotected.com/vevent/impression/1107969/64714900?ias_xadur=00:00:14:973&ias_xmtp=v&omidPartner=[OMIDPARTNER]&ias_xappb=[APPBUNDLE]&xsId=dc1624d1e07cc8124bb858433a9c5e89f0397f2e HTTP 303
  • https://pixel.adsafeprotected.com/rfw/st/1107969/64714900/skeleton.gif?xsId=dc1624d1e07cc8124bb858433a9c5e89f0397f2e&bundleId=%5BAPPBUNDLE%5D&xmtp=v&adsafe_jsinfo=mtp%3Av HTTP 302
  • https://static.adsafeprotected.com/skeleton.gif?xsId=dc1624d1e07cc8124bb858433a9c5e89f0397f2e&bundleId=%5BAPPBUNDLE%5D&xmtp=v
Request Chain 1041
  • https://ad.doubleclick.net/ddm/trackimp/N1726419.2666012TRADEDESK/B28136695.341381657;dc_trk_aid=533566089;dc_trk_cid=174908236;ord=1661404447507;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1726419.2666012TRADEDESK/B28136695.341381657;dc_pre=CImyuvCd4fkCFVisnwodC9oDlQ;dc_trk_aid=533566089;dc_trk_cid=174908236;ord=1661404447507;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=
Request Chain 1053
  • https://ads.stickyadstv.com/auto-user-sync?px=7169&listenerId=fe54cc25c25d36983adbdcfa7f1e5df HTTP 302
  • https://usersync.octillion.tv/fw HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1554userId=cd078586-9b7a-4fab-9889-34e181b61ebd

1053 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
sandramaria.online.anamarialopez.site/ 		86 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://sandramaria.online.anamarialopez.site/
Protocol
HTTP/1.1
Server
23.111.174.26 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
23-111-174-26.static.hvvc.us
Software
LiteSpeed /
Resource Hash
db57f7b8367ae1bb8bb3433600bdc6c921f4a38de2448b06e78e39b0d39bc46d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
accept-ranges
bytes
content-encoding
gzip
content-length
22890
content-type
text/html
date
Thu, 25 Aug 2022 05:13:50 GMT
last-modified
Wed, 24 Aug 2022 23:08:02 GMT
server
LiteSpeed
vary
Accept-Encoding
css2
fonts.googleapis.com/ 		20 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&family=Roboto:wght@400;500;600;700;800&family=Montserrat:wght@400;500;600;700;800&display=swap
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8959734e0b0c124041f185a33db62457657cea46dde82dfa207c23c9d94338e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 05:13:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 25 Aug 2022 05:13:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Aug 2022 05:13:51 GMT
launcher.js
launcher.hotmart.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://launcher.hotmart.com/launcher.js
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
HTTP/1.1
Server
44.194.46.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-46-109.compute-1.amazonaws.com
Software
/
Resource Hash
1690d9be98a0d0eae94c70bac71dbe9a8ba67fd946fb4f5ef3245d2c09253c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:13:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 25 Aug 2022 05:13:51 GMT
X-Frame-Options
DENY
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Connection
keep-alive
Content-Length
2619
X-XSS-Protection
1; mode=block
Expires
Thu, 25 Aug 2022 05:13:51 GMT
thumbnail.jpg
images.converteai.net/8ddefba4-aac6-4899-a661-0c2a387c3a1d/players/63000bbd8573c5000adaac4a/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.converteai.net/8ddefba4-aac6-4899-a661-0c2a387c3a1d/players/63000bbd8573c5000adaac4a/thumbnail.jpg
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-125.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ce2a30228c8617a4cae5c6ddcff421aa9f334e78e5fe233c0af9e6201207671f

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 07:25:58 GMT
via
1.1 f458ab1245bb4f257969c1da8e708f88.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 22:16:31 GMT
server
AmazonS3
age
78474
etag
"c2e7b24e1efe064e849f1144e74a2894"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
JFK50-P2
accept-ranges
bytes
content-length
1352
x-amz-cf-id
zRbQmBDMKJLWWvJK7vzsBXvocPj2d1v_DjLueUup7gI6BWqHUMeR8A==
player.js
scripts.converteai.net/8ddefba4-aac6-4899-a661-0c2a387c3a1d/players/63000bbd8573c5000adaac4a/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.converteai.net/8ddefba4-aac6-4899-a661-0c2a387c3a1d/players/63000bbd8573c5000adaac4a/player.js
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.39.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-39-28.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:52 GMT
content-encoding
br
last-modified
Wed, 24 Aug 2022 05:36:08 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
etag
W/"5ace145e97b4c8c6d78f9c811a97d2f9"
vary
Accept-Encoding, Origin
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 aa7679f2d01b23d9a66bfa6e92991b04.cloudfront.net (CloudFront)
x-amz-cf-id
mX6-7BeWe-sqbmfQ_QUL4e0kwHCcE53jiNybpEKlv4MyDAY2q4Dotg==
BYebue8924719.png
img.imageboss.me/atm/cdn/u/zJg3brTpNRd9kyL191yl19mfVaJ3/l/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.imageboss.me/atm/cdn/u/zJg3brTpNRd9kyL191yl19mfVaJ3/l/BYebue8924719.png
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4876 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:51 GMT
via
1.1 3b8efcb1738e7807d88ed1cff31b3f3a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
205305
cf-polished
origFmt=png, origSize=2019
x-cache
Hit from cloudfront
content-disposition
inline; filename="BYebue8924719.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1564
last-modified
Mon, 22 Aug 2022 20:12:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Ae%2BfDxAdZ6FCop4lkXQ0oTdAsV%2FgwzBzgWbffKuyI%2BXCjVxI7d8%2FeFshrHzCvAJEA4jd8eVwE%2FRHkltfYDDKGtLN7ol%2BJ1zAyDU1HhFUAo3KQvxULHSR3K2%2BH9%2FQtSl8D65V4MiRTeQCkjy01E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
ORD53-C1
accept-ranges
bytes
cf-ray
7401d73f7b322bff-ORD
x-amz-cf-id
YafND2x_pZFTFaKyLChJUNv78e-Ll0SKbVea9PFLMRBJiAaEttnEmg==
cf-bgj
imgq:100,h2pri
likes.png
img.imageboss.me/atm/cdn/p/ 		838 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.imageboss.me/atm/cdn/p/likes.png
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4876 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:51 GMT
via
1.1 9ac9ad92db3824c1d085819b5b8672ac.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
42044
cf-polished
origFmt=png, origSize=1116
x-cache
Hit from cloudfront
content-disposition
inline; filename="likes.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 24 Aug 2022 17:33:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scdUwMUoNWHuevj7OBMibaPeGrdpazcgPLMjr%2Bmvv%2B%2FvH%2BuQd5AdSwZO2gZEf1n%2BhDGgu%2FXqMnAouFEDBF%2BSfejTaFLmATdPy95l6%2BKn8oGcB0fig6DAZxlw2foDYIv8lGeVzUAmbB6Q3%2BwdB14%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
ORD53-C1
cf-ray
7401d73f7b332bff-ORD
x-amz-cf-id
CXENJcv28Nfqivtz-KukT2ISOsdm0qljo5xIOWLkcN9uRFkKUsb1oQ==
cf-bgj
imgq:100,h2pri
MYzNbr8918139.png
img.imageboss.me/atm/cdn/u/zJg3brTpNRd9kyL191yl19mfVaJ3/l/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.imageboss.me/atm/cdn/u/zJg3brTpNRd9kyL191yl19mfVaJ3/l/MYzNbr8918139.png
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4876 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:51 GMT
via
1.1 c9119c9cbad606324b966549b1fefab8.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
107305
cf-polished
origFmt=png, origSize=2807
x-cache
Hit from cloudfront
content-disposition
inline; filename="MYzNbr8918139.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2472
last-modified
Tue, 23 Aug 2022 23:25:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aSpScrVJZAXhjxTQanIGPJrAWLSQjOJdHbyQMcDq91pJBD42DQt4JkAdqV1GcR9s8R3FdXFLuS2og60CmiCPJ4HJcLiv5FO90UtU4Gjrf%2F4ZNO4U5EzpGThnmkBoIYT5dW9%2BUpxqzcW9Td9nhvs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
ORD53-C1
accept-ranges
bytes
cf-ray
7401d73f7b342bff-ORD
x-amz-cf-id
R-QAqunzqlp5rqYI3VUlsMu26yV3cxKsE4UUcmkO1ut0sI0TVetkGg==
cf-bgj
imgq:100,h2pri
BHnQgB8898931.png
img.imageboss.me/atm/cdn/u/zJg3brTpNRd9kyL191yl19mfVaJ3/l/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.imageboss.me/atm/cdn/u/zJg3brTpNRd9kyL191yl19mfVaJ3/l/BHnQgB8898931.png
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4876 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:51 GMT
via
1.1 f654756bba0868065ab02da5e8e55382.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
107305
cf-polished
origFmt=png, origSize=2228
x-cache
Hit from cloudfront
content-disposition
inline; filename="BHnQgB8898931.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1786
last-modified
Tue, 23 Aug 2022 23:25:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3PkMMUk%2Fj1HVZPVwIgihR8sn%2Fe0%2Fd3%2FpijPbFpPG0d%2FJbnVfcFajBDky4Y49scxOeO%2BGV3yb%2BRJpwXDUqaDnIwmPv7Oc7zSwE1rBLPB0i2og9bln%2B84nVLkQ8JJX59cHt7kHApgYNhex3o%2F6sZs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
ORD53-C1
accept-ranges
bytes
cf-ray
7401d73f7b352bff-ORD
x-amz-cf-id
J9qMMa1xQf0LaFn3eG05lvRT4RJm89UsxZFwVPF_XSLOxnCxR2l54A==
cf-bgj
imgq:100,h2pri
NveJzf8900641.png
img.imageboss.me/atm/cdn/u/zJg3brTpNRd9kyL191yl19mfVaJ3/l/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.imageboss.me/atm/cdn/u/zJg3brTpNRd9kyL191yl19mfVaJ3/l/NveJzf8900641.png
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4876 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:51 GMT
via
1.1 3726856332d579216b3c8859e5f88f02.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33725
cf-polished
origFmt=png, origSize=2390
x-cache
Hit from cloudfront
content-disposition
inline; filename="NveJzf8900641.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1872
last-modified
Wed, 24 Aug 2022 19:51:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fF7jn3S0%2BqRv%2F96C5UMWxyqGj%2BliKZFnQaoyNX5kzEayyjMkP1R%2BdY0g4nMIdRCHhOQu%2BQXoPpqkDRB3%2BOANgd7eOhcQygQttWBoOpvLC6DESHepcXK3CyfcCsBAnKt3BpQNorbrr8C1j3aJgc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
ORD58-P5
accept-ranges
bytes
cf-ray
7401d73f7b372bff-ORD
x-amz-cf-id
8a9nx7RSQ1g8ctjzYfnZIMtK6R_xsfxjIntqly_kwKLcNHQFuiTdgQ==
cf-bgj
imgq:100,h2pri
fbevents.js
connect.facebook.net/en_US/ 		100 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26535
x-xss-protection
0
pragma
public
x-fb-debug
AznHKF4QkNfANXzXJ7M2j1D8Y7cr/iXch6mPgYynCbWfCjpRe4HeNox3K5YA8Co8G/0kO68gKZv1sCNyXpWnrw==
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 25 Aug 2022 05:13:51 GMT
vary
Accept-Encoding
x-content-cdn-origin-ts
1661404180541
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
WdQuvp8082639.js
sandramaria.online.anamarialopez.site/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sandramaria.online.anamarialopez.site/js/WdQuvp8082639.js
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
HTTP/1.1
Server
23.111.174.26 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
23-111-174-26.static.hvvc.us
Software
LiteSpeed /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:51 GMT
content-encoding
gzip
last-modified
Wed, 24 Aug 2022 23:08:02 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
4734
expires
Thu, 01 Sep 2022 05:13:51 GMT
67f736e03050b4d0ed3779b0edbf88c7_w_2666-64.png
sandramaria.online.anamarialopez.site/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sandramaria.online.anamarialopez.site/img/67f736e03050b4d0ed3779b0edbf88c7_w_2666-64.png
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
HTTP/1.1
Server
23.111.174.26 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
23-111-174-26.static.hvvc.us
Software
LiteSpeed /
Resource Hash
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:51 GMT
server
LiteSpeed
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
1238
67f736e03050b4d0ed3779b0edbf88c7_w_2669-64.png
sandramaria.online.anamarialopez.site/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sandramaria.online.anamarialopez.site/img/67f736e03050b4d0ed3779b0edbf88c7_w_2669-64.png
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
HTTP/1.1
Server
23.111.174.26 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
23-111-174-26.static.hvvc.us
Software
LiteSpeed /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:51 GMT
server
LiteSpeed
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
1238
67f736e03050b4d0ed3779b0edbf88c7_w_1789-64.png
sandramaria.online.anamarialopez.site/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sandramaria.online.anamarialopez.site/img/67f736e03050b4d0ed3779b0edbf88c7_w_1789-64.png
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
HTTP/1.1
Server
23.111.174.26 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
23-111-174-26.static.hvvc.us
Software
LiteSpeed /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:51 GMT
server
LiteSpeed
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
1238
67f736e03050b4d0ed3779b0edbf88c7_w_2128-64.png
sandramaria.online.anamarialopez.site/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sandramaria.online.anamarialopez.site/img/67f736e03050b4d0ed3779b0edbf88c7_w_2128-64.png
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
HTTP/1.1
Server
23.111.174.26 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
23-111-174-26.static.hvvc.us
Software
LiteSpeed /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:51 GMT
server
LiteSpeed
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
1238
67f736e03050b4d0ed3779b0edbf88c7_w_2066-64.png
sandramaria.online.anamarialopez.site/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sandramaria.online.anamarialopez.site/img/67f736e03050b4d0ed3779b0edbf88c7_w_2066-64.png
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
HTTP/1.1
Server
23.111.174.26 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
23-111-174-26.static.hvvc.us
Software
LiteSpeed /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:51 GMT
server
LiteSpeed
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
1238
67f736e03050b4d0ed3779b0edbf88c7_w_2190-64.png
sandramaria.online.anamarialopez.site/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sandramaria.online.anamarialopez.site/img/67f736e03050b4d0ed3779b0edbf88c7_w_2190-64.png
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
HTTP/1.1
Server
23.111.174.26 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
23-111-174-26.static.hvvc.us
Software
LiteSpeed /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:51 GMT
server
LiteSpeed
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
1238
67f736e03050b4d0ed3779b0edbf88c7_w_2681-64.png
sandramaria.online.anamarialopez.site/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sandramaria.online.anamarialopez.site/img/67f736e03050b4d0ed3779b0edbf88c7_w_2681-64.png
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
HTTP/1.1
Server
23.111.174.26 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
23-111-174-26.static.hvvc.us
Software
LiteSpeed /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:51 GMT
server
LiteSpeed
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
1238
xzQdAD8931224.png
img.imageboss.me/atm/cdn/u/zJg3brTpNRd9kyL191yl19mfVaJ3/l/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.imageboss.me/atm/cdn/u/zJg3brTpNRd9kyL191yl19mfVaJ3/l/xzQdAD8931224.png
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4876 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:51 GMT
via
1.1 0958bcd2929a58bce81e81d995bf358a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213415
cf-polished
origFmt=png, origSize=2509
x-cache
Hit from cloudfront
content-disposition
inline; filename="xzQdAD8931224.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1886
last-modified
Mon, 22 Aug 2022 17:56:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4132Qprq5jFOlzt7pj01gje0hagDJdzZ9Begut96J7mDuU7EfOLMNS4FatsxIrrOgPzJEehQnLaow2n31XuI%2FtoOJ4PTn1DXCACN%2Fleo7HILL4kQbkvh0PE4VNJh7awUxCfF6NIIsNOopSbfAeQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
ORD53-C1
accept-ranges
bytes
cf-ray
7401d73fdba82bff-ORD
x-amz-cf-id
KnmfwUwOwUjSggcTRssJEq16NJg80ZLsdboAVy_fI1Qcp59CLGQtAg==
cf-bgj
imgq:100,h2pri
eQrNxf8884347.png
img.imageboss.me/atm/cdn/u/zJg3brTpNRd9kyL191yl19mfVaJ3/l/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.imageboss.me/atm/cdn/u/zJg3brTpNRd9kyL191yl19mfVaJ3/l/eQrNxf8884347.png
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4876 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:51 GMT
via
1.1 f89b43b2ea6221dfbfe8b9962fafb682.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213418
cf-polished
origFmt=png, origSize=2109
x-cache
Hit from cloudfront
content-disposition
inline; filename="eQrNxf8884347.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1586
last-modified
Mon, 22 Aug 2022 17:56:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bv%2FLuft%2B3ba7Tgi4OeP24jJYXDVXVsoa3w3O0moPPvx2NmtevpY%2B6ikjniNGpHlRUV2fbO7Vhtdii0SLJ%2Fn%2BBAvH5IUbA2A9mrWaIJLYZ%2BwN2hzRIiuWZKmFyrJAnORpSSEhUv%2FITVJltoPCyLU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
ORD53-C1
accept-ranges
bytes
cf-ray
7401d73fdbac2bff-ORD
x-amz-cf-id
CDucnGYXIByWIiznwy6L51h_F9GXSAHxW-PuExddHkqI1LcYQGuqKA==
cf-bgj
imgq:100,h2pri
SQuddJ8891954.png
img.imageboss.me/atm/cdn/u/zJg3brTpNRd9kyL191yl19mfVaJ3/l/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.imageboss.me/atm/cdn/u/zJg3brTpNRd9kyL191yl19mfVaJ3/l/SQuddJ8891954.png
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4876 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:51 GMT
via
1.1 102c2ce84f6702e1add78e397cea7b84.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
205305
cf-polished
origFmt=png, origSize=2355
x-cache
Hit from cloudfront
content-disposition
inline; filename="SQuddJ8891954.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 22 Aug 2022 20:12:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xOv%2FtskTSQmiJsty5bPPgiWbeUKHKAsXgDDTCjDB7pp9RaY4HG1K5lnX3ZK0ypstQU%2FrB9JUaEH3b%2Fd0sh1o%2FqYgSQG48mRKoAMn0vX2gWBYyYeL4CJbJd7hfSNiB7S62OCTnPQBLgVmiq0APeI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
ORD53-C1
cf-ray
7401d73fdbaf2bff-ORD
x-amz-cf-id
2pQS_J8M92-iU1xc9H2J4AOCN3qh1LA3e8eGrFx8GRJJTgKw0W06bg==
cf-bgj
imgq:100,h2pri
BLudxc8896524.png
img.imageboss.me/atm/cdn/u/zJg3brTpNRd9kyL191yl19mfVaJ3/l/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.imageboss.me/atm/cdn/u/zJg3brTpNRd9kyL191yl19mfVaJ3/l/BLudxc8896524.png
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4876 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:51 GMT
via
1.1 988980199a49ca441b34454350b1dfe4.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
205305
cf-polished
origFmt=png, origSize=2259
x-cache
Hit from cloudfront
content-disposition
inline; filename="BLudxc8896524.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1834
last-modified
Mon, 22 Aug 2022 20:12:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QNeVbMqUH2ofp3QDt%2BsE6AJpWJDSCDrf2nZjJIsKnOMvfT%2BpYjnZzrgHX3AtAP7aNObVHr1Bn3KtiTYDv5FHu6Rzbu6DVyWlcfDvf7C4nzcXvDfLUctLyl%2Bdj7o0VBp4Id7CYELhgrocTaP5yjs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
ORD53-C1
accept-ranges
bytes
cf-ray
7401d73fdbb02bff-ORD
x-amz-cf-id
APeGQ-Z2D8yx5FYeoH9xztvKZ3RrkUVVvDGG0L5JNZphTG27TDTKMg==
cf-bgj
imgq:100,h2pri
lYLXYF8889768.png
img.imageboss.me/atm/cdn/u/zJg3brTpNRd9kyL191yl19mfVaJ3/l/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.imageboss.me/atm/cdn/u/zJg3brTpNRd9kyL191yl19mfVaJ3/l/lYLXYF8889768.png
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4876 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:51 GMT
via
1.1 9ac9ad92db3824c1d085819b5b8672ac.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213174
cf-polished
origFmt=png, origSize=2526
x-cache
Hit from cloudfront
content-disposition
inline; filename="lYLXYF8889768.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2162
last-modified
Mon, 22 Aug 2022 18:00:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=85AVSS7GLXvq47jf95J%2BinF8AXvgzV40tvgmi4Pq325vN9cKhZ%2BjvQ5QZuFBNQ08xlOyGBdD5FjNDz55d2I%2FOCxXmd5uAj%2Bf8Hl1FpMjEEzbI%2FjaYXZwMlZsiGykHDprxvNu60Vk15%2BJL5AZA5A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
ORD53-C1
accept-ranges
bytes
cf-ray
7401d73fdbb42bff-ORD
x-amz-cf-id
DLsb7D5ByvU1VeucObrfPIyXrN1gj55TIHCexYWbvSOPwaZd2NU7TQ==
cf-bgj
imgq:100,h2pri
iiSYrY8894265.png
img.imageboss.me/atm/cdn/u/zJg3brTpNRd9kyL191yl19mfVaJ3/l/ 		1022 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.imageboss.me/atm/cdn/u/zJg3brTpNRd9kyL191yl19mfVaJ3/l/iiSYrY8894265.png
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4876 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:51 GMT
via
1.1 9c62e91def9b53326c9958038d1d1806.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
107304
cf-polished
origFmt=png, origSize=1491
x-cache
Hit from cloudfront
content-disposition
inline; filename="iiSYrY8894265.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 23 Aug 2022 23:25:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBkQsiP64SnuBWVsATL504Vei8tuRTwBZIcjk7HJhXD2ndsJIo5W1DGKNHt4CStwjP6vaf6Q7ncVyR8%2B7YJj3MshTFpyKGXIrxM4o89tP3PVi7aGA4oI5QWogrTeJ8b7zk1NCVELll7k5PnQZuk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
ORD53-C1
cf-ray
7401d73fdbb72bff-ORD
x-amz-cf-id
8-aWVI2fWgPCi-9Q1XfgexKdc27WqRa9PExp6tRO4LhKooM5eDGeig==
cf-bgj
imgq:100,h2pri
FAeCiH8888099.png
img.imageboss.me/atm/cdn/u/zJg3brTpNRd9kyL191yl19mfVaJ3/l/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.imageboss.me/atm/cdn/u/zJg3brTpNRd9kyL191yl19mfVaJ3/l/FAeCiH8888099.png
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4876 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:51 GMT
via
1.1 e5ab459dee592201d36b1e9eea4f7328.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
107304
cf-polished
origFmt=png, origSize=2294
x-cache
Hit from cloudfront
content-disposition
inline; filename="FAeCiH8888099.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1916
last-modified
Tue, 23 Aug 2022 23:25:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CjG%2BpgGeRdcD1SjybLnF16hb4aYTshNa2Y0nFlTFykg7REArk25QvmeinIwjXlu7qaApIj3xzlPI1t5toSPUYFQC3LBsKrOQWkUtjCpZPT%2F7X4mGQAZBRR%2FfwaeKcvQJmTC6HA8ZBYLURFD8bH0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
ORD53-C1
accept-ranges
bytes
cf-ray
7401d73fdbb82bff-ORD
x-amz-cf-id
KZ9-mwHvyniuY-AkZWJsSouCiP2fheYuwO6nGxYed9LCd9IXo1WWUA==
cf-bgj
imgq:100,h2pri
kzonpI8902424.png
img.imageboss.me/atm/cdn/u/zJg3brTpNRd9kyL191yl19mfVaJ3/l/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.imageboss.me/atm/cdn/u/zJg3brTpNRd9kyL191yl19mfVaJ3/l/kzonpI8902424.png
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4876 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:51 GMT
via
1.1 ba9c4a15d904b10c426461fa8ff12178.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
205305
cf-polished
origFmt=png, origSize=2978
x-cache
Hit from cloudfront
content-disposition
inline; filename="kzonpI8902424.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2400
last-modified
Mon, 22 Aug 2022 20:12:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kyPeOj4P5I4dCRXQXrOfZLnENy3x24EEpSgkG%2BZ59kWRNIAyXCKQXW%2FP7agAvFAF15Ec6DMZKkXDI2bg7Bs1oQD9qNOTXUvvFUYlGONxCaJ7m8%2BYed1FmPPz06PoAvK8pX885X5A7VZstTySewY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
ORD53-C1
accept-ranges
bytes
cf-ray
7401d73fdbbb2bff-ORD
x-amz-cf-id
YVOddyNU48BvDfM6KIjlGSyqIgIJplzA-EWJesCSdPajU0uB_23P1g==
cf-bgj
imgq:100,h2pri
qzqifX8928702.png
img.imageboss.me/atm/cdn/u/zJg3brTpNRd9kyL191yl19mfVaJ3/l/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.imageboss.me/atm/cdn/u/zJg3brTpNRd9kyL191yl19mfVaJ3/l/qzqifX8928702.png
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4876 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:51 GMT
via
1.1 8f399775f8ac7ed2998f3fcbbd01ced6.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
205305
cf-polished
origFmt=png, origSize=1717
x-cache
Hit from cloudfront
content-disposition
inline; filename="qzqifX8928702.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 22 Aug 2022 20:12:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u2a46md1h8S0kN2lrnp%2FLeSrb995dyMdJqhuvpUJWwAbX%2Fmx5TodkXNtXVx%2FLfeNCoa7GzeOkRmOs6er%2Fl9WlM5BpyiV%2FoTcDXkehslM8e0ofFcQ9MR3k9f8HPax6IICxFUn1wORtTUxZSOxaFs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
ORD53-C1
cf-ray
7401d73fdbbd2bff-ORD
x-amz-cf-id
F2o9Q8L_mh4hbGPDWf8nXutERINnCLiwtRQvNVSjM-ZBwfSH4ypdwg==
cf-bgj
imgq:100,h2pri
SKxxIN8926682.png
img.imageboss.me/atm/cdn/u/zJg3brTpNRd9kyL191yl19mfVaJ3/l/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.imageboss.me/atm/cdn/u/zJg3brTpNRd9kyL191yl19mfVaJ3/l/SKxxIN8926682.png
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4876 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:51 GMT
via
1.1 93de5e34e27bf5cda101effa5f910612.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213173
cf-polished
origFmt=png, origSize=1996
x-cache
Hit from cloudfront
content-disposition
inline; filename="SKxxIN8926682.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1608
last-modified
Mon, 22 Aug 2022 18:00:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qj2rDyPrkTcUO2W1qY9S%2FWL3huXuFGjXt2MJHfLM5wvxDqklkCM3uA8wrVzC4HvrLB7Y%2FKQHtzQeJZFX9G8v62%2Fua63B%2BsKjxgn92r4QJYw5eoWGMMo9zvgGqQ%2FBUW6jAFQjBj%2FuJTi6SpedKSE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
ORD53-C1
accept-ranges
bytes
cf-ray
7401d73fdbbf2bff-ORD
x-amz-cf-id
0qwv_zTvGOZKD6wvUfCX_kCLZKLRR6zsd7euDrW0xAWnw-3t_qe9yA==
cf-bgj
imgq:100,h2pri
load-js
launcher.hotmart.com/rest/v1/module/ 		48 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://launcher.hotmart.com/rest/v1/module/load-js?hotid=eyJwYWdldmlld19pZCI6IlBWbmplemlueWJ6MWVsNzhsYXZsayIsInRyYWNlX2lkIjoiTFQwdWN4ejlyZXozaWw3OGxhdmxrIn0=&locationHref=http%3A%2F%2Fsandramaria.online.anamarialopez.site%2F&account=d147f513-8ff1-356f-8f8f-649200a40bbd
Requested by
Host: launcher.hotmart.com
URL: http://launcher.hotmart.com/launcher.js
Protocol
HTTP/1.1
Server
44.194.46.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-46-109.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sandramaria.online.anamarialopez.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Type, Location, Link, ETag
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
0
disable-devtool.min.js
fastly.jsdelivr.net/npm/disable-devtool/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fastly.jsdelivr.net/npm/disable-devtool/disable-devtool.min.js
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/js/WdQuvp8082639.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
1681
x-jsd-version
0.2.5
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4567
etag
W/"2c15-EJyph8sVL3ZFjAh+jL0yI7mKYlk"
x-served-by
cache-fra19158-FRA, cache-chi-klot8100082-CHI
x-jsd-version-type
version
date
Thu, 25 Aug 2022 05:13:51 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
json
wtfismyip.com/ 		0
0
Primary Request melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
glamour.globo.com/lifestyle/noticia/2019/12/ 		563 KB
129 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/js/WdQuvp8082639.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
201.7.177.243 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
93647ccfe0cd30aafd466de308d6a68000ccf3f976bf7a678ccf4196fd064510
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sandramaria.online.anamarialopez.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=10
content-encoding
gzip
content-length
130981
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Thu, 25 Aug 2022 05:13:51 GMT
expires
Thu, 25 Aug 2022 05:14:01 GMT
show-page-version
0
vary
X-Forwarded-Proto, Accept-Encoding, User-Agent, Wall-Subscription-Level, Origin
via
2.0 CachOS
wall-blocked-session
0
wall-subscription-level
0
wall-usl-status
x-bip
112515881 wall 9
x-cache-status
STALE
x-content-type-options
nosniff
x-mobile
desktop
x-request-id
84e5e4ff-3302-4025-90f1-218812eff2e4
x-served-from
Show-Bypass, Show Services GCP
x-thanos
0A81DC4C
x-xss-protection
1; mode=block
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&family=Roboto:wght@400;500;600;700;800&family=Montserrat:wght@400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://sandramaria.online.anamarialopez.site
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 10:24:38 GMT
x-content-type-options
nosniff
age
499753
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Aug 2023 10:24:38 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&family=Roboto:wght@400;500;600;700;800&family=Montserrat:wght@400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://sandramaria.online.anamarialopez.site
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:09:30 GMT
x-content-type-options
nosniff
age
165861
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Aug 2023 07:09:30 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&family=Roboto:wght@400;500;600;700;800&family=Montserrat:wght@400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://sandramaria.online.anamarialopez.site
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 03:51:42 GMT
x-content-type-options
nosniff
age
177729
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Aug 2023 03:51:42 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&family=Roboto:wght@400;500;600;700;800&family=Montserrat:wght@400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://sandramaria.online.anamarialopez.site
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 05:14:26 GMT
x-content-type-options
nosniff
age
259165
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 05:14:26 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&family=Roboto:wght@400;500;600;700;800&family=Montserrat:wght@400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://sandramaria.online.anamarialopez.site
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:32:04 GMT
x-content-type-options
nosniff
age
34907
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Aug 2023 19:32:04 GMT
id.min.js
identification.hotmart.com/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identification.hotmart.com/id.min.js?account=d147f513-8ff1-356f-8f8f-649200a40bbd
Requested by
Host: launcher.hotmart.com
URL: http://launcher.hotmart.com/launcher.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.213.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-213-19.compute-1.amazonaws.com
Software
WildFly/9 / Undertow/1
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:51 GMT
last-modified
Thu, 25 Aug 2022 04:07:11 GMT
server
WildFly/9
x-powered-by
Undertow/1
content-type
text/html;charset=utf-8
cache-control
max-age=60
content-length
5404
expires
166140443153460000
smartplayer.min.js
cdn.converteai.net/lib/js/smartplayer/v1/ 		576 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Requested by
Host: scripts.converteai.net
URL: https://scripts.converteai.net/8ddefba4-aac6-4899-a661-0c2a387c3a1d/players/63000bbd8573c5000adaac4a/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id
ch1-up-gc25
date
Thu, 25 Aug 2022 05:13:51 GMT
content-encoding
gzip
last-modified
Mon, 22 Aug 2022 14:08:56 GMT
server
nginx
x-amz-request-id
GETBV7Q00BFGM2T1
etag
W/"d4fba349bad9dce1aa7788f96d926016"
x-cached-since
2022-08-22T14:34:10+00:00
content-type
application/javascript
access-control-allow-origin
*
expires
Mon, 29 Aug 2022 05:13:51 GMT
cache-control
max-age=345600
x-server
Vturb-CDN
cache
HIT
x-amz-id-2
z0OHWIKM5OUJK2c1YRGqQBqZO295zc76sb+1RiqT2VEvDuhR23cmERkRLh7gEAhyme3VO2G9FEc=
track
tracking-api.hotmart.com/rest/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking-api.hotmart.com/rest/track?hotid=eyJwYWdldmlld19pZCI6IlBWbmplemlueWJ6MWVsNzhsYXZsayIsInRyYWNlX2lkIjoiTFRrdnRhM3o2YTA4aWw3OGxhdnYyIn0=&cid=1661404431565671559006054520700&bid=1661404431565671559006054520700&account=d147f513-8ff1-356f-8f8f-649200a40bbd&locationHref=http%3A%2F%2Fsandramaria.online.anamarialopez.site%2F
Requested by
Host: launcher.hotmart.com
URL: http://launcher.hotmart.com/launcher.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.235.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-235-1.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
http://sandramaria.online.anamarialopez.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
http://sandramaria.online.anamarialopez.site
date
Thu, 25 Aug 2022 05:13:51 GMT
content-length
0
content-type
application/json
id.gif
identification.hotmart.com/ 		43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://identification.hotmart.com/id.gif?cid=1661404431565671559006054520700&bid=1661404431565671559006054520700
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.213.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-213-19.compute-1.amazonaws.com
Software
WildFly/9 / Undertow/1
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:51 GMT
cache-control
no-cache
server
WildFly/9
x-powered-by
Undertow/1
content-length
43
content-type
image/gif
check
api.vturb.com.br/vturb/ 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.vturb.com.br/vturb/check
Requested by
Host: cdn.converteai.net
URL: https://cdn.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.27.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-27-218.compute-1.amazonaws.com
Software
Caddy /
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
http://sandramaria.online.anamarialopez.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 25 Aug 2022 05:13:51 GMT
access-control-allow-credentials
true
server
Caddy
content-length
0
access-control-expose-headers
Content-Length
check
api.vturb.com.br/vturb/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.vturb.com.br/vturb/check
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.27.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-27-218.compute-1.amazonaws.com
Software
Caddy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://sandramaria.online.anamarialopez.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Content-Length,Origin
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
access-control-max-age
43200
date
Thu, 25 Aug 2022 05:13:51 GMT
server
Caddy
791251255401775
connect.facebook.net/signals/config/ 		49 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/791251255401775?v=2.9.77&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
9aFOoTAmV6v+cVqbpi+DEYXDYklu7Bfhi0viQATlxvjsXACWJDI/8cERlvDNPSZP9/H02385ieua2eNGtwfPag==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 25 Aug 2022 05:13:51 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1661404431802
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
main.m3u8
cdn.converteai.net/8ddefba4-aac6-4899-a661-0c2a387c3a1d/62f552ec9811e2000a36756e/ 		711 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.converteai.net/8ddefba4-aac6-4899-a661-0c2a387c3a1d/62f552ec9811e2000a36756e/main.m3u8
Requested by
Host: cdn.converteai.net
URL: https://cdn.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id
ch1-up-gc26
date
Thu, 25 Aug 2022 05:13:51 GMT
via
1.1 b5d0d50a85cb855c8d83851f71d078e2.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD52-C1
x-cache
Miss from cloudfront
content-length
711
last-modified
Thu, 11 Aug 2022 19:08:31 GMT
server
nginx
etag
"04a447a03d84e402b7dbf7ce1a8171fc"
access-control-allow-methods
GET, PUT
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=2592000
x-server
Vturb-CDN
accept-ranges
bytes
x-cached-since
2022-08-16T18:58:04+00:00
x-amz-cf-id
3CvHeZdGdJnHX6u8X7BYAeIzmJHdZOrpp40RyvL6ZazHj42vGU_VCQ==
cache
HIT
expires
Sat, 24 Sep 2022 05:13:51 GMT
truncated
/ 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sandramaria.online.anamarialopez.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
24f84c2c-07e6-46c7-a827-968d29b4404c
api.vturb.com.br/hermes/sandramaria.online.anamarialopez.site/63000bbd8573c5000adaac4a/56d95ac5-0166-4614-aed7-379b717e54f2/ 		0
0
h264_360p_750.m3u8
cdn.converteai.net/8ddefba4-aac6-4899-a661-0c2a387c3a1d/62f552ec9811e2000a36756e/ 		0
0
audio_media.m3u8
cdn.converteai.net/8ddefba4-aac6-4899-a661-0c2a387c3a1d/62f552ec9811e2000a36756e/ 		0
0
bold.woff2
s3.glbimg.com/cdn/fonts/opensans/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/bold.woff2
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
c7c63b43903d698f7c8b28360ce19c81b574db3288a8db01a29ac72ffba1327b

Request headers

Referer
https://glamour.globo.com/
Origin
https://glamour.globo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:52 GMT
x-openstack-request-id
tx96e8ac6b3b304bf7b8825-0061ba773a
last-modified
Tue, 25 Jun 2019 17:35:22 GMT
x-thanos
0AB24042
etag
8593a5a07cf620d4512fcb71cbcd07a6
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
cache-control
public, max-age=31536000
content-length
10284
accept-ranges
bytes
x-trans-id
tx96e8ac6b3b304bf7b8825-0061ba773a
x-request-id
cb2329fd-82bf-45cb-bf9c-d755ca8f3107
x-timestamp
1561484121.35690
semibold.woff2
s3.glbimg.com/cdn/fonts/opensans/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/semibold.woff2
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
3211f0105eedb5873f087c4d715050124d6891cd2746f9e28b78759a80a818ca

Request headers

Referer
https://glamour.globo.com/
Origin
https://glamour.globo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:52 GMT
x-openstack-request-id
txa1df0d09ec004cc1952eb-0061ba773a
last-modified
Tue, 25 Jun 2019 17:36:47 GMT
x-thanos
0AB24042
etag
365c53275ca5dad1584b7e0bd3a46c1e
vary
Accept-Encoding, Origin
content-type
application/font-woff2
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
cache-control
public, max-age=31536000
content-length
16172
accept-ranges
bytes
x-trans-id
txa1df0d09ec004cc1952eb-0061ba773a
x-request-id
f445dcce-c308-4f30-a6b6-b4d9f6b07001
x-timestamp
1561484206.27623
regular.woff2
s3.glbimg.com/cdn/fonts/opensans/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/regular.woff2
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7

Request headers

Referer
https://glamour.globo.com/
Origin
https://glamour.globo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:52 GMT
x-openstack-request-id
tx7a6fccce43d941f2bab09-0061ba773a
last-modified
Tue, 25 Jun 2019 17:36:35 GMT
x-thanos
0AB24042
etag
4124088fdd8c315a6d096b65b6cbf428
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
cache-control
public, max-age=31536000
content-length
10352
accept-ranges
bytes
x-trans-id
tx7a6fccce43d941f2bab09-0061ba773a
x-request-id
d6ed7ce4-3e0d-4480-8548-32e763adc58d
x-timestamp
1561484194.26376
light.woff2
s3.glbimg.com/cdn/fonts/opensans/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/light.woff2
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
a51690a59260fd30a04d20955e8e5432f7f05f90c13f04c953789d67548a66b8

Request headers

Referer
https://glamour.globo.com/
Origin
https://glamour.globo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:52 GMT
x-openstack-request-id
tx3a7f504bf3a049a8a1306-0061ba773a
last-modified
Tue, 25 Jun 2019 17:36:08 GMT
x-thanos
0AB24042
etag
98b6233d6ac91b3538d60fee0ce3393b
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
cache-control
public, max-age=31536000
content-length
10200
accept-ranges
bytes
x-trans-id
tx3a7f504bf3a049a8a1306-0061ba773a
x-request-id
13195d54-afcc-4ea9-8e7c-e5d0d0cf12f5
x-timestamp
1561484167.30297
css2
fonts.googleapis.com/ 		22 KB
867 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Fraunces:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4a6b3d1991c4420dbb00831149756c1f8915ea0b1a62f4a54b42a8bd14416f32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 05:13:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 25 Aug 2022 05:13:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Aug 2022 05:13:52 GMT
v0.js
cdn.ampproject.org/ 		276 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f8d71069d619040e5ea451d199616bf459fb1ebc73e2e5a5ade04b3c0f6d405
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72591
x-xss-protection
0
server
sffe
date
Thu, 25 Aug 2022 05:13:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"d68ac0b6f7bd5a0e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 25 Aug 2022 05:13:52 GMT
utag.js
tags.tiqcdn.com/utag/globo/editora/prod/ 		235 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.33.123 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-33-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
530bdf88bc56962fc0e5d7ef83f91386646d46e38612f24009d489da502630e7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:52 GMT
content-encoding
gzip
last-modified
Wed, 24 Aug 2022 14:29:15 GMT
server
AkamaiNetStorage
etag
"cfc3a9f41dbe80a29d7fc4c64740780f:1661351355.70917"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
expires
Thu, 25 Aug 2022 05:18:52 GMT
amp-social-share-0.1.js
cdn.ampproject.org/v0/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-social-share-0.1.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f62e59ec4b6fcfeb1a9c7fd353b841dd0c4c15dab8104b3b0d39a90ea5e29a2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4801
x-xss-protection
0
server
sffe
date
Thu, 25 Aug 2022 05:13:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"c417c38760d62e61"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 25 Aug 2022 05:13:52 GMT
amp-timeago-0.1.js
cdn.ampproject.org/v0/ 		37 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-timeago-0.1.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b0fb4576b64e935cf7bc72e7ad1c918dcd0f9e923f8432bf41b872ad073fedb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9130
x-xss-protection
0
server
sffe
date
Thu, 25 Aug 2022 05:13:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"e044663c4dcac730"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 25 Aug 2022 05:13:52 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/v0/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-fit-text-0.1.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5044b9a998bfd37f8628a49ebffb1e90e81a9a78eb27123ffa7ed35c34fe424a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2514
x-xss-protection
0
server
sffe
date
Thu, 25 Aug 2022 05:13:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"70eaf41e130dfb16"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 25 Aug 2022 05:13:52 GMT
amp-bind-0.1.js
cdn.ampproject.org/v0/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-bind-0.1.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00f9f7f8aacb8c53029767d5351f591dbc13c546a543afb365ba66343c153f04
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16269
x-xss-protection
0
server
sffe
date
Thu, 25 Aug 2022 05:13:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"92d7b36ea04ef162"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 25 Aug 2022 05:13:52 GMT
amp-lightbox-gallery-0.1.js
cdn.ampproject.org/v0/ 		65 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-lightbox-gallery-0.1.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b268001a16d640e38b9adebc6560a81ce0248198d694dbe13877a14d58ae131a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18989
x-xss-protection
0
server
sffe
date
Thu, 25 Aug 2022 05:13:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"402168bf9dd3708e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 25 Aug 2022 05:13:52 GMT
amp-carousel-0.1.js
cdn.ampproject.org/v0/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-carousel-0.1.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb7dd85f2e01ff3add4da9efcecfde831c2ee0ec8f60590f4d99cef413095332
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11512
x-xss-protection
0
server
sffe
date
Thu, 25 Aug 2022 05:13:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"57f8eec7a2b4aee3"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 25 Aug 2022 05:13:52 GMT
amp-video-0.1.js
cdn.ampproject.org/v0/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-video-0.1.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
660d2fb748d34943633ce34e11e1dc8144cf2a6fa211e1656ab68e81b26bef4c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15874
x-xss-protection
0
server
sffe
date
Thu, 25 Aug 2022 05:13:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"67920e088920d4f6"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 25 Aug 2022 05:13:52 GMT
/
fonts.gstatic.com/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
css2
fonts.googleapis.com/ 		7 KB
618 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&display=swap
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
45e78216d62e7ef2a2c7d0bda526ddfb789444fb8a986b024d059373acb27c16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 04:20:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 25 Aug 2022 05:13:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Aug 2022 05:13:52 GMT
css2
fonts.googleapis.com/ 		3 KB
601 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Merriweather:wght@400;500;600;700&display=swap
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
59119d769463d6328c2791982090c033babaffd946a3616d3291db1bf6053fd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 05:13:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 25 Aug 2022 05:13:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Aug 2022 05:13:52 GMT
semibold.woff
s3.glbimg.com/cdn/fonts/opensans/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/semibold.woff
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
8deaf2f6487d8023283092a123cfe4c67b0d340dc59d94cf1c8abb57ff9ef2c7

Request headers

Referer
https://glamour.globo.com/
Origin
https://glamour.globo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:52 GMT
content-encoding
gzip
x-openstack-request-id
tx06f9c60b81ef4b5fb8c79-0061b9f2ef
last-modified
Tue, 25 Jun 2019 17:36:43 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
*
x-timestamp
1561484202.97777
cache-control
public, max-age=31536000
x-trans-id
tx06f9c60b81ef4b5fb8c79-0061b9f2ef
x-request-id
7d189401-2614-431d-9239-5888f8394818
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
semibold.ttf
s3.glbimg.com/cdn/fonts/opensans/ 		33 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/semibold.ttf
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
d717975fbc6815f9c86e4c87154a8e2249ec957687ff8477bb649b318c2fdd3a

Request headers

Referer
https://glamour.globo.com/
Origin
https://glamour.globo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:52 GMT
content-encoding
gzip
x-openstack-request-id
txe540dcc8db0e44638377c-0061b9f2ef
last-modified
Tue, 25 Jun 2019 17:36:40 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
*
x-timestamp
1561484199.01950
cache-control
public, max-age=31536000
x-trans-id
txe540dcc8db0e44638377c-0061b9f2ef
x-request-id
1901bb80-0be8-4663-bc91-10d558e2f344
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
bold-webfont.woff2
s3.glbimg.com/cdn/fonts/proximanova/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/proximanova/bold-webfont.woff2
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
f40f5aae5f579b100046297556b20241064b7df6f453768a2c45448b99faf40d

Request headers

Referer
https://glamour.globo.com/
Origin
https://glamour.globo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:52 GMT
x-openstack-request-id
txb5d7739b154742d0892c8-0061b9f2ef
last-modified
Tue, 25 Jun 2019 17:41:50 GMT
x-thanos
0AB24042
etag
41d742c099d20517e060c4cd172c8891
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
cache-control
public, max-age=31536000
content-length
20968
accept-ranges
bytes
x-trans-id
txb5d7739b154742d0892c8-0061b9f2ef
x-request-id
f253ea81-591f-4e6b-b4ee-c99ef3335484
x-timestamp
1561484509.26263
bold-webfont.woff
s3.glbimg.com/cdn/fonts/proximanova/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/proximanova/bold-webfont.woff
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
badff47be54c7116a014bab6ea632fee2dc666bb624cc7eacc84c3a4440b2e34

Request headers

Referer
https://glamour.globo.com/
Origin
https://glamour.globo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:52 GMT
x-openstack-request-id
tx73b267608dae462e96db1-0061b9f2ef
last-modified
Tue, 25 Jun 2019 17:41:45 GMT
x-thanos
0AB24042
etag
64ac44e2c8bd748dae65ce93d981eedf
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
cache-control
public, max-age=31536000
content-length
27248
accept-ranges
bytes
x-trans-id
tx73b267608dae462e96db1-0061b9f2ef
x-request-id
bcb1faa4-6aaf-4a31-8854-f87a903191f7
x-timestamp
1561484504.80684
bold-webfont.ttf
s3.glbimg.com/cdn/fonts/proximanova/ 		51 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/proximanova/bold-webfont.ttf
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
e7c9882961051fe8f15077a313665ba24be998f20295f96c76c0998a0e4ce59c

Request headers

Referer
https://glamour.globo.com/
Origin
https://glamour.globo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:52 GMT
x-openstack-request-id
tx6f5f6735a29c42e0baa10-0061b9f2ef
last-modified
Tue, 25 Jun 2019 17:40:05 GMT
x-thanos
0AB24042
etag
dffe32cf44fbd4ca04391bc135b51365
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
cache-control
public, max-age=31536000
content-length
52180
accept-ranges
bytes
x-trans-id
tx6f5f6735a29c42e0baa10-0061b9f2ef
x-request-id
c47080af-aad9-4a35-b5cd-fc3743754935
x-timestamp
1561484404.75780
6NUu8FyLNQOQZAnv9bYEvDiIdE9Ea92uemAk_WBq8U_9v0c2Wa0K7iN7hzFUPJH58nib14c7qv8.woff2
fonts.gstatic.com/s/fraunces/v23/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/fraunces/v23/6NUu8FyLNQOQZAnv9bYEvDiIdE9Ea92uemAk_WBq8U_9v0c2Wa0K7iN7hzFUPJH58nib14c7qv8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fraunces:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94b62cbcd95b49b979fd6ad3e041290f25a6f5f66d924d00c8586237f279e672
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://glamour.globo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 15:10:47 GMT
x-content-type-options
nosniff
age
568985
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36092
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:25:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Aug 2023 15:10:47 GMT
2019-12-02-melhores-memes-de-2019-11.jpg
s2.glbimg.com/61nSohZKRoahuCbd6WrblWe-MHA=/0x0:607x573/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2021/H/v/UxuVO2S9OWQxqj8R4ciQ/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/61nSohZKRoahuCbd6WrblWe-MHA=/0x0:607x573/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2021/H/v/UxuVO2S9OWQxqj8R4ciQ/2019-12-02-melhores-memes-de-2019-11.jpg
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
d4403ebd9944483d11101b07509dd5256e8d243ffb5a2d1c1337675085469edc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:52 GMT
via
2.0 CachOS
x-bip
836775642 ra03 11 01
age
282239
etag
"81877475607ec033950c61b4acec05b31df82170"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB1D004
access-control-allow-headers
Content-Type
content-length
51590
x-request-id
06774179-650d-4b9f-8111-7d064717fbfe
expires
Tue, 20 Sep 2022 22:49:53 GMT
item
recomendacao.globo.com/rec/v2/ 		28 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://recomendacao.globo.com/rec/v2/item?client_id=glamour&url=https%3A//glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&content_id=POST-TOP-24H&page=1&limit=10&photo_size=540x304/top/smart,810x456/top/smart,1080x608/top/smart&callback=bstn.cb.recommendationFirstFetch
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
131.0.25.26 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
131.0.25-26.prt.globo.com
Software
/
Resource Hash
f3ba521bfb93f68c018326e1d75dfe3794a601c3e00db399dc9d094331a796a3
Security Headers
Name Value
Strict-Transport-Security max-age=60

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:52 GMT
content-encoding
gzip
strict-transport-security
max-age=60
content-type
application/javascript;charset=utf-8
cache-control
max-age=600
content-length
5087
x-request-id
ff408ee6-9a87-4bcb-a806-a5a2de83122b
expires
Thu, 25 Aug 2022 05:23:52 GMT
bastian-2021099fb8ce3b8dcf6be340411cb66f15f8d8.js
s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/ 		220 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-2021099fb8ce3b8dcf6be340411cb66f15f8d8.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
e8ac19d15945d11645cc68623bae41ca14067a00557eb3a849dbb41c38d96a4c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:52 GMT
content-encoding
gzip
x-openstack-request-id
tx2e7164d0c5af48e4aee9c-0062ecfb5d
last-modified
Thu, 09 Sep 2021 11:10:03 GMT
x-thanos
0AB14003
vary
Accept-Encoding, Origin
content-type
application/javascript
x-timestamp
1631185802.53517
cache-control
public, max-age=2592000
x-trans-id
tx2e7164d0c5af48e4aee9c-0062ecfb5d
x-request-id
10447258-ddb5-49b7-a20a-da41cd291152
47450872-bfd4-4cce-b8c4-92f361da2546.js
s3.glbimg.com/v1/AUTH_c631e406debd4c4fac98a09d48dc17d1/bastian-post/prod/glamour/6218c57c-857b-405e-90d7-c68be8206556/ 		50 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_c631e406debd4c4fac98a09d48dc17d1/bastian-post/prod/glamour/6218c57c-857b-405e-90d7-c68be8206556/47450872-bfd4-4cce-b8c4-92f361da2546.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
2f805f242affa5de478343055a8e0a2e449b4f7f7e62049626482ee35fd0d029

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:52 GMT
content-encoding
gzip
x-openstack-request-id
tx7110f33cc2b24de69903c-00630704d6
last-modified
Mon, 13 Dec 2021 14:36:21 GMT
x-thanos
0AB14003
vary
Accept-Encoding, Origin
content-type
application/javascript
x-timestamp
1639406180.56083
cache-control
public, max-age=180
x-trans-id
tx7110f33cc2b24de69903c-00630704d6
x-request-id
da05995a-e60c-4b80-b3c3-a95670e7256b
47450872-bfd4-4cce-b8c4-92f361da2546.css
s3.glbimg.com/v1/AUTH_c631e406debd4c4fac98a09d48dc17d1/bastian-post/prod/glamour/6218c57c-857b-405e-90d7-c68be8206556/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_c631e406debd4c4fac98a09d48dc17d1/bastian-post/prod/glamour/6218c57c-857b-405e-90d7-c68be8206556/47450872-bfd4-4cce-b8c4-92f361da2546.css
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
509ef6cbf39ac9f7498c733a3b4699bfa113ff0ec1950f2d72245a52fc8039b6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:52 GMT
content-encoding
gzip
x-openstack-request-id
tx85cafbeaa021442aabb23-00630704a4
last-modified
Mon, 13 Dec 2021 14:36:26 GMT
x-thanos
0AB14003
vary
Accept-Encoding, Origin
content-type
text/css; charset=utf-8
x-timestamp
1639406185.82554
cache-control
public, max-age=180
x-trans-id
tx85cafbeaa021442aabb23-00630704a4
x-request-id
64dcc018-f6f8-41de-92fd-93778feb3fef
api.min.js
p.glbimg.com/api/stable/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.glbimg.com/api/stable/api.min.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
97b81651ac630805fe9f93b8a9481cc286ddb6240b3964a647371f01bca28641
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-bip
775272278 ra03 11 05
age
814
content-length
13484
x-xss-protection
1; mode=block
x-request-id
e7b2105d-7164-4e4c-9f6e-78149bdb2588
last-modified
Thu, 04 Nov 2021 17:23:50 GMT
x-thanos
0AB1D009
etag
W/"61841726-9496"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
via
2.0 CachOS
cache-control
max-age=3600
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 25 Aug 2022 06:00:18 GMT
barra-globocom.min.css
s.glbimg.com/gl/ba/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/gl/ba/css/barra-globocom.min.css
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
e8a63752f7a4867483d3a66bb10da00f7048e9285b960bbf9e9d57713940dedb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-bip
791708901 ra03 11 03
age
3584
content-length
4812
x-xss-protection
1; mode=block
x-request-id
9581c613-375a-41b4-843b-ce0b41f93384
last-modified
Wed, 29 Jun 2022 14:22:39 GMT
x-thanos
0AB1D017
etag
W/"62bc602f-5248"
vary
Accept-Encoding, Origin
content-type
text/css
via
2.0 CachOS
cache-control
max-age=3600
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 25 Aug 2022 05:14:07 GMT
barra-globocom.min.js
s.glbimg.com/gl/ba/js/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/gl/ba/js/barra-globocom.min.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
02aa6ae7ef651439e9782b49b7b3ae86c88eb6e55b501437d16db2521b3e8de8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-bip
789951398 ra03 11 03
age
413
content-length
11882
x-xss-protection
1; mode=block
x-request-id
b8083488-9624-429b-9064-0f4e1e3193e0
last-modified
Wed, 29 Jun 2022 14:22:39 GMT
x-thanos
0AB1D017
etag
W/"62bc602f-80f4"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
via
2.0 CachOS
cache-control
max-age=3600
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 25 Aug 2022 06:06:59 GMT
jquery.min.js
s3.glbimg.com/cdn/libs/jquery/1.8.3/ 		91 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

Referer
https://glamour.globo.com/
Origin
https://glamour.globo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:52 GMT
content-encoding
gzip
x-openstack-request-id
txb4e8ed2f3aa141cfb3021-00629a4db7
last-modified
Tue, 09 Oct 2018 19:06:54 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
application/javascript
access-control-allow-origin
*
x-timestamp
1539112013.52960
cache-control
max-age=31536000
x-trans-id
txb4e8ed2f3aa141cfb3021-00629a4db7
x-request-id
0ab47923-03b9-49a0-9e71-500945874a8a
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
1aa2241f8aedf804f59cfeb4a5846422.js
s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/ 		286 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/1aa2241f8aedf804f59cfeb4a5846422.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
fb22014695a5f5bdc5c00620f486206901b0eca5086df694b06c501e0b56757d

Request headers

Referer
https://glamour.globo.com/
Origin
https://glamour.globo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:52 GMT
content-encoding
gzip
x-openstack-request-id
tx85db2f74bc744b38b9eef-006306fac1
x-trans-id
tx85db2f74bc744b38b9eef-006306fac1
content-length
96688
x-request-id
6db450c3-dbe3-4b81-b1f9-8c02366ae813
last-modified
Fri, 03 Jun 2022 18:00:56 GMT
x-thanos
0AB24042
etag
bc4071f2304e4117e1942da2a26c16c3
vary
Accept-Encoding, Origin
content-type
text/javascript
access-control-allow-origin
*
x-timestamp
1654279255.75493
cache-control
public, max-age=3600
accept-ranges
bytes
access-control-expose-headers
x-object-meta-cache-control, content-language, cache-control, expires, last-modified, etag, x-timestamp, pragma, x-trans-id, x-container-meta-cache-control, content-type, x-openstack-request-id, authorization
2019-12-02-melhores-memes-de-2019-4.jpg
s2.glbimg.com/kX2fMOwHAQiE9JwYb2-95GzT2Jo=/0x0:607x607/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2021/a/8/FM8RP0S92SHW9Bzm5MYA/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/kX2fMOwHAQiE9JwYb2-95GzT2Jo=/0x0:607x607/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2021/a/8/FM8RP0S92SHW9Bzm5MYA/2019-12-02-melhores-memes-de-2019-4.jpg
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
f3402616df5b5f133e7f53c505699763f7fe71ea699559ad6e3cd063e221e591

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:52 GMT
via
2.0 CachOS
x-bip
836972924 ra03 11 01
age
450559
etag
"ca01da25581de2dd23e2e4af38f88bd5b4bc50a7"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB1D004
access-control-allow-headers
Content-Type
content-length
26866
x-request-id
11f22d66-81cf-4363-9a97-19dfe39dd176
expires
Sun, 18 Sep 2022 22:47:45 GMT
2019-12-02-melhores-memes-de-2019-8.jpg
s2.glbimg.com/L3eufFgtY5u82lT_IIM-S_uHksg=/0x0:607x607/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2021/W/6/SliqaKQeWAMwHU9L6YNQ/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/L3eufFgtY5u82lT_IIM-S_uHksg=/0x0:607x607/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2021/W/6/SliqaKQeWAMwHU9L6YNQ/2019-12-02-melhores-memes-de-2019-8.jpg
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
780bab12ced7ead32f27db489d2a8f839fcc7a4ac9934414107513deca85bf85

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:52 GMT
via
2.0 CachOS
x-bip
828072353 ra03 11 01
age
353341
etag
"6ad8fdafba19039af671f2624c1eea0d2727b0e7"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB1D004
access-control-allow-headers
Content-Type
content-length
39428
x-request-id
f4361085-b120-4e48-9f68-45f6d8ad6638
expires
Tue, 20 Sep 2022 03:04:29 GMT
bastian-202109ed66cd6dd5dbf855e6dd3aa92e287555.rest.css
s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/ 		31 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-202109ed66cd6dd5dbf855e6dd3aa92e287555.rest.css
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
2c27422a0b3735d52a4c541699b72416882ff32d3c7412b93be275d6803b5bf3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:52 GMT
content-encoding
gzip
x-openstack-request-id
txd97366268d164573b6454-0062e2d685
last-modified
Thu, 09 Sep 2021 11:10:05 GMT
x-thanos
0AB14003
vary
Accept-Encoding, Origin
content-type
text/css
x-timestamp
1631185804.28317
cache-control
public, max-age=2592000
x-trans-id
txd97366268d164573b6454-0062e2d685
x-request-id
81b98823-bbc6-4d5a-9610-a288dcab5057
truncated
/ 		727 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3945a98e43cd2167bfa9e8385ffa54335b9a393fa66af78f9b9deba11bd87470

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		738 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03bd05cfb6d0789c54678927cfbd8d3ab3c9b721cee69b3dec80dc9c521149dc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f1e7751de7211682870afa390d8383cddbf7845eb9d83b700752bc26602a782

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		704 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c22597aa3feb104000e18b6426425e8a6a941663f489739d4e0f2aa7abc1905

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml
3f8d3ecef466141cc689f2c328647ec5.css
s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3f8d3ecef466141cc689f2c328647ec5.css
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
d342081333ea08ed17938ded78539131f5393b1d6a5155e3cabd86fb4393691f

Request headers

Referer
https://glamour.globo.com/
Origin
https://glamour.globo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:53 GMT
content-encoding
gzip
x-openstack-request-id
txaa35218797304c4eb9950-0062ffc507
x-trans-id
txaa35218797304c4eb9950-0062ffc507
content-length
1400
x-request-id
45d2e2c1-8120-484c-bcd5-40ede0338960
last-modified
Fri, 22 Jul 2022 16:14:39 GMT
x-thanos
0AB24042
etag
face5f8b8da23afc6c4d41d73d5a85f9
vary
Accept-Encoding, Origin
content-type
text/css
access-control-allow-origin
*
x-timestamp
1658506478.61712
cache-control
public, max-age=604800
accept-ranges
bytes
access-control-expose-headers
x-object-meta-cache-control, content-language, cache-control, expires, last-modified, etag, x-timestamp, pragma, x-trans-id, x-container-meta-cache-control, content-type, x-openstack-request-id, authorization
truncated
/ 		203 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc3e891ad0d8075876d0f7572482f1f249345583b89459f485e59299931bc99d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		204 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02f70f4d57c4052c276b262f5d5b72135ed3238aa4936dd368e3e1534eb6e8fb

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		436 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93f45bd0df53776d65c03af696f72e8857a3049863b07852ba2998ecce3160a3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		507 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2faeb72dc6c6dd034ad0fe3a1326105213eb42cc9fdde9560f645ee2dd1c4c2c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
opensans-light-webfont.woff
s.glbimg.com/gl/ba/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/gl/ba/fonts/opensans-light-webfont.woff
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
dea42e0f179347a75dd9fa41636bd1fa1ae92397bcde89a1389eeb8c0ace0fca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://glamour.globo.com/
Origin
https://glamour.globo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:53 GMT
via
2.0 CachOS
x-content-type-options
nosniff
x-bip
753514441 asra01mp11lx03ca11.globoi.com
age
19245
content-length
20184
x-xss-protection
1; mode=block
x-request-id
e16c62a1-0115-4a10-98e7-b81e7295a383
last-modified
Wed, 29 Jun 2022 14:22:41 GMT
x-thanos
0AB0D078
etag
"62bc6031-4ed8"
vary
Origin
content-type
application/x-font-woff
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Wed, 31 Aug 2022 23:53:07 GMT
login-callback.ghtml
glamour.globo.com/ Frame 8310
Redirect Chain
  • https://id.globo.com/auth/realms/globo.com/protocol/openid-connect/auth?client_id=glamour%40apps.globoid&redirect_uri=https%3A%2F%2Fglamour.globo.com%2Flogin-callback.ghtml&state=0f6f6781-96b2-4845...
  • https://glamour.globo.com/login-callback.ghtml
345 B
800 B 		Document
General
Check archive.org
Download Go to
Full URL
https://glamour.globo.com/login-callback.ghtml
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
201.7.177.243 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
956bd91287fd5d85b711fd51418e53c6eeb3536134044ce39f67fb20938e160c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=10
content-encoding
gzip
content-length
244
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Thu, 25 Aug 2022 05:13:54 GMT
expires
Thu, 25 Aug 2022 05:14:04 GMT
show-page-version
0
vary
X-Forwarded-Proto, Accept-Encoding, User-Agent, Wall-Subscription-Level
via
2.0 CachOS
wall-blocked-session
0
wall-subscription-level
0
wall-usl-status
x-bip
113907548 wall 9
x-cache-status
HIT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-mobile
desktop
x-request-id
c64933b9-e37e-4aa9-bd56-05d63c745cc3
x-served-from
Show-Bypass, Show Services GCP
x-thanos
0A81DC4C
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store, must-revalidate, max-age=0
content-length
0
date
Thu, 25 Aug 2022 05:13:54 GMT
location
https://glamour.globo.com/login-callback.ghtml#error=login_required&state=0f6f6781-96b2-4845-8d1b-9d66bc651614
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-content-type-options
nosniff
x-xss-protection
1; mode=block
settings.min.js
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/settings/stable/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/settings/stable/settings.min.js
Requested by
Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
61577749b4423c492bfe2f3bfff475e3397fb3738794c289f783be6b03457194

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:53 GMT
content-encoding
gzip
x-openstack-request-id
tx9137f95ade7e4271a8bd9-0063070112
last-modified
Wed, 22 Jun 2022 17:30:21 GMT
x-thanos
0AB14003
vary
Accept-Encoding, Origin
x-object-meta-mtime
1651581775.000000
x-timestamp
1655919020.49545
cache-control
public, max-age=3600
content-type
application/javascript
x-trans-id
tx9137f95ade7e4271a8bd9-0063070112
x-request-id
e85a226c-b6aa-4baa-8494-4658e33b82c8
horizon-client-js.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-client-js.min.js
Requested by
Host: s.glbimg.com
URL: https://s.glbimg.com/gl/ba/js/barra-globocom.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:53 GMT
content-encoding
gzip
x-openstack-request-id
tx49b2ee0032aa4ce382f98-00630704ba
last-modified
Fri, 13 Nov 2020 17:21:38 GMT
x-thanos
0AB14003
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1605288097.88717
cache-control
public, max-age=600
x-trans-id
tx49b2ee0032aa4ce382f98-00630704ba
x-request-id
574bb19b-64f4-4a1d-820e-27eb91a1a242
glb-pv-min.js
s.glbimg.com/bu/rt/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/bu/rt/js/glb-pv-min.js
Requested by
Host: s.glbimg.com
URL: https://s.glbimg.com/gl/ba/js/barra-globocom.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-bip
1035136888 ra03 11 03
age
936
content-length
969
x-xss-protection
1; mode=block
x-request-id
e1461ed0-6243-4ac7-b929-e63b5f82757b
last-modified
Mon, 04 Feb 2019 16:44:48 GMT
x-thanos
0AB1D017
etag
W/"5c586c00-703"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
via
2.0 CachOS
cache-control
max-age=3600
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 25 Aug 2022 05:58:16 GMT
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6035227/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
13.225.223.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-90.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:05:12 GMT
via
1.1 d3ab4cd494305c2d222c92f599e3c7c6.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
522
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-length
0
x-amz-cf-id
mD34X0k8Eg5bjCgtbT_FgTl5JhZ7GgOrmeL5jPLSjhKTSFgQdpgw-A==

Redirect headers

location
/internal-c2/default/cs.js
date
Thu, 25 Aug 2022 05:13:53 GMT
via
1.1 d3ab4cd494305c2d222c92f599e3c7c6.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
content-length
0
x-amz-cf-id
4BUJCSXAPlJfZ1HplU0U8M5Wo089T3iJzvAbTm4ZUMnLzVvcJsA9Ag==
x-cache
Miss from cloudfront
/
cocoon.globo.com/v2/ 		26 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cocoon.globo.com/v2/
Requested by
Host: s.glbimg.com
URL: https://s.glbimg.com/gl/ba/js/barra-globocom.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.153.86 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
86.153.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e8e49d12d085acc1fd8d7c49c729225d667eb15f10f6b89eebc8798ab3964c25

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 25 Aug 2022 05:13:53 GMT
via
1.1 google
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
access-control-allow-methods
POST, OPTIONS
p3p
CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=6035227&ns__t=1661404433171&ns_c=UTF-8&c8=Melhores%20do%20ano%3A%20os%20memes%20mais%20engra%C3%A7ados%20de%202019%20%7C%20Lifestyle%20%7C%20Glamour&c7=ht...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=6035227&ns__t=1661404433171&ns_c=UTF-8&c8=Melhores%20do%20ano%3A%20os%20memes%20mais%20engra%C3%A7ados%20de%202019%20%7C%20Lifestyle%20%7C%20Glamour&c7=h...
43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=6035227&ns__t=1661404433171&ns_c=UTF-8&c8=Melhores%20do%20ano%3A%20os%20memes%20mais%20engra%C3%A7ados%20de%202019%20%7C%20Lifestyle%20%7C%20Glamour&c7=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&c9=http%3A%2F%2Fsandramaria.online.anamarialopez.site%2F
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
13.225.223.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-90.jfk51.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:53 GMT
via
1.1 d3ab4cd494305c2d222c92f599e3c7c6.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
content-length
43
x-amz-cf-id
NN3wwcVyruwEX7R8KDoVl0A6ugqfzsk1n8vDUCPc-b-kQqafONmwvg==
x-cache
Miss from cloudfront
content-type
image/gif

Redirect headers

location
/p2?c1=2&c2=6035227&ns__t=1661404433171&ns_c=UTF-8&c8=Melhores%20do%20ano%3A%20os%20memes%20mais%20engra%C3%A7ados%20de%202019%20%7C%20Lifestyle%20%7C%20Glamour&c7=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&c9=http%3A%2F%2Fsandramaria.online.anamarialopez.site%2F
date
Thu, 25 Aug 2022 05:13:53 GMT
via
1.1 d3ab4cd494305c2d222c92f599e3c7c6.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
content-length
0
x-amz-cf-id
IfTa_9MHHCM0vXNCadupcHYG_OdtVnbynUKc6PRwY1O80btjo3FCMQ==
x-cache
Miss from cloudfront
horizon-pageview
horizon.globo.com/auth-session/activity/glamour/ 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://horizon.globo.com/auth-session/activity/glamour/horizon-pageview?object=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&Referrer=http%253A%252F%252Fsandramaria.online.anamarialopez.site%252F&tags=&client_version=0.3.11
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.211.79.33 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
33.79.211.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=60

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:54 GMT
x-served-from
hzt-tsuru
content-length
0
strict-transport-security
max-age=60
content-type
text/plain; charset=UTF-8
screen-shot-2022-08-24-at-22.15.48.png
s2.glbimg.com/mRucTtSIj33PmZ-UIPOFNyMrAnY=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2022/v/1/urkHfhQzCjEBSRP15uvg/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/mRucTtSIj33PmZ-UIPOFNyMrAnY=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2022/v/1/urkHfhQzCjEBSRP15uvg/screen-shot-2022-08-24-at-22.15.48.png
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-2021099fb8ce3b8dcf6be340411cb66f15f8d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
f6f4f2bcbbe1ab0abb698e405521f0733db9fd41e40703c18ae00a975ff59a57

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:53 GMT
via
2.0 CachOS
x-bip
832011915 ra03 11 01
age
13837
etag
"97d6b3d04ad129c5490f1cddfbd206d9a665237f"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB1D004
access-control-allow-headers
Content-Type
content-length
18710
x-request-id
b4add207-7f7b-4d8e-93cc-2be1320564c9
expires
Sat, 24 Sep 2022 01:19:41 GMT
and-0857.jpg
s2.glbimg.com/TrFhtDdipBoOQ7HcLSnqQjskr_4=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2022/x/F/jLW50vRuOMiJ1bVfzfNA/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/TrFhtDdipBoOQ7HcLSnqQjskr_4=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2022/x/F/jLW50vRuOMiJ1bVfzfNA/and-0857.jpg
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-2021099fb8ce3b8dcf6be340411cb66f15f8d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
9c629f8b76dd3e1eba7f261fb0f97eb8a50c0447752faa635f16d3608c8df6bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:53 GMT
via
2.0 CachOS
x-bip
832011916 ra03 11 01
age
20143
etag
"b34f4d8b2dff57eea44d0dc05a56e9e7c6775fac"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB1D004
access-control-allow-headers
Content-Type
content-length
8852
x-request-id
ce77e575-0ecd-4506-bfab-e8c1ceab2817
expires
Fri, 23 Sep 2022 23:36:04 GMT
whatsapp-image-2022-08-24-at-20.27.00.jpeg
s2.glbimg.com/sCcdcHJ5LrcX0TYKZgZhnkdS18k=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2022/t/D/bidJzaRCyRESnaWbYBEw/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/sCcdcHJ5LrcX0TYKZgZhnkdS18k=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2022/t/D/bidJzaRCyRESnaWbYBEw/whatsapp-image-2022-08-24-at-20.27.00.jpeg
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-2021099fb8ce3b8dcf6be340411cb66f15f8d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
abb3ebd29fd24a2b372fb13ac324338a0a9554f1f097a38538733dcf830beae9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:53 GMT
via
2.0 CachOS
x-bip
832011917 ra03 11 01
age
19445
etag
"f5889febd76e911188182c5a0ed2a6d13ec9f8db"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB1D004
access-control-allow-headers
Content-Type
content-length
11226
x-request-id
67091d27-5a11-4646-ac29-ff96ea6dcbc6
expires
Fri, 23 Sep 2022 23:46:34 GMT
screen-shot-2022-08-24-at-19.25.41.png
s2.glbimg.com/VFJYiZoBbAYLcPgXBXObDW3rpfc=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2022/S/e/8YzL7DRgA1s72c9s4jLw/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/VFJYiZoBbAYLcPgXBXObDW3rpfc=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2022/S/e/8YzL7DRgA1s72c9s4jLw/screen-shot-2022-08-24-at-19.25.41.png
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-2021099fb8ce3b8dcf6be340411cb66f15f8d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
7c7a06de58fb58fa9fa7edb3eec0ee8ee3460dadc66e578735479b832bb6194a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:53 GMT
via
2.0 CachOS
x-bip
832011918 ra03 11 01
age
23547
etag
"824cd9b7880f662063f48b014f56302ac0973612"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB1D004
access-control-allow-headers
Content-Type
content-length
14670
x-request-id
e817967d-4cf5-45d4-9626-b11008b8752d
expires
Fri, 23 Sep 2022 22:33:09 GMT
screen-shot-2022-08-24-at-22.51.54.png
s2.glbimg.com/pWAb_qjWBnU2TcsPCAztUopBnzM=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2022/1/j/1Az6tiRUioTuA1u5mNGA/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/pWAb_qjWBnU2TcsPCAztUopBnzM=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2022/1/j/1Az6tiRUioTuA1u5mNGA/screen-shot-2022-08-24-at-22.51.54.png
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-2021099fb8ce3b8dcf6be340411cb66f15f8d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
c5b75ac60af5bcfb11df6f2a767d6829fcd51ca43ecd2cf3742dac3f31fbc642

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:53 GMT
via
2.0 CachOS
x-bip
832011919 ra03 11 01
age
11489
etag
"f354f132e120d0661c4fc344f83553d390d1a12d"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB1D004
access-control-allow-headers
Content-Type
content-length
17272
x-request-id
922c1e7e-648e-4f56-b2f1-9ff36fc678a3
expires
Sat, 24 Sep 2022 01:58:27 GMT
euphoria-273118499-670917557268641-47907037825849786-n.jpg
s2.glbimg.com/FMayBX5uwp9oPUk5ZpODLAmTrqY=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2022/Y/V/FNyFquSQi5ttBKP3VnVA/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/FMayBX5uwp9oPUk5ZpODLAmTrqY=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2022/Y/V/FNyFquSQi5ttBKP3VnVA/euphoria-273118499-670917557268641-47907037825849786-n.jpg
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-2021099fb8ce3b8dcf6be340411cb66f15f8d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
854d0f21a2c161e7b2dbc8e4ea7eb1f6d1834b707f1b489bbfdbbd86ac767286

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:53 GMT
via
2.0 CachOS
x-bip
832011920 ra03 11 01
age
500391
etag
"c61af0ae046a20f88883f58cf99f331833494e9f"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB1D004
access-control-allow-headers
Content-Type
content-length
20614
x-request-id
30d495c9-6958-4863-956a-7c4236a2f04f
expires
Sun, 18 Sep 2022 10:14:02 GMT
tv4.min.js
s3.glbimg.com/cdn/libs/tv4/1.3.0/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/libs/tv4/1.3.0/tv4.min.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/1aa2241f8aedf804f59cfeb4a5846422.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:53 GMT
content-encoding
gzip
x-openstack-request-id
tx3ac84cf03fc54a91a24a8-006246f9e6
last-modified
Fri, 25 May 2018 14:11:50 GMT
x-thanos
0AB14003
vary
Accept-Encoding, Origin
content-type
application/javascript
x-timestamp
1527257509.32548
cache-control
public, max-age=31536000
x-trans-id
tx3ac84cf03fc54a91a24a8-006246f9e6
x-request-id
2c599c70-7dbf-4f25-9ea5-6a3471ce8bc9
selected-alternatives
globo-ab.globo.com/v2/ 		294 B
696 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://globo-ab.globo.com/v2/selected-alternatives?experiments=player-isolated-experiment-02&skipImpressions=true
Requested by
Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.215.230.239 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
239.230.215.35.bc.googleusercontent.com
Software
/
Resource Hash
97c39accdebc96290f15189602246d72a0d12155f027502cf079679f731af96f
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:54 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
strict-transport-security
max-age=300; includeSubDomains
trace-id
61d8b4d5d86866d2
access-control-allow-headers
user,User-Agent,Content-Type,GLBUID,GLBID,GLBEXP,x-client-user-agent,x-client-version,x-device-id,x-platform-id,x-canonical-uri,GLOBO_ID
ww.js
cdn.ampproject.org/rtv/012208121708000/ 		51 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208121708000/ww.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd6618f8ba6d085241bd49369dcb2f576ebe20208f08c7dd17bbf688aa1a03a4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
text/plain
Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
30476
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14452
x-xss-protection
0
server
sffe
date
Wed, 24 Aug 2022 20:45:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a6a623b4a551acf5"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 24 Aug 2023 20:45:57 GMT
profiling.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/profiling/ 		94 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/profiling/profiling.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
5276d043e29079eb1f08ac462778155015065c738a4074c0222beea311607b48

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:53 GMT
content-encoding
gzip
x-openstack-request-id
txafd7fe4cc4ce4fa9bed7f-006306d21e
last-modified
Tue, 16 Aug 2022 17:34:45 GMT
x-thanos
0AB14003
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1660671284.18921
cache-control
max-age=18000
x-trans-id
txafd7fe4cc4ce4fa9bed7f-006306d21e
x-request-id
7eb15753-b3b8-488b-ba91-352affe33029
expires
Wed, 16 Aug 2023 17:34:43 GMT
tm13574.js
tag.navdmp.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/tm13574.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1acaf1b84c7c6a5a7ae96e4b9cce92c540c0c8ebbb0e56f8ff473917e2e9a72

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:53 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Sep 2021 18:45:04 GMT
server
cloudflare
age
1595
etag
W/"6137b330-4291"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
7401d74e7a642994-ORD
content-type
application/javascript
expires
Thu, 25 Aug 2022 05:47:18 GMT
sexqhznbn.js
cdn.krxd.net/controltag/ 		75 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/sexqhznbn.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d4c5d952297366d4e340d33bef112d53749ea1b14f3bc9bbbe9c8dc9d73bb354

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Thu, 25 Aug 2022 05:13:53 GMT
via
1.1 varnish, 1.1 varnish
age
71
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
20793
x-served-by
config-service-a002-ash-prod.krxd.net, cache-iad-kjyo7100052-IAD, cache-chi-klot8100119-CHI
x-response-time
0
x-do-esi
esi
x-timer
S1661404434.682096,VS0,VE0
etag
"bb2b5013e6723d132478a4ab059baadafc322579"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 2
15688_glamour.js
ads.rubiconproject.com/prebid/ 		377 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/prebid/15688_glamour.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0fec9b50ddcab88183b739fe7adf9e7ee9f32d9846d02130419b08526b796484

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:53 GMT
content-encoding
gzip
last-modified
Wed, 24 Aug 2022 21:43:03 GMT
server
Apache
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
103533
expires
Thu, 25 Aug 2022 06:00:21 GMT
horizon-common-hit.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
322a189a59e4c2bb88503d921a1c3335f2d02c678083ec71e78891b9a9d316f2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:53 GMT
content-encoding
gzip
x-openstack-request-id
tx910d2c5c9a864e7b948ee-0063069612
last-modified
Tue, 26 Apr 2022 21:17:08 GMT
x-thanos
0AB14003
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1651007827.47156
cache-control
max-age=86400
x-trans-id
tx910d2c5c9a864e7b948ee-0063069612
x-request-id
0398449c-d91b-40b7-857b-70650f819b16
glb-pv-min.js
s.glbimg.com/bu/rt/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/bu/rt/js/glb-pv-min.js?utv=ut4.44.201810192103
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-bip
791577948 ra03 11 03
age
937
content-length
969
x-xss-protection
1; mode=block
x-request-id
8457b5ad-cbda-4706-ad68-727577538c23
last-modified
Mon, 04 Feb 2019 16:44:48 GMT
x-thanos
0AB1D017
etag
W/"5c586c00-703"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
via
2.0 CachOS
cache-control
max-age=3600
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 25 Aug 2022 05:58:16 GMT
tiny.js
static.infoglobo.com.br/paywall/js/ 		244 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/js/tiny.js?utv=ut4.44.202112201735
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
Apache /
Resource Hash
ae2a430797879079d5f612340b6898f6b9f107e7cb662e64161077532a5b49ea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 04:54:58 GMT
Content-Encoding
gzip
Age
1135
grace
none
X-Cache
HIT
Connection
Keep-Alive
Content-Length
55112
Last-Modified
Fri, 12 Aug 2022 15:06:39 GMT
Server
Apache
ETag
"a05ae44d-3cea4-5e60ca104ddc0"
vary
X-Forwarded-Proto
Content-Type
text/javascript
Access-Control-Allow-Origin
*
cache-control
public, max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
X-Cache-Hits
124
api.min.js
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/api/stable/web/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/api/stable/web/api.min.js?loading-agent=global-webdeps
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
350a236162231dd999bdaec121ffa79193036e95d894ca6dd067096488d128a5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:53 GMT
content-encoding
gzip
x-openstack-request-id
txb8bb57fcf2564a94895a6-006306f851
last-modified
Wed, 22 Jun 2022 17:27:03 GMT
x-thanos
0AB14003
vary
Accept-Encoding, Origin
x-object-meta-mtime
1652878055.000000
x-timestamp
1655918822.63985
cache-control
public, max-age=3600
content-type
application/javascript
x-trans-id
txb8bb57fcf2564a94895a6-006306f851
x-request-id
fd1a25bd-0164-481c-a4db-799f4fdf5e11
cadun.js
s.glbimg.com/pc/ca/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/pc/ca/cadun.js?loading-agent=global-webdeps
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
9f07eb1d3485dabe204a944ab51fd4d7b4f2247c58f170714cfb40ff118af06e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-bip
791708910 ra03 11 03
age
19022
content-length
5547
x-xss-protection
1; mode=block
x-request-id
9cf4b272-7fae-41d4-bb72-25dc25926561
last-modified
Wed, 27 Jan 2021 20:50:06 GMT
x-thanos
0AB1D017
etag
W/"6011d1fe-3759"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
via
2.0 CachOS
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Wed, 31 Aug 2022 23:56:50 GMT
globo-ab.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.4.0/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.4.0/globo-ab.min.js?loading-agent=global-webdeps
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
e8bf9ccc765b5576c8b86e1f75a308e112cea4c1ead476dcf94720d10fa6fb0d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:53 GMT
content-encoding
gzip
x-openstack-request-id
tx261b355d8bcf41ca89dc6-00630704e5
last-modified
Thu, 12 May 2022 20:00:29 GMT
x-thanos
0AB14003
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1652385628.79171
cache-control
public, max-age=180
x-trans-id
tx261b355d8bcf41ca89dc6-00630704e5
x-request-id
af7dc294-c842-4e94-ac1f-aaba5f1c2671
globo-ab-v2.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/globo-ab-v2.min.js?loading-agent=global-webdeps
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
60b0f8f7a630b8cf83d4c29ddd3e6e614b119208fe97a96cae6dc6311541671b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:53 GMT
content-encoding
gzip
x-openstack-request-id
tx03d5a2bfa82f49fb9876c-0063062562
last-modified
Wed, 24 Oct 2018 17:17:43 GMT
x-thanos
0AB14003
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1540401462.48634
cache-control
public, max-age=86400
x-trans-id
tx03d5a2bfa82f49fb9876c-0063062562
x-request-id
f3afe812-c0a8-4520-838b-c255677f49c3
globo-ab.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.0/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.0/globo-ab.min.js?loading-agent=global-webdeps
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
bb396c659a45cda460f579b753cf3a53f83eb8198bd344af0a2e2d9030ef910f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:53 GMT
content-encoding
gzip
x-openstack-request-id
tx78377010ea2146c19ef13-006307048b
last-modified
Tue, 19 May 2020 15:37:59 GMT
x-thanos
0AB14003
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1589902678.74751
cache-control
public, max-age=180
x-trans-id
tx78377010ea2146c19ef13-006307048b
x-request-id
14399cb2-e5b3-489e-9683-ef6375c12b38
publicidade.css
s3.glbimg.com/v1/AUTH_b3eff1d540ba48dd8558daf4d094c778/assets/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_b3eff1d540ba48dd8558daf4d094c778/assets/publicidade.css
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
4e5a8df78e43e83e6ca4b7af38833a508483d29e3c5332b7dc19a0ac9b27c692

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:53 GMT
content-encoding
gzip
x-openstack-request-id
tx193138c568404c63b9d4d-006307050b
last-modified
Tue, 12 Feb 2019 18:01:54 GMT
x-thanos
0AB14003
vary
Accept-Encoding, Origin
content-type
text/css
x-timestamp
1549994513.97827
cache-control
public, max-age=180
x-trans-id
tx193138c568404c63b9d4d-006307050b
x-request-id
9adecaea-e525-4a1b-9598-378f3d638331
loader.js
cdn.taboola.com/libtrc/editoraglobonetwork/ 		627 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e33d5cb4512f387f336a822e159533830306657a7a1036d8ff36b4398ae90936

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
Anlou78s1EhxxxA02i0W8NKfvArEB8Q2
content-encoding
gzip
etag
"e471eef1bb28fca5fdf25adb1ef304e5"
age
38
x-cache
HIT
content-length
43726
x-amz-id-2
s8lNIGzsjCUcntQ/d7ZFMKcoKnj086aNi5VOMAYRI3niWcVbC63rIQYQVZclQWYDKkEoQb+ob1o=
x-served-by
cache-chi-klot8100047-CHI
last-modified
Wed, 24 Aug 2022 10:06:17 GMT
server
AmazonS3
x-timer
S1661404434.722953,VS0,VE1
date
Thu, 25 Aug 2022 05:13:53 GMT
vary
Accept-Encoding
x-amz-request-id
SKQXHBQWN566MBYF
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
57
x-cache-hits
1
ivc.js
gadasource.storage.googleapis.com/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gadasource.storage.googleapis.com/ivc.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2010 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:47:41 GMT
content-encoding
gzip
age
1572
x-guploader-uploadid
ADPycdsI1u_R0tnuQvGH48JM1I3ftpGB7wbGwzwqfMth9W3xEzE44fseZd1Rlp2OiEpE3Ai9t_d_R5erGiTDinhgXKMSMA9d75Vx
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24321
last-modified
Mon, 02 Sep 2019 19:50:51 GMT
server
UploadServer
etag
"cdaa61cbc24c48191196b45b31a7e18b"
vary
Accept-Encoding
x-goog-hash
crc32c=okr5pw==, md5=zaphy8JMSBkRlrRbMafhiw==
x-goog-generation
1567453851562424
cache-control
public, max-age=3600
x-goog-stored-content-length
24321
accept-ranges
bytes
content-type
text/plain
expires
Thu, 25 Aug 2022 05:47:41 GMT
/
usergate.globo.com/ 		29 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://usergate.globo.com/
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.198.44.170 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
170.44.198.35.bc.googleusercontent.com
Software
/
Resource Hash
3f9e3eaecd1f1935454bba4a953e8b186694f4ccb15910ca8cd44552fcbb9552

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:54 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
access-control-allow-headers
User-Agent,Content-Type,Cookie,X-App,GLBID,GST
usr
usr.navdmp.com/ 		77 B
289 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usr.navdmp.com/usr?v=7&acc=13574&upd=1&new=1&wst=0&wct=1&wla=1&dsy=0
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac9a94544292c19e019458dc2b64228bfd1f01098d0ad1104e5a7ed165cfe410

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Aug 2022 05:13:53 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
7401d74ebaa42994-ORD
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
content-type
application/javascript
expires
Thu, 25 Aug 2022 06:13:53 GMT
controltag.js.387e8802bbd0d9fbfa52c1546d7297df
cdn.krxd.net/ctjs/ 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sexqhznbn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d1872ace7c3af8a214bec239d58ad3d4f3e0d5eee7a18bb416aa9cd28fff233d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Thu, 25 Aug 2022 05:13:53 GMT
content-encoding
gzip
age
10280493
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
880986
content-length
84742
x-served-by
cache-chi-klot8100119-CHI
last-modified
Thu, 28 Apr 2022 05:17:05 GMT
x-timer
S1661404434.719272,VS0,VE0
etag
"387e8802bbd0d9fbfa52c1546d7297df"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Sun, 25 Apr 2032 05:17:04 GMT
b0bfd438-2ac7-42d9-818c-e4d8814cf620
https://glamour.globo.com/ 		51 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://glamour.globo.com/b0bfd438-2ac7-42d9-818c-e4d8814cf620
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
434b5741ad305ce4a3f87e0664d243410de7c9806c94d54e999aaf5adf0761a9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length
52088
Content-Type
text/javascript
schemas
horizon-schemas.globo.com/ 		134 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://horizon-schemas.globo.com/schemas
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/1aa2241f8aedf804f59cfeb4a5846422.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.81.117 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-81-117.prt.globo.com
Software
/
Resource Hash
1975f64eb2e102121a030c6eb50da10e3f1d78d0b6a9b2e5d4c2f8f636bca449
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-bip
251484211 asra03mp05lx02ca08.globoi.com
age
2143
vary
X-Forwarded-Proto, Accept-Encoding, Origin
content-length
12436
x-xss-protection
1; mode=block
x-request-id
5f593b62-74df-43f0-b4da-6b669a130418
access-control-allow-origin
https://glamour.globo.com
x-thanos
0AB1D115
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/json; charset=UTF-8
via
2.0 CachOS
cache-control
max-age=7200, public
accept-ranges
bytes
cadun.js
s.glbimg.com/pc/ca/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/pc/ca/cadun.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/profiling/profiling.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
9f07eb1d3485dabe204a944ab51fd4d7b4f2247c58f170714cfb40ff118af06e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-bip
787670075 ra03 11 03
age
19022
content-length
5547
x-xss-protection
1; mode=block
x-request-id
0ba49cb1-232a-42f1-903a-eaa437f97043
last-modified
Wed, 27 Jan 2021 20:50:06 GMT
x-thanos
0AB1D017
etag
W/"6011d1fe-3759"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
via
2.0 CachOS
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Wed, 31 Aug 2022 23:56:50 GMT
load.js
widget.perfectmarket.com/editoraglobonetwork/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/editoraglobonetwork/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a631724cecac8cf46ece583f5717dce6335c12c4e364c837a9aa376e85b43322

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
96SXZm1_vuUWZ2qonXeDPFXCMBPcVT5j
content-encoding
gzip
etag
"f720015773ac2581bfedfc349bc4a9d1"
age
124
x-cache
HIT, HIT
content-length
2143
x-amz-id-2
B8WJ8QNyuzoILludWlIdK0uVGly0E/VxAKv0WbiUUoJJ9wRn7kWGJVb8By/rOIIAIG90o1obMWI=
x-served-by
cache-sna10748-LGB, cache-chi-kigq8000148-CHI
last-modified
Wed, 11 May 2022 16:32:46 GMT
server
AmazonS3
x-timer
S1661404434.881666,VS0,VE1
date
Thu, 25 Aug 2022 05:13:53 GMT
vary
Accept-Encoding,,
x-amz-request-id
SK954TMED6G4179K
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 1
impl.20220824-5-RELEASE.js
cdn.taboola.com/libtrc/ 		679 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220824-5-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
641d21510402c273434756ba9dd8af1c99325599060a4a35efff483863b816f5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
xbAJKaoUmhyL.JIHTqn0pGettuNAjv39
content-encoding
br
etag
"413ad348a1478ad74da4365eb3b357fe"
age
11618
x-cache
HIT
content-length
143728
x-amz-id-2
ez31PQfRqv4UVSrfKG+akzCA5jNEPBW8NCnibVLxT3fe6yA9/L+HJlHNgKZg8ykqdAAGY/XZx4k=
x-served-by
cache-chi-klot8100047-CHI
last-modified
Wed, 24 Aug 2022 10:00:07 GMT
server
AmazonS3-br
x-timer
S1661404434.816925,VS0,VE0
date
Thu, 25 Aug 2022 05:13:53 GMT
vary
Accept-Encoding
x-amz-request-id
DRCQN13FZ1YB3CSD
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
59
x-cache-hits
592
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-90.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 23:20:18 GMT
content-encoding
gzip
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
age
21215
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d3ab4cd494305c2d222c92f599e3c7c6.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
VXkrUKv8tXhPkTIQKolRy1fJdhcfrO0guzeA-WhFrZcBKqjStvq9WQ==
proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame E6A9 		805 B
826 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
4470060
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
525
content-type
text/html
date
Thu, 25 Aug 2022 05:13:53 GMT
etag
"3d2100fd7107262ecb55ce6847f01fa5"
expires
Fri, 19 Feb 2027 17:50:50 GMT
last-modified
Tue, 21 Feb 2017 17:50:54 GMT
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
231794
x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
x-served-by
cache-chi-klot8100119-CHI
x-timer
S1661404434.843801,VS0,VE0
req
cdn.navdmp.com/ 		6 B
78 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=1146a7ae846efec8802ccb4d5c10&acc=13574&url=https%3A//glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&ref=http%3A//sandramaria.online.anamarialopez.site/&tit=Melhores%20do%20ano%3A%20os%20memes%20mais%20engra%E7ados%20de%202019%20%7C%20Lifestyle%20%7C%20Glamour
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7401d74fabd32994-ORD
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/x-javascript
usermatch.gif
beacon.krxd.net/ 		0
338 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/usermatch.gif?partner=navegg&partner_uid=1146a7ae846efec8802ccb4d5c10
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.228.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-228-175.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:53 GMT
cache-control
private, no-cache, no-store
x-request-time
D=48 t=1661404433
x-served-by
beacon-n008-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
5007d44e-09d1-49b7-8c99-6b1cc38c3cbc
consumer.krxd.net/consent/get/ 		235 B
436 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9f1508da4c7e232fecfa9d9ca9c8d6d4097d449c91b20d51903af021612c1214

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:54 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a006-ash-prod.krxd.net, cache-chi-klot8100161-CHI
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1661404434.981597,VS0,VE25
content-length
192
x-cache-hits
0, 0
login.css
s.glbimg.com/pc/ca/ 		846 B
837 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/pc/ca/login.css
Requested by
Host: s.glbimg.com
URL: https://s.glbimg.com/pc/ca/cadun.js?loading-agent=global-webdeps
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
d3decc75ba01ec53d1204eee13646967c5ec5ae009d0172ff3a06d38e0c8ef44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-bip
791577954 ra03 11 03
age
19022
content-length
431
x-xss-protection
1; mode=block
x-request-id
acad3030-b6da-4d67-a702-74f3ef5eeff2
last-modified
Wed, 27 Jan 2021 20:50:06 GMT
x-thanos
0AB1D017
etag
W/"6011d1fe-34e"
vary
Accept-Encoding, Origin
content-type
text/css
via
2.0 CachOS
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Wed, 31 Aug 2022 23:56:51 GMT
logged
cocoon.globo.com/v2/user/ 		187 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cocoon.globo.com/v2/user/logged
Requested by
Host: s.glbimg.com
URL: https://s.glbimg.com/pc/ca/cadun.js?loading-agent=global-webdeps
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.153.86 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
86.153.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
67b29726ad336fcb523d72d2ad495b4d9ef43a012f8fa91495e5c14f0ecacbd7

Request headers

Referer
https://glamour.globo.com/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:54 GMT
via
1.1 google
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
access-control-allow-methods
POST, OPTIONS
p3p
CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
187
logged
cocoon.globo.com/v2/user/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cocoon.globo.com/v2/user/logged
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.153.86 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
86.153.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://glamour.globo.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 25 Aug 2022 05:13:54 GMT
server
nginx
via
1.1 google
i
ivccf.ivcbrasil.org.br/ 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivccf.ivcbrasil.org.br/i?stm=1661404433934&e=pv&url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&page=Melhores%20do%20ano%3A%20os%20memes%20mais%20engra%C3%A7ados%20de%202019%20%7C%20Lifestyle%20%7C%20Glamour&refr=http%3A%2F%2Fsandramaria.online.anamarialopez.site%2F&tv=js-2.9.2-SNAPSHOT&tna=cf&aid=134&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&eid=f168843a-2329-42c4-bfde-869c062d2b86&dtm=1661404433931&vp=1600x1200&ds=1600x16671&vid=1&sid=9a093d9b-a255-4b1c-a4ff-5fa62cc68e39&duid=5dc02c34-7e08-4ed8-85ed-b68d1cb3a2ee&fp=3509762647
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.73.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-73-181.us-west-2.compute.amazonaws.com
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:13:54 GMT
Server
Apache/2.4.51 () OpenSSL/1.0.2k-fips
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
b
sb.scorecardresearch.com/ 		0
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1661404433952&ns_c=UTF-8&c7=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&c8=Melhores%20do%20ano%3A%20os%20memes%20mais%20engra%C3%A7ados%20de%202019%20%7C%20Lifestyle%20%7C%20Glamour&c9=http%3A%2F%2Fsandramaria.online.anamarialopez.site%2F
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-90.jfk51.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:53 GMT
via
1.1 d3ab4cd494305c2d222c92f599e3c7c6.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
O0aYOAbiQQSgqAEwbzam2ofsvWuWH0azPq1eQeStgmMHgYuOUwQkTg==
x-cache
Miss from cloudfront
sexqhznbn.js
cdn.krxd.net/controltag/ Frame E6A9 		75 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/sexqhznbn.js
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d4c5d952297366d4e340d33bef112d53749ea1b14f3bc9bbbe9c8dc9d73bb354

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Thu, 25 Aug 2022 05:13:53 GMT
via
1.1 varnish, 1.1 varnish
age
71
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
20793
x-served-by
config-service-a002-ash-prod.krxd.net, cache-iad-kjyo7100052-IAD, cache-chi-klot8100119-CHI
x-response-time
0
x-do-esi
esi
x-timer
S1661404434.979522,VS0,VE0
etag
"bb2b5013e6723d132478a4ab059baadafc322579"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 3
pmk-202010011.11.js
widget.perfectmarket.com/editoraglobonetwork/ 		118 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/editoraglobonetwork/pmk-202010011.11.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/editoraglobonetwork/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f54ab1e32dd2faf787fd0c28a5b92b033d19ece20de5f26114e2d13c7f5a5e96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
mt6MQyBByZVRtgC8luVZNo8BBOOswaIf
content-encoding
gzip
etag
"d7b72fd3620fcd4e69dac981832e644f"
age
2576714
x-cache
HIT, HIT
content-length
32407
x-amz-id-2
+HIvO0HQz7T8IjzZURl9r5Oxce4US1ZLgRCL/mX1Ej7ekOmTuIodpmrJZU4z/bLGUNdhCiwAFqI=
x-served-by
cache-lax10623-LGB, cache-chi-kigq8000148-CHI
last-modified
Wed, 11 May 2022 16:32:46 GMT
server
AmazonS3
x-timer
S1661404434.982865,VS0,VE1
date
Thu, 25 Aug 2022 05:13:53 GMT
vary
Accept-Encoding,,
x-amz-request-id
RSM53DGHMSGYKXYK
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 1
chooseAndIncrement
globo-mab.globo.com/mab/bastian-advwblt-r5:glamour:desktop:multicontent:ep/ 		164 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://globo-mab.globo.com/mab/bastian-advwblt-r5:glamour:desktop:multicontent:ep/chooseAndIncrement
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.0/globo-ab.min.js?loading-agent=global-webdeps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.215.207.122 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.215.35.bc.googleusercontent.com
Software
/
Resource Hash
11499e232303192686b4bc5d943f89c6310724941446a4539f7595728fb5b68c
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:54 GMT
strict-transport-security
max-age=300; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
trace-id
96c7f417aa8c3319
access-control-allow-headers
user,User-Agent,Content-Type,GLBUID,GLBID,GLBEXP,x-client-user-agent,x-client-version,x-device-id,x-platform-id,x-canonical-uri,GLOBO_ID
chooseAndIncrement
globo-mab.globo.com/mab/bastian-advwblt-r5:glamour:desktop:multicontent:dinamico/ 		170 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://globo-mab.globo.com/mab/bastian-advwblt-r5:glamour:desktop:multicontent:dinamico/chooseAndIncrement
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.0/globo-ab.min.js?loading-agent=global-webdeps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.215.207.122 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.215.35.bc.googleusercontent.com
Software
/
Resource Hash
92242b91deb192dc1c5202e458216198d0625837158581f6cc53d316c78ef5c6
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:54 GMT
strict-transport-security
max-age=300; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
trace-id
b6b3afa8b00de0c5
access-control-allow-headers
user,User-Agent,Content-Type,GLBUID,GLBID,GLBEXP,x-client-user-agent,x-client-version,x-device-id,x-platform-id,x-canonical-uri,GLOBO_ID
15688-pbjs-floors.json
ads.rubiconproject.com/floors/ 		61 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/15688-pbjs-floors.json
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_glamour.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3f4178004021ac43dcc4437f6a58cd20c80755e5dd2f7871a6159819d5494efe

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 25 Aug 2022 05:13:54 GMT
content-encoding
gzip
last-modified
Wed, 24 Aug 2022 21:43:03 GMT
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
5324
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220825
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_glamour.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a3e5769b50199a784f497baed5fd808561f9eb5dd8eedc479ddad31ec9d93c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 25 Aug 2022 05:13:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7969
x-jsd-version
1.0.1442
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19130-FRA, cache-iad-kiad7000144-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66c-X0qOsT95Dju0AixUjbkkTzLojuY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TqFC8ISUieC1%2FoepsMSW8A1qlRuC1YV%2FScwe4oCV2T%2Fs%2BjJpI6NmGZUAG%2FAHCPook%2Bl3CDtvyt3akSt3KYHJPVGzRGYao7ByOSATSWe8DP3KsethbiTuf%2FqzpCS1I07g7L9vVUh61OoluGn%2B8qM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
7401d75138a82ca1-ORD
access-control-expose-headers
*
card-interference-detector.20220824-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/card-interference-detector.20220824-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6eaed07fa2df8d34713bbd1e4f10a16cce7087970224906f4912aff9216d46a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
NBR867Ab_cwvaOJkMVyimp5HJSDumBoj
content-encoding
gzip
etag
"4fbd353d3d45a23cb5b42336b9e65055"
age
30
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2181
x-amz-id-2
ppjbTcXpUopPCib97mNlObG9xZ0vQfy4MxcwVNQjyP/AL48Eu7OeXf8s0cC2QUR5RCh6DSy6Phg=
x-served-by
cache-chi-klot8100047-CHI
last-modified
Wed, 24 Aug 2022 18:11:11 GMT
server
AmazonS3
x-timer
S1661404434.061321,VS0,VE0
date
Thu, 25 Aug 2022 05:13:54 GMT
vary
Accept-Encoding
x-amz-request-id
0G2H3RFBVDZX9WQD
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
59
x-cache-hits
2
controltag.js.387e8802bbd0d9fbfa52c1546d7297df
cdn.krxd.net/ctjs/ Frame E6A9 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sexqhznbn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d1872ace7c3af8a214bec239d58ad3d4f3e0d5eee7a18bb416aa9cd28fff233d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Thu, 25 Aug 2022 05:13:54 GMT
content-encoding
gzip
age
10280494
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
880987
content-length
84742
x-served-by
cache-chi-klot8100119-CHI
last-modified
Thu, 28 Apr 2022 05:17:05 GMT
x-timer
S1661404434.112932,VS0,VE0
etag
"387e8802bbd0d9fbfa52c1546d7297df"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Sun, 25 Apr 2032 05:17:04 GMT
player.min.js
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/ 		2 MB
567 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js
Requested by
Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
d9275df09199a40bb650ce1216fde1c809530ea918816f4b581a237999235120

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:54 GMT
content-encoding
gzip
x-openstack-request-id
tx6480d43b15204fcd8fcc2-006306f9df
last-modified
Mon, 22 Aug 2022 18:23:05 GMT
x-thanos
0AB14003
vary
Accept-Encoding, Origin
x-object-meta-mtime
1661191538.000000
x-timestamp
1661192584.48975
cache-control
public, max-age=3600
content-type
application/javascript
x-trans-id
tx6480d43b15204fcd8fcc2-006306f9df
x-request-id
e1df66b3-3bb4-4848-a53e-1bd4d3456ebb
5007d44e-09d1-49b7-8c99-6b1cc38c3cbc
consumer.krxd.net/consent/get/ Frame E6A9 		220 B
290 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
90da253f1f39dfefae0ae769d3c82522a3689912b1c0c581a1b1db7794ed8dab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:54 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a007-ash-prod.krxd.net, cache-chi-klot8100161-CHI
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1661404434.179042,VS0,VE28
content-length
185
x-cache-hits
0, 0
usermatch.gif
beacon.krxd.net/ Frame E6A9
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=google
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=UENlRm9sTnc
  • https://cm.g.doubleclick.net/pixel?google_cm=&google_nid=krux_digital&google_hm=UENlRm9sTnc&google_tc=
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEMJR6cxpMpUXsiymBJ9omoA&google_cver=1
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEMJR6cxpMpUXsiymBJ9omoA&google_cver=1
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
34.196.228.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-228-175.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:54 GMT
cache-control
private, no-cache, no-store
x-request-time
D=26 t=1661404434
x-served-by
beacon-n036-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEMJR6cxpMpUXsiymBJ9omoA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame E6A9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=UENlRm9sTnc
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm=&google_hm=UENlRm9sTnc&google_tc=
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEARJrdk94A1THWJaM2ymCgM&google_cver=1
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEARJrdk94A1THWJaM2ymCgM&google_cver=1
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
34.196.228.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-228-175.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:54 GMT
cache-control
private, no-cache, no-store
x-request-time
D=71 t=1661404434
x-served-by
beacon-n003-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEARJrdk94A1THWJaM2ymCgM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
26357
stags.bluekai.com/site/ Frame E6A9 		62 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/26357?id=PCeFolNw
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.184.224 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-184-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:54 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length
62
content-type
image/gif
usermatch.gif
beacon.krxd.net/ Frame E6A9
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://gum.criteo.com/sync?s=1&c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=UgnTLHMU3ji8pfoae38FlvVZUVula0Ex
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=UgnTLHMU3ji8pfoae38FlvVZUVula0Ex
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
34.196.228.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-228-175.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:54 GMT
cache-control
private, no-cache, no-store
x-request-time
D=39 t=1661404434
x-served-by
beacon-n021-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=UgnTLHMU3ji8pfoae38FlvVZUVula0Ex
date
Thu, 25 Aug 2022 05:13:54 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
3860
content-length
218
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
p
sb.scorecardresearch.com/ Frame E6A9 		43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=PCeFolNw&rn=1661404434
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-90.jfk51.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:54 GMT
via
1.1 d3ab4cd494305c2d222c92f599e3c7c6.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
content-length
43
x-amz-cf-id
7b-gQgcq532M9wjxIiWS8giLBXDfJG4ubcX9SBwsGZCcG9wHebcn8g==
x-cache
Miss from cloudfront
content-type
image/gif
demconf.jpg
dpm.demdex.net/ Frame E6A9
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=66757&&dpuuid=PCeFolNw
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=66757&&dpuuid=PCeFolNw
42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=66757&&dpuuid=PCeFolNw
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Server
54.85.162.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-162-154.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v038-09eda4cc6.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
HAI6LiYyTC8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-va6-1-v038-0379d17d3.edge-va6.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
/rCn1IANRXU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=66757&&dpuuid=PCeFolNw
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
usermatch.gif
beacon.krxd.net/ Frame E6A9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fadnxs_uid%3D%24UID
  • https://beacon.krxd.net/usermatch.gif?adnxs_uid=7412760816595641933
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?adnxs_uid=7412760816595641933
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
34.196.228.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-228-175.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:54 GMT
cache-control
private, no-cache, no-store
x-request-time
D=24 t=1661404434
x-served-by
beacon-n012-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:54 GMT
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
84a5c56b-1c77-4fde-b2c6-456dfb3b6f50
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://beacon.krxd.net/usermatch.gif?adnxs_uid=7412760816595641933
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
ib.adnxs.com/ Frame E6A9
Redirect Chain
  • https://ib.adnxs.com/mapuid?member=1780&user=PCeFolNw
  • https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember%3D1780%26user%3DPCeFolNw
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember%3D1780%26user%3DPCeFolNw
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Server
68.67.179.164 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:54 GMT
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
d225bb96-05c5-478e-9ef3-57fd273028fd
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:54 GMT
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
08a8b02a-96c4-42eb-a25d-dadfa683af38
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember%3D1780%26user%3DPCeFolNw
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
379708.gif
idsync.rlcdn.com/ Frame E6A9 		42 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/379708.gif?partner_uid=PCeFolNw
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 05:13:54 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
token
token.rubiconproject.com/ Frame E6A9 		0
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=27384&puid=krux_id&gdpr=0
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
8eb2d9eeed9b9c468975d0ba24565e5b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usersync
pixel-sync.sitescout.com/connectors/krux/ Frame E6A9
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=sitescout
  • https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=PCeFolNw
  • https://pixel-sync.sitescout.com/connectors/krux/usersync?cookieQ=1&foreign_id=PCeFolNw
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/connectors/krux/usersync?cookieQ=1&foreign_id=PCeFolNw
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
207.198.113.88 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:54 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location
https://pixel-sync.sitescout.com/connectors/krux/usersync?cookieQ=1&foreign_id=PCeFolNw
date
Thu, 25 Aug 2022 05:13:54 GMT
server
AC1.1
content-length
0
usermatch.gif
beacon.krxd.net/ Frame E6A9
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=verizon
  • https://cms.analytics.yahoo.com/cms?partner_id=KRUX&_hosted_id=PCeFolNw
  • https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-TH6R.stE2pu0Eh5i4G4tFcsZ9twuY31fig--~A
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-TH6R.stE2pu0Eh5i4G4tFcsZ9twuY31fig--~A
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
34.196.228.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-228-175.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:54 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1661404434
x-served-by
beacon-n006-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 25 Aug 2022 05:13:54 GMT
via
http/1.1 spdc0113.tgt.bf1.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-TH6R.stE2pu0Eh5i4G4tFcsZ9twuY31fig--~A
content-length
0
sync
sync.navdmp.com/ Frame E6A9
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=navegg
  • https://sync.navdmp.com/sync?prtid=30&salid=PCeFolNw
6 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.navdmp.com/sync?prtid=30&salid=PCeFolNw
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:54 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7401d7548ad82994-ORD
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript

Redirect headers

location
https://sync.navdmp.com/sync?prtid=30&salid=PCeFolNw
date
Thu, 25 Aug 2022 05:13:54 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a015-ash-prod.krxd.net
RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005
sync.targeting.unrulymedia.com/csync/ Frame E6A9
Redirect Chain
  • https://sync.1rx.io/usersync/krux/PCeFolNw?dspret=1
  • https://sync.1rx.io/usersync/krux/PCeFolNw?zcc=1&cb=1661404434804
  • https://sync.targeting.unrulymedia.com/csync/RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Server
199.127.204.147 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:13:55 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:54 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
getdata.xgi
r.nexac.com/e/ Frame E6A9 		0
0
glamour
horizon-track.globo.com/event/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://horizon-track.globo.com/event/glamour
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/1aa2241f8aedf804f59cfeb4a5846422.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.211.79.33 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
33.79.211.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary4ssEBmPXwSVAFeLp

Response headers
callback.min.js
s3.glbimg.com/v1/AUTH_05f06ca986b54d6e9c5df94927ccf7fc/libs/globoid-js/prod/ Frame 8310 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_05f06ca986b54d6e9c5df94927ccf7fc/libs/globoid-js/prod/callback.min.js
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/login-callback.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
b9f6160b7ea7d0645d6201d24919b7289061f8d021e3c245ad5dd7b00ec66ff2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:54 GMT
content-encoding
gzip
x-openstack-request-id
tx1bc24a06f90d41bb9647d-00630704bc
last-modified
Thu, 01 Apr 2021 19:16:32 GMT
x-thanos
0AB14003
vary
Accept-Encoding, Origin
content-type
text/html
x-timestamp
1617304591.88878
cache-control
public, max-age=180
x-trans-id
tx1bc24a06f90d41bb9647d-00630704bc
x-request-id
8bccbb75-f63b-45f9-a9c1-2c4e1f3846dc
json
trc.taboola.com/editoraglobo-glamour/trc/3/ 		64 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/editoraglobo-glamour/trc/3/json?tim=05%3A13%3A54.616&lti=deflated&data=%7B%22id%22%3A997%2C%22ii%22%3A%22%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1661335554168%2C%22vi%22%3A1661404434613%2C%22cv%22%3A%2220220824-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml%22%2C%22vpi%22%3A%22%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml%22%2C%22e%22%3A%22http%3A%2F%2Fsandramaria.online.anamarialopez.site%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A16671%2C%22nsid%22%3A%22editoraglobonetwork%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A14370.15625%2C%22mw%22%3A648%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220824-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b0a58c1c3e603536db65ee5a8ea8850bcb8129bb2b7fd8254e665e0782e2dc85

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
286
date
Thu, 25 Aug 2022 05:13:54 GMT
content-encoding
gzip
server
nginx
x-timer
S1661404435.642947,VS0,VE286
x-served-by
cache-chi-klot8100047-CHI
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
bulk-metrics
trc-events.taboola.com/editoraglobo-glamour/log/3/ 		0
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/editoraglobo-glamour/log/3/bulk-metrics?lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220824-5-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://glamour.globo.com
pragma
no-cache
date
Thu, 25 Aug 2022 05:13:54 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
glamour
horizon-track.globo.com/event/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://horizon-track.globo.com/event/glamour
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/1aa2241f8aedf804f59cfeb4a5846422.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.211.79.33 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
33.79.211.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryxSOGDcUhEAwGAnCV

Response headers
cd
cd.navdmp.com/ 		6 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cd.navdmp.com/cd?prtid=13574&prtusridr=c0339bb04e00a1f6601e4c2a6d3d53e5b66d9fcc
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:54 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7401d754cb2a2994-ORD
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/x-javascript
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/3.9.0/ 		104 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.9.0/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220824-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
73877f5e39d86856de2a633e9a710cb1d21637f21ffe9e5c268ab9f8527553b1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:54 GMT
via
1.1 6849583d0416cc59bc5a83f3d7cfb27c.cloudfront.net (CloudFront), 1.1 varnish
age
763732
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
30395
x-served-by
cache-chi-klot8100047-CHI
last-modified
Tue, 16 Aug 2022 09:03:55 GMT
server
AmazonS3
x-timer
S1661404435.973143,VS0,VE0
etag
"c9c42190910a5ef0aea595afc2eb003e"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
ORD58-P2
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
Hu6gMJTtnBHyLjrzkcEdHr-zu2pH1AG-npuV7UWM1JHTYmL7XgLo_A==
x-cache-hits
33
feed-card-placeholder.20220824-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20220824-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ac9ab476d35e1748fbaa57a53d3b1ee06ce9266abe4088da329ecae0511a797

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
RxVKg.Rd7j7tYtA7dfQ_Xyyxkc2edKg.
content-encoding
gzip
etag
"1e2e419953392086e5d427aa665ff788"
age
18
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1263
x-amz-id-2
Kqwe84O6SpZp21+HhEJwRPP+9LXV/iYci7FZH4Ga+R9+NQZ0TaHUumOUkSFhuXEwbp9dK4mlJAU=
x-served-by
cache-chi-klot8100047-CHI
last-modified
Wed, 24 Aug 2022 18:11:28 GMT
server
AmazonS3
x-timer
S1661404435.983767,VS0,VE0
date
Thu, 25 Aug 2022 05:13:54 GMT
vary
Accept-Encoding
x-amz-request-id
XSCH0VFEMV5FJ9FY
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
46
x-cache-hits
4
distance-from-article.20220824-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20220824-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2285616a8e12bf0f31c6ec853acd7c221de6c6b0b5798b65b5aec2d2b123a75

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
tdDiXke8KHjgxtg9gFUcaHy2O4JSN6yW
content-encoding
gzip
etag
"2c95ae80b5990841a6f03606604ec5bb"
age
21
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1012
x-amz-id-2
J0c6vYisgOaYVzun0js1WfStsKcfP0ainevWZVv8iKYKIgDVfAFeaDdhK73xZUkP+Z2/+ay57Kk=
x-served-by
cache-chi-klot8100047-CHI
last-modified
Wed, 24 Aug 2022 18:11:19 GMT
server
AmazonS3
x-timer
S1661404435.994312,VS0,VE3
date
Thu, 25 Aug 2022 05:13:54 GMT
vary
Accept-Encoding
x-amz-request-id
V85P1H4A4Q3QC6WR
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
46
x-cache-hits
1
article-detection.20220824-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20220824-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
119916f316f528ebae8684f3a457f24fa2907f27e6f3c4a525dd3971b2783cf4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
9j8ossgwCo8_45H76iaqg6PC4qCA72ne
content-encoding
gzip
etag
"89e8a94db27fee3368e54985354c437b"
age
33
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1236
x-amz-id-2
bvuL+Al4AbUpgybzZbwo/TeVkoarLHmag3M+ezJdvsLxa834tD88s1Dy6IhH32Cy4pzSn/4J03A=
x-served-by
cache-chi-klot8100047-CHI
last-modified
Wed, 24 Aug 2022 18:11:05 GMT
server
AmazonS3
x-timer
S1661404435.994424,VS0,VE0
date
Thu, 25 Aug 2022 05:13:54 GMT
vary
Accept-Encoding
x-amz-request-id
0G2TJMSP182HX0Y2
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
46
x-cache-hits
2
8314438e-1240-4037-ade5-bfeaed299a90.css
cdn.taboola.com/static/83/ 		451 B
490 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/static/83/8314438e-1240-4037-ade5-bfeaed299a90.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68a4909c6b8a33d5355c1ef06ee9caff0286db5252efedcf509859a82cdc5463

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
CkT0watBV7AEsiEughRkYLexggZw11Ym
content-encoding
gzip
etag
"1802e318f880ad7e5c7030e9da649cf6"
age
17497
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
222
x-amz-id-2
OIyrarxqLumRv7oL7meiRk83031qhoZVuOL3GaMqEMlOz3VXDGtfDYM1YteRLaS9+7aLEDsOM8Y=
x-served-by
cache-chi-klot8100047-CHI
last-modified
Tue, 07 Jul 2020 17:40:49 GMT
server
AmazonS3
x-timer
S1661404435.996259,VS0,VE0
date
Thu, 25 Aug 2022 05:13:54 GMT
vary
Accept-Encoding
x-amz-request-id
JMZTSNRZSMZJR3ZK
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
text/css
abp
46
x-cache-hits
3
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
age
77
via
1.1 varnish
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
55GYYqHrJYt3knKflK67tAtS8FRP9Q/Fs017mUOkhZS0U3dSeTTxfatpE0Sy1oYOjoRyBuHxC+w=
x-served-by
cache-chi-klot8100047-CHI
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1661404435.007969,VS0,VE0
date
Thu, 25 Aug 2022 05:13:55 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
5R2ZY23Y6CTW4EJJ
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
*
abp
46
x-cache-hits
13
cta-component.20220824-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/cta-component.20220824-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d419f4544d7ceac9adaf50c3766149b33270d40964389dbfdb93abdbad9c847

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
TwxFDCXtX8COFvAdmT83Yc8RiHXnZwDS
content-encoding
gzip
etag
"c27b1c3e449aa75d7eda85947bf2a5ac"
age
33
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5107
x-amz-id-2
njbXZ7off1Rn9njY8focyXsWLwEIcBpp6JyN9HyzUrb3OJMsnk2ZKg0OMu1hyouoyMLxPc915lI=
x-served-by
cache-chi-klot8100047-CHI
last-modified
Wed, 24 Aug 2022 18:11:14 GMT
server
AmazonS3
x-timer
S1661404435.008018,VS0,VE0
date
Thu, 25 Aug 2022 05:13:55 GMT
vary
Accept-Encoding
x-amz-request-id
BKA5TMNNF1CRC78Y
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
46
x-cache-hits
9
userx.20220824-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20220824-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ad73f6fca747b0f81fbf6c96686b73239b63acf8ec720c42542b8f9b90e547d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
SLX6FiSRYUFePafLTp.BYj4sLaeE9iim
content-encoding
gzip
etag
"be5c1145b5af62973b339f7b74621820"
age
28
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
pW4u/SVk+q3c/qHEHEanS8uKv4YtUBIE+K2hmpIgw51s9t4E3TrKyW2bRLvg4hjDV/9QsfmaZ7g=
x-served-by
cache-chi-klot8100047-CHI
last-modified
Wed, 24 Aug 2022 18:11:12 GMT
server
AmazonS3
x-timer
S1661404435.012818,VS0,VE0
date
Thu, 25 Aug 2022 05:13:55 GMT
vary
Accept-Encoding
x-amz-request-id
0XT32RFFZCM4GS1H
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
46
x-cache-hits
2
explore-more.20220824-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20220824-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e54b959b77f51f0866c75031505ea6273f9f4d3bb0e883c7fd82e69b9184ba3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
mTP47CXlTqPg8GzVot5vG7oDjS1F92Ta
content-encoding
gzip
etag
"43d8785ec555b75c4569706626a9429b"
age
19
x-cache
HIT
x-amz-replication-status
PENDING
content-length
6376
x-amz-id-2
tXrKbzze6CzEhmra1rY0/WrfpQo5psFwus1MyInTZTJPkh5Re+dsur+2zMvDZ6NJojgo9sT8fwQ=
x-served-by
cache-chi-klot8100047-CHI
last-modified
Wed, 24 Aug 2022 18:11:25 GMT
server
AmazonS3
x-timer
S1661404435.012897,VS0,VE0
date
Thu, 25 Aug 2022 05:13:55 GMT
vary
Accept-Encoding
x-amz-request-id
7GWYX2YE1WD28VWJ
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
46
x-cache-hits
2
feed-view.20220824-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-view.20220824-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45287b4e507b14236a1a00dd67e160876dec1fa7ec548ea49eb875dd775cb565

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
z1D2OXUB4rLTYYd2RZ8jz9wzGKEX5R5B
content-encoding
gzip
etag
"80ad0467270e6458b680e62ab6bd6da6"
age
57
x-cache
HIT
x-amz-replication-status
PENDING
content-length
6527
x-amz-id-2
nAVWzm980HmPgI90Mg5sEWEGpxNw8CI3/jnTSFa+pPgG/pVEipYWaZ8sEMTzFUZzya3ylm5o2dA=
x-served-by
cache-chi-klot8100047-CHI
last-modified
Wed, 24 Aug 2022 18:10:47 GMT
server
AmazonS3
x-timer
S1661404435.012897,VS0,VE0
date
Thu, 25 Aug 2022 05:13:55 GMT
vary
Accept-Encoding
x-amz-request-id
E2MTGKMNXK2Z6JVC
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
46
x-cache-hits
6
debug
ch-trc-events.taboola.com/editoraglobo-glamour/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/editoraglobo-glamour/log/2/debug?tim=05%3A13%3A54.976&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01&llvl=2&id=3793&cv=20220824-5-RELEASE&lt=deflated&pct=1
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
24657
debug
ch-trc-events.taboola.com/editoraglobo-glamour/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/editoraglobo-glamour/log/2/debug?tim=05%3A13%3A54.978&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01&llvl=2&id=9726&cv=20220824-5-RELEASE&lt=deflated&pct=1
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
24657
abtests
ch-trc-events.taboola.com/editoraglobo-glamour/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/editoraglobo-glamour/log/3/abtests?route=US:CH:V&tvi2=-2&lti=deflated&ri=72c92cd5dffa4003d5f7ce5b1e34088c&sd=v2_3ebb683cbadb525e5cf0062e32899e40_0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92_1661404434_1661404434_CLiG9CEQoP9JGLWhr5utMCABKAEw4QE4kaQOQLO5Dkif2tgDUO8FWABgAGiG-t_Hg6eW5IQBcAE&ui=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&pi=/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&wi=8695623456658807949&pt=text&vi=1661404434613&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22rendered%22%2C%22type%22%3A%7B%22renderingHeight%22%3A2925%2C%22scrollHeight%22%3A0%7D%2C%22eventTime%22%3A1661404434984%7D&tim=05%3A13%3A54.984&id=4511&llvl=2&cv=20220824-5-RELEASE&
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 25 Aug 2022 05:13:55 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
ch-trc-events.taboola.com/editoraglobo-glamour/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/editoraglobo-glamour/log/2/debug?tim=05%3A13%3A54.989&type=usage&msg=cta-_1661404434989&llvl=2&id=1568&cv=20220824-5-RELEASE&lt=deflated&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml%22%2C%22itemId%22%3A%22~~V1~~-1904965439516143040~~AdWY3YrqwnRS%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-has_cta_text%22%2C%22cardIndexOnPage%22%3A0%2C%22index%22%3A0%2C%22placement%22%3A%22Below%20Article%20Thumbnails%20%7C%20Card%201%22%2C%22innerText%22%3A%22Why%20people%20are%20so%20passionate%20about%20Ka%E2%80%99ChavaKachava%7CPatrocinadoPatrocinado%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
24656
debug
ch-trc-events.taboola.com/editoraglobo-glamour/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/editoraglobo-glamour/log/2/debug?tim=05%3A13%3A54.990&type=usage&msg=cta-_1661404434990&llvl=2&id=4145&cv=20220824-5-RELEASE&lt=deflated&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml%22%2C%22itemId%22%3A%22~~V1~~-1904965439516143040~~AdWY3YrqwnRS%22%2C%22text%22%3A%22Learn%20More%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-cta_render_candidate%22%2C%22cardIndexOnPage%22%3A0%2C%22index%22%3A0%2C%22placement%22%3A%22Below%20Article%20Thumbnails%20%7C%20Card%201%22%2C%22innerText%22%3A%22Why%20people%20are%20so%20passionate%20about%20Ka%E2%80%99ChavaKachava%7CPatrocinadoPatrocinado%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
24656
supply-feature
ch-trc-events.taboola.com/editoraglobo-glamour/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/editoraglobo-glamour/log/3/supply-feature?route=US:CH:V&tvi2=-2&lti=deflated&ri=72c92cd5dffa4003d5f7ce5b1e34088c&sd=v2_3ebb683cbadb525e5cf0062e32899e40_0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92_1661404434_1661404434_CLiG9CEQoP9JGLWhr5utMCABKAEw4QE4kaQOQLO5Dkif2tgDUO8FWABgAGiG-t_Hg6eW5IQBcAE&ui=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&pi=/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&wi=8695623456658807949&pt=text&vi=1661404434613&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=05%3A13%3A54.993&id=4525&llvl=2&cv=20220824-5-RELEASE&
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 25 Aug 2022 05:13:55 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
comissaria-bordo.jpg
s2.glbimg.com/SF5RpjdCKpDIrYGLaN5LdnnAr94=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2022/p/O/BptEFhQ9uwZpdqJZeiMg/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/SF5RpjdCKpDIrYGLaN5LdnnAr94=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_ba3db981e6d14e54bb84be31c923b00c/internal_photos/bs/2022/p/O/BptEFhQ9uwZpdqJZeiMg/comissaria-bordo.jpg
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
404dcdabcad98c8ed15f4474436911cae5e284d10c0e89f5891e61b2862e3c4f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:55 GMT
via
2.0 CachOS
x-bip
837039125 ra03 11 01
age
58591
etag
"8443f447273bd98d9b3984f4341a0493ecec7cc4"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB1D004
access-control-allow-headers
Content-Type
content-length
16382
x-request-id
d3f1a16f-fba3-473f-8163-ad93bf49108e
expires
Fri, 23 Sep 2022 12:48:01 GMT
social
ch-trc-events.taboola.com/editoraglobo-glamour/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/editoraglobo-glamour/log/3/social?route=US:CH:V&tvi2=-2&lti=deflated&ri=72c92cd5dffa4003d5f7ce5b1e34088c&sd=v2_3ebb683cbadb525e5cf0062e32899e40_0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92_1661404434_1661404434_CLiG9CEQoP9JGLWhr5utMCABKAEw4QE4kaQOQLO5Dkif2tgDUO8FWABgAGiG-t_Hg6eW5IQBcAE&ui=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&pi=/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&wi=8695623456658807949&pt=text&vi=1661404434613&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml%22%2C%22rref%22%3A%22http%3A%2F%2Fsandramaria.online.anamarialopez.site%2F%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Melhores%20do%20ano%3A%20os%20memes%20mais%20engra%C3%A7ados%20de%202019%22%2C%22sec%22%3A%22Lifestyle%22%2C%22aut%22%3A%5B%22Reda%C3%A7%C3%A3o%20Glamour%22%5D%2C%22img%22%3A%22https%3A%2F%2Fs2.glbimg.com%2F5RKybay3Hp0rg_rXAqhNaKBPUrw%3D%2F1200x%2Fsmart%2Ffilters%3Acover()%3Astrip_icc()%2Fi.s3.glbimg.com%2Fv1%2FAUTH_ba3db981e6d14e54bb84be31c923b00c%2Finternal_photos%2Fbs%2F2021%2FH%2Fv%2FUxuVO2S9OWQxqj8R4ciQ%2F2019-12-02-melhores-memes-de-2019-11.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=05%3A13%3A55.016&id=4050&llvl=2&cv=20220824-5-RELEASE&
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 25 Aug 2022 05:13:55 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
bulk-metrics
ch-trc-events.taboola.com/editoraglobo-glamour/log/3/ 		0
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/editoraglobo-glamour/log/3/bulk-metrics?tvi2=-2&route=US%3ACH%3AV&lti=deflated&bulkSize=5
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220824-5-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://glamour.globo.com
pragma
no-cache
date
Thu, 25 Aug 2022 05:13:55 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
ch-trc-events.taboola.com/editoraglobo-glamour/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/editoraglobo-glamour/log/2/debug?tim=05%3A13%3A55.081&type=usage&msg=cta-_1661404435081&llvl=2&id=9048&cv=20220824-5-RELEASE&lt=deflated&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml%22%2C%22itemId%22%3A%22~~V1~~-1904965439516143040~~AdWY3YrqwnRS%22%2C%22text%22%3A%22Learn%20More%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-rendered%22%2C%22cardIndexOnPage%22%3A0%2C%22index%22%3A0%2C%22placement%22%3A%22Below%20Article%20Thumbnails%20%7C%20Card%201%22%2C%22innerText%22%3A%22Why%20people%20are%20so%20passionate%20about%20Ka%E2%80%99Chava%5CnKachava%5Cn%7C%5CnPatrocinado%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
24662
supply-feature
ch-trc-events.taboola.com/editoraglobo-glamour/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/editoraglobo-glamour/log/3/supply-feature?route=US:CH:V&tvi2=-2&lti=deflated&ri=72c92cd5dffa4003d5f7ce5b1e34088c&sd=v2_3ebb683cbadb525e5cf0062e32899e40_0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92_1661404434_1661404434_CLiG9CEQoP9JGLWhr5utMCABKAEw4QE4kaQOQLO5Dkif2tgDUO8FWABgAGiG-t_Hg6eW5IQBcAE&ui=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&pi=/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&wi=8695623456658807949&pt=text&vi=1661404434613&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=05%3A13%3A55.085&id=6005&llvl=2&cv=20220824-5-RELEASE&
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 25 Aug 2022 05:13:55 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
ch-trc-events.taboola.com/editoraglobo-glamour/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/editoraglobo-glamour/log/3/supply-feature?route=US:CH:V&tvi2=-2&lti=deflated&ri=72c92cd5dffa4003d5f7ce5b1e34088c&sd=v2_3ebb683cbadb525e5cf0062e32899e40_0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92_1661404434_1661404434_CLiG9CEQoP9JGLWhr5utMCABKAEw4QE4kaQOQLO5Dkif2tgDUO8FWABgAGiG-t_Hg6eW5IQBcAE&ui=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&pi=/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&wi=8695623456658807949&pt=text&vi=1661404434613&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=05%3A13%3A55.088&id=2714&llvl=2&cv=20220824-5-RELEASE&
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 25 Aug 2022 05:13:55 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
bulk-metrics
ch-trc-events.taboola.com/editoraglobo-glamour/log/3/ 		0
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/editoraglobo-glamour/log/3/bulk-metrics?tvi2=-2&route=US%3ACH%3AV&lti=deflated&bulkSize=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220824-5-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://glamour.globo.com
pragma
no-cache
date
Thu, 25 Aug 2022 05:13:55 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
1.tiny.js
static.infoglobo.com.br/paywall/js/ 		27 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/js/1.tiny.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js?utv=ut4.44.202112201735
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
Apache /
Resource Hash
92beaf913adfabfeb48f932e23ccf17abf94fa30f563ff5fcf8bacfa44803f8d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 04:45:28 GMT
Content-Encoding
gzip
Age
1707
grace
none
X-Cache
HIT
Connection
Keep-Alive
Content-Length
4712
Last-Modified
Fri, 12 Aug 2022 15:06:39 GMT
Server
Apache
ETag
"a046ea8d-6cf3-5e60ca104ddc0"
vary
X-Forwarded-Proto
Content-Type
text/javascript
Access-Control-Allow-Origin
*
cache-control
public, max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
X-Cache-Hits
1990
17.tiny.js
static.infoglobo.com.br/paywall/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/js/17.tiny.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js?utv=ut4.44.202112201735
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
Apache /
Resource Hash
0773df1b62b926ff11baafce486c991a745d481e6791b9d07ce6f628b4bdd593

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

proj
esc
Date
Thu, 25 Aug 2022 04:45:16 GMT
Content-Encoding
gzip
Age
1718
grace
none
X-Cache
HIT
Connection
Keep-Alive
Content-Length
1870
Last-Modified
Fri, 12 Aug 2022 15:06:39 GMT
Server
Apache
ETag
"a05506d0-16ac-5e60ca104ddc0"
vary
X-Forwarded-Proto
Content-Type
text/javascript
Access-Control-Allow-Origin
*
cache-control
public, max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
X-Cache-Hits
2082
load
experience.tinypass.com/xbuilder/experience/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=VnaP3rYVKc
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js?utv=ut4.44.202112201735
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3d802214cdaf6276aa13b5b161820bbc80660cf9429124233334b07a2d7978e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:55 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
HIT
age
900
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
M76n5hruBR4
wn
prod-exp-10-0-119-49
last-modified
Thu, 25 Aug 2022 04:58:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=1800
cf-ray
7401d759289d2c6c-ORD
expires
Thu, 25 Aug 2022 05:43:55 GMT
utag.31.js
tags.tiqcdn.com/utag/globo/editora/prod/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/globo/editora/prod/utag.31.js?utv=ut4.44.202208092051
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.33.123 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-33-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ffe04091b035ae1bfe76e90d8dcccb0e4eab5b04334576832341d6da0b9fd91d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:55 GMT
content-encoding
gzip
last-modified
Tue, 05 Jul 2022 21:36:00 GMT
server
AkamaiNetStorage
etag
"889e12c3ba12601315a1f9a4d10d289c:1657056960.407941"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
2644
expires
Fri, 09 Sep 2022 05:13:55 GMT
utag.29.js
tags.tiqcdn.com/utag/globo/editora/prod/ 		1 KB
938 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/globo/editora/prod/utag.29.js?utv=ut4.44.201911252014
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.33.123 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-33-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9d4f298b9266e5e548da14a56548eedc87dff49e1fc054dc7fd7b19cf0db55d0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

unused62
8096267
date
Thu, 25 Aug 2022 05:13:55 GMT
content-encoding
gzip
last-modified
Tue, 05 Jan 2021 14:22:22 GMT
server
AkamaiNetStorage
etag
"c1b2fbf362855ad1a62e74c71220384b:1609856542.812869"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
695
expires
Fri, 09 Sep 2022 05:13:55 GMT
utag.51.js
tags.tiqcdn.com/utag/globo/editora/prod/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/globo/editora/prod/utag.51.js?utv=ut4.44.202208021326
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.33.123 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-33-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
377b3c43b8176e2a1681c6bc4882ddee51e33b441574459744a084f09766ea1c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:55 GMT
content-encoding
gzip
last-modified
Tue, 02 Aug 2022 13:26:45 GMT
server
AkamaiNetStorage
etag
"ba27229cd3456cd9ea1a7e4ba1bb14f9:1659446805.224968"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
5727
expires
Fri, 09 Sep 2022 05:13:55 GMT
utag.53.js
tags.tiqcdn.com/utag/globo/editora/prod/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/globo/editora/prod/utag.53.js?utv=ut4.44.202112102028
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.33.123 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-33-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2dd7e9ca358d9a52e8adcfcab0180e50beb4449a987ee747c69e605fa35fbee3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

unused62
8096267
date
Thu, 25 Aug 2022 05:13:55 GMT
content-encoding
gzip
last-modified
Fri, 10 Dec 2021 18:57:46 GMT
server
AkamaiNetStorage
etag
"1c8c6a0c57481b0b164f54b996ee26ea:1639162666.189666"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1285
expires
Fri, 09 Sep 2022 05:13:55 GMT
utag.66.js
tags.tiqcdn.com/utag/globo/editora/prod/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/globo/editora/prod/utag.66.js?utv=ut4.44.202205271340
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.33.123 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-33-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
af7f7d9dbec7daf5a6f7d58196b10fdaf2f0e97a15a981e5f180cedb9495739a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:55 GMT
content-encoding
gzip
last-modified
Fri, 27 May 2022 13:41:12 GMT
server
AkamaiNetStorage
etag
"0d7a2931edf9422154c55de8f25d7b01:1653658872.493828"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
3691
expires
Fri, 09 Sep 2022 05:13:55 GMT
st
imprchmp.taboola.com/ Frame EFDD 		742 B
493 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7P9ACFgPhFd8KigZCGwThFd8KigZCGwUAAAAGBvQHJGXZbHYL08qt8MxcbtFytVkrDCPDWjNyGBariXE3mTmHQFKWzWa3MK3cCs_M5RYtV5u1wjAyrDUjh2Gxmhh3k5lzCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8b1NB0Onyue73O7HD7XZe7zuy3-O0av9svdtpcntPz7PLL_aanx-nwSwaL5V4x2atdZqPf8vK8RX63wu536z1vtcvt8rzVDqfnrbL7LA-Pw-T3vEUut2SwWM51RtPbbAcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DYDxDYGkk4Mh7Sanw-4w_M1Ozz8AAAAAQAAAAABIAAp4T0sAPs7KTv7_________YwboM29k_v___28WegAefAAehAAAAC6G6u9ZG1Q8FbaIDhiKGAEAAACcYh2IHk3qhMqi6v__v98K4AoAIEBweg06PUt3UOItDAAAoEAsQRrSCDPMjGNsgR4Wv9_ssGv8bpf9_________5v9n_2jCXmEI6UJs3riqv0CAgCs_QICALCpGwDAmwBcyLWg6XS47vWah91kebgdlqfDrrebnXaXXWF3uB2Wp8PsN7ysd83T9PKLLgBWpxC74WywmwxWu9kBAAAA3P3____jJUhDGmGGmXHogczKYrENNxuLw2RxTVYr18ZmGMwmK89kuFyuTIPtbSkvO0uhI6T3hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02t9ADEYDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEgZVlsdktJm6Fb2Nci2YW31phXKzWms1uNRiZXBOHybQWvT6mh2EwXDgnU3yg2-VTuV0uLdvL8nk5tigYcLYXydMinegmG-dkY3KNbDaHaTDYjFwz38blmjhWntFgONxYxBLNySKdyC77zspisQ03G4vDZHFNVivXxmYYzCYrz2S4XK5Mg31hZVlsdouJW-HbGNeimcW3VhgXq7Vms1sNRibXxGEyrUWvj-lhGAwXzsm-MZstRoPRaDPaN2azxWgwGm1G-w6Z6WNuWIy-oTnlkXlFy2t1enMYFC6DxTstWqStw9FnlPmsEddps4x-JlafOOM1KDwHj-lji_5Fnm3lay0ZFY6DRRFLBBfpRGVymv6Wh8_st_jdOrPD7XddLmKJ0nSRTvRip83lOT3PLr_cb3p6nA6_ZLBY7hWTvdplNvotL89b5Hcr7H633vNWu9wuz1vtcHreKrvP8vA4TH7PW-RySwaL5VxnNL3NFrFEcLpIJ6KX8XRR_5EhZru5cDjXzRWzySoBAAAAAAAAACxhyrwJAAAAwGkwu9Vyt1rngQxWw8FwtVwAiT9Q3R_6e9nWCPWJXbzWBzuxWe7G4saPKcrkNP0tD5_Zb_G7dWaH2--6XBlAwk2UefNnglir1bIGAAAQwAYAAAjg1s1bIOkU_____x8HAAAgI0cPAABAvw_E9MaFUi_8yE-Am9Vi!&cmcv=&pix=undefined&cb=1661404435349&uv=3219&tms=1661404435349&abt=aat1_vB!adh5c-1_vA!ecp_vA!inc_all_video_vA!spa2_vA!t45!t45!tvrReverse1_vB!ufm_vE&ru=http://sandramaria.online.anamarialopez.site/&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=e2337a4e-a3fe-4953-a0d0-3da015b872f9&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2dafdf3a385165c9a283d5a79f33cdd59227cc33fefece7493324cbbae4bc37c

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Thu, 25 Aug 2022 05:13:55 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-chi-klot8100047-CHI
x-timer
S1661404435.384897,VS0,VE4
sync
ch-match.taboola.com/ Frame 585E 		742 B
827 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ch-match.taboola.com/sync?dast=V7P9ACFgPhFd8KigZCGwThFd8KigZCGwUAAAAGBvQHJGXZbHYL08qt8MxcbtFytVkrDCPDWjNyGBariXE3mTmHQFKWzWa3MK3cCs_M5RYtV5u1wjAyrDUjh2Gxmhh3k5lzCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8b1NB0Onyue73O7HD7XZe7zuy3-O0av9svdtpcntPz7PLL_aanx-nwSwaL5V4x2atdZqPf8vK8RX63wu536z1vtcvt8rzVDqfnrbL7LA-Pw-T3vEUut2SwWM51RtPbbAcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DYDxDYGkk4Mh7Sanw-4w_M1Ozz8AAAAAQAAAAABIAAp4T0sAPs7KTv7_________YwboM29k_v___28WegAefAAehAAAAC6G6u9ZG1Q8FbaIDhiKGAEAAACcYh2IHk3qhMqi6v__v98K4AoAIEBweg06PUt3UOItDAAAoEAsQRrSCDPMjGNsgR4Wv9_ssGv8bpf9_________5v9n_2jCXmEI6UJs3riqv0CAgCs_QICALCpGwDAmwBcyLWg6XS47vWah91kebgdlqfDrrebnXaXXWF3uB2Wp8PsN7ysd83T9PKLLgBWpxC74WywmwxWu9kBAAAA3P3____jJUhDGmGGmXHogczKYrENNxuLw2RxTVYr18ZmGMwmK89kuFyuTIPtbSkvO0uhI6T3hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02t9ADEYDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEgZVlsdktJm6Fb2Nci2YW31phXKzWms1uNRiZXBOHybQWvT6mh2EwXDgnU3yg2-VTuV0uLdvL8nk5tigYcLYXydMinegmG-dkY3KNbDaHaTDYjFwz38blmjhWntFgONxYxBLNySKdyC77zspisQ03G4vDZHFNVivXxmYYzCYrz2S4XK5Mg31hZVlsdouJW-HbGNeimcW3VhgXq7Vms1sNRibXxGEyrUWvj-lhGAwXzsm-MZstRoPRaDPaN2azxWgwGm1G-w6Z6WNuWIy-oTnlkXlFy2t1enMYFC6DxTstWqStw9FnlPmsEddps4x-JlafOOM1KDwHj-lji_5Fnm3lay0ZFY6DRRFLBBfpRGVymv6Wh8_st_jdOrPD7XddLmKJ0nSRTvRip83lOT3PLr_cb3p6nA6_ZLBY7hWTvdplNvotL89b5Hcr7H633vNWu9wuz1vtcHreKrvP8vA4TH7PW-RySwaL5VxnNL3NFrFEcLpIJ6KX8XRR_5EhZru5cDjXzRWzySoBAAAAAAAAACxhyrwJAAAAwGkwu9Vyt1rngQxWw8FwtVwAiT9Q3R_6e9nWCPWJXbzWBzuxWe7G4saPKcrkNP0tD5_Zb_G7dWaH2--6XBlAwk2UefNnglir1bIGAAAQwAYAAAjg1s1bIOkU_____x8HAAAgI0cPAABAvw_E9MaFUi_8yE-Am9Vi!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
2dafdf3a385165c9a283d5a79f33cdd59227cc33fefece7493324cbbae4bc37c

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 25 Aug 2022 05:13:55 GMT
machineid
3801
server
nginx
st
ch-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7P9ACFgPhFd8KigZCGwThFd8KigZCGwUAAAAGBvQHJGXZbHYL08qt8MxcbtFytVkrDCPDWjNyGBariXE3mTmHQFKWzWa3MK3cCs_M5RYtV5u1wjAyrDUjh2Gxmhh3k5lzCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8b1NB0Onyue73O7HD7XZe7zuy3-O0av9svdtpcntPz7PLL_aanx-nwSwaL5V4x2atdZqPf8vK8RX63wu536z1vtcvt8rzVDqfnrbL7LA-Pw-T3vEUut2SwWM51RtPbbAcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DYDxDYGkk4Mh7Sanw-4w_M1Ozz8AAAAAQAAAAABIAAp4T0sAPs7KTv7_________YwboM29k_v___28WegAefAAehAAAAC6G6u9ZG1Q8FbaIDhiKGAEAAACcYh2IHk3qhMqi6v__v98K4AoAIEBweg06PUt3UOItDAAAoEAsQRrSCDPMjGNsgR4Wv9_ssGv8bpf9_________5v9n_2jCXmEI6UJs3riqv0CAgCs_QICALCpGwDAmwBcyLWg6XS47vWah91kebgdlqfDrrebnXaXXWF3uB2Wp8PsN7ysd83T9PKLLgBWpxC74WywmwxWu9kBAAAA3P3____jJUhDGmGGmXHogczKYrENNxuLw2RxTVYr18ZmGMwmK89kuFyuTIPtbSkvO0uhI6T3hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02t9ADEYDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEgZVlsdktJm6Fb2Nci2YW31phXKzWms1uNRiZXBOHybQWvT6mh2EwXDgnU3yg2-VTuV0uLdvL8nk5tigYcLYXydMinegmG-dkY3KNbDaHaTDYjFwz38blmjhWntFgONxYxBLNySKdyC77zspisQ03G4vDZHFNVivXxmYYzCYrz2S4XK5Mg31hZVlsdouJW-HbGNeimcW3VhgXq7Vms1sNRibXxGEyrUWvj-lhGAwXzsm-MZstRoPRaDPaN2azxWgwGm1G-w6Z6WNuWIy-oTnlkXlFy2t1enMYFC6DxTstWqStw9FnlPmsEddps4x-JlafOOM1KDwHj-lji_5Fnm3lay0ZFY6DRRFLBBfpRGVymv6Wh8_st_jdOrPD7XddLmKJ0nSRTvRip83lOT3PLr_cb3p6nA6_ZLBY7hWTvdplNvotL89b5Hcr7H633vNWu9wuz1vtcHreKrvP8vA4TH7PW-RySwaL5VxnNL3NFrFEcLpIJ6KX8XRR_5EhZru5cDjXzRWzySoBAAAAAAAAACxhyrwJAAAAwGkwu9Vyt1rngQxWw8FwtVwAiT9Q3R_6e9nWCPWJXbzWBzuxWe7G4saPKcrkNP0tD5_Zb_G7dWaH2--6XBlAwk2UefNnglir1bIGAAAQwAYAAAjg1s1bIOkU_____x8HAAAgI0cPAABAvw_E9MaFUi_8yE-Am9Vi!&cmcv=&pix=31589837&cb=1661404435348&uv=3219&tms=1661404435348&abt=aat1_vB!adh5c-1_vA!ecp_vA!inc_all_video_vA!spa2_vA!t45!t45!tvrReverse1_vB!ufm_vE&ru=http://sandramaria.online.anamarialopez.site/&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1661404431297.9!ts:1661404435348&mntl=1
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:55 GMT
content-length
0
server
nginx
J2lZajxx.js
cdn.krxd.net/controltag/ 		107 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/J2lZajxx.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.29.js?utv=ut4.44.201911252014
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
231e3afb8ac1d691297cb2ceb6829e229f45f52b0b6f50c2590d62e700736926

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Thu, 25 Aug 2022 05:13:55 GMT
via
1.1 varnish, 1.1 varnish
age
282
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
22626
x-served-by
config-service-a004-ash-prod.krxd.net, cache-iad-kcgs7200049-IAD, cache-chi-klot8100119-CHI
x-response-time
1
x-do-esi
esi
x-timer
S1661404435.395597,VS0,VE0
etag
"f2b73a291a6a1993c72ecb64294e82098936d5eb"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 4
hotjar-2732676.js
static.hotjar.com/c/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2732676.js?sv=6
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-55.ewr53.r.cloudfront.net
Software
/
Resource Hash
bb7ba11ba6fa03b95b0e70a7d5bc721ada30fca5675ebfb3019584b52069b570
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
age
15
x-cache
Hit from cloudfront
date
Thu, 25 Aug 2022 05:13:40 GMT
cross-origin-resource-policy
cross-origin
via
1.1 284419e56e7f935ce4c1c55765241348.cloudfront.net (CloudFront)
cache-control
max-age=60
etag
W/46a37ca663c3f062ba44ed512829d94d
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
EWR53-C1
x-amz-cf-id
H2owiYgdzdUOYgHXAAyZZABlJ496vk6ee0vTyLnAfC735pVowJULdQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.31.js?utv=ut4.44.202208092051
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
sffe /
Resource Hash
f5135fbd5f0fa31088e3b84fa282260c81069aac014df6be1e3624376688760b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28542
x-xss-protection
0
server
sffe
etag
"1313 / 492 of 1000 / last-modified: 1661379059"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 25 Aug 2022 05:13:55 GMT
15688-pbjs-floors.json
ads.rubiconproject.com/floors/ 		61 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/15688-pbjs-floors.json
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_glamour.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3f4178004021ac43dcc4437f6a58cd20c80755e5dd2f7871a6159819d5494efe

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 25 Aug 2022 05:13:55 GMT
content-encoding
gzip
last-modified
Wed, 24 Aug 2022 21:43:03 GMT
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
5324
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220825
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_glamour.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a3e5769b50199a784f497baed5fd808561f9eb5dd8eedc479ddad31ec9d93c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 25 Aug 2022 05:13:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7970
x-jsd-version
1.0.1442
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19130-FRA, cache-iad-kiad7000144-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66c-X0qOsT95Dju0AixUjbkkTzLojuY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nq4p6KtsSqeiHx3MDUpS9cLPjMmYeT1AQKciR%2Bt5T5pL76rGDGgIVwVqUnc15vhsVmxlySYTyUJp4MSSYqdYIFOQ3Gmi%2BRz02H3Z1Jv3b%2F7q4Nn%2FsCQOb1FRgQQ5Hyjj0zYB8v7jDF8vD2yPlyE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
7401d7599b62871c-ORD
access-control-expose-headers
*
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3016
date
Thu, 25 Aug 2022 04:23:39 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 25 Aug 2022 06:23:39 GMT
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame EFDD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=f392b494-04f1-4190-8b81-965c828ca97a
0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=f392b494-04f1-4190-8b81-965c828ca97a
Requested by
Host: imprchmp.taboola.com
URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7P9ACFgPhFd8KigZCGwThFd8KigZCGwUAAAAGBvQHJGXZbHYL08qt8MxcbtFytVkrDCPDWjNyGBariXE3mTmHQFKWzWa3MK3cCs_M5RYtV5u1wjAyrDUjh2Gxmhh3k5lzCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8b1NB0Onyue73O7HD7XZe7zuy3-O0av9svdtpcntPz7PLL_aanx-nwSwaL5V4x2atdZqPf8vK8RX63wu536z1vtcvt8rzVDqfnrbL7LA-Pw-T3vEUut2SwWM51RtPbbAcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DYDxDYGkk4Mh7Sanw-4w_M1Ozz8AAAAAQAAAAABIAAp4T0sAPs7KTv7_________YwboM29k_v___28WegAefAAehAAAAC6G6u9ZG1Q8FbaIDhiKGAEAAACcYh2IHk3qhMqi6v__v98K4AoAIEBweg06PUt3UOItDAAAoEAsQRrSCDPMjGNsgR4Wv9_ssGv8bpf9_________5v9n_2jCXmEI6UJs3riqv0CAgCs_QICALCpGwDAmwBcyLWg6XS47vWah91kebgdlqfDrrebnXaXXWF3uB2Wp8PsN7ysd83T9PKLLgBWpxC74WywmwxWu9kBAAAA3P3____jJUhDGmGGmXHogczKYrENNxuLw2RxTVYr18ZmGMwmK89kuFyuTIPtbSkvO0uhI6T3hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02t9ADEYDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEgZVlsdktJm6Fb2Nci2YW31phXKzWms1uNRiZXBOHybQWvT6mh2EwXDgnU3yg2-VTuV0uLdvL8nk5tigYcLYXydMinegmG-dkY3KNbDaHaTDYjFwz38blmjhWntFgONxYxBLNySKdyC77zspisQ03G4vDZHFNVivXxmYYzCYrz2S4XK5Mg31hZVlsdouJW-HbGNeimcW3VhgXq7Vms1sNRibXxGEyrUWvj-lhGAwXzsm-MZstRoPRaDPaN2azxWgwGm1G-w6Z6WNuWIy-oTnlkXlFy2t1enMYFC6DxTstWqStw9FnlPmsEddps4x-JlafOOM1KDwHj-lji_5Fnm3lay0ZFY6DRRFLBBfpRGVymv6Wh8_st_jdOrPD7XddLmKJ0nSRTvRip83lOT3PLr_cb3p6nA6_ZLBY7hWTvdplNvotL89b5Hcr7H633vNWu9wuz1vtcHreKrvP8vA4TH7PW-RySwaL5VxnNL3NFrFEcLpIJ6KX8XRR_5EhZru5cDjXzRWzySoBAAAAAAAAACxhyrwJAAAAwGkwu9Vyt1rngQxWw8FwtVwAiT9Q3R_6e9nWCPWJXbzWBzuxWe7G4saPKcrkNP0tD5_Zb_G7dWaH2--6XBlAwk2UefNnglir1bIGAAAQwAYAAAjg1s1bIOkU_____x8HAAAgI0cPAABAvw_E9MaFUi_8yE-Am9Vi!&cmcv=&pix=undefined&cb=1661404435349&uv=3219&tms=1661404435349&abt=aat1_vB!adh5c-1_vA!ecp_vA!inc_all_video_vA!spa2_vA!t45!t45!tvrReverse1_vB!ufm_vE&ru=http://sandramaria.online.anamarialopez.site/&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=e2337a4e-a3fe-4953-a0d0-3da015b872f9&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imprchmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 25 Aug 2022 05:13:55 GMT
via
1.1 varnish
server
nginx
x-timer
S1661404436.704316,VS0,VE2
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-chi-klot8100047-CHI

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=f392b494-04f1-4190-8b81-965c828ca97a
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
/
sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/ Frame EFDD
Redirect Chain
  • https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us...
  • https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=3f972114ac3847b7be822442042c77eb&orig=video
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=3f972114ac3847b7be822442042c77eb&orig=video
Requested by
Host: imprchmp.taboola.com
URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7P9ACFgPhFd8KigZCGwThFd8KigZCGwUAAAAGBvQHJGXZbHYL08qt8MxcbtFytVkrDCPDWjNyGBariXE3mTmHQFKWzWa3MK3cCs_M5RYtV5u1wjAyrDUjh2Gxmhh3k5lzCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8b1NB0Onyue73O7HD7XZe7zuy3-O0av9svdtpcntPz7PLL_aanx-nwSwaL5V4x2atdZqPf8vK8RX63wu536z1vtcvt8rzVDqfnrbL7LA-Pw-T3vEUut2SwWM51RtPbbAcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DYDxDYGkk4Mh7Sanw-4w_M1Ozz8AAAAAQAAAAABIAAp4T0sAPs7KTv7_________YwboM29k_v___28WegAefAAehAAAAC6G6u9ZG1Q8FbaIDhiKGAEAAACcYh2IHk3qhMqi6v__v98K4AoAIEBweg06PUt3UOItDAAAoEAsQRrSCDPMjGNsgR4Wv9_ssGv8bpf9_________5v9n_2jCXmEI6UJs3riqv0CAgCs_QICALCpGwDAmwBcyLWg6XS47vWah91kebgdlqfDrrebnXaXXWF3uB2Wp8PsN7ysd83T9PKLLgBWpxC74WywmwxWu9kBAAAA3P3____jJUhDGmGGmXHogczKYrENNxuLw2RxTVYr18ZmGMwmK89kuFyuTIPtbSkvO0uhI6T3hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02t9ADEYDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEgZVlsdktJm6Fb2Nci2YW31phXKzWms1uNRiZXBOHybQWvT6mh2EwXDgnU3yg2-VTuV0uLdvL8nk5tigYcLYXydMinegmG-dkY3KNbDaHaTDYjFwz38blmjhWntFgONxYxBLNySKdyC77zspisQ03G4vDZHFNVivXxmYYzCYrz2S4XK5Mg31hZVlsdouJW-HbGNeimcW3VhgXq7Vms1sNRibXxGEyrUWvj-lhGAwXzsm-MZstRoPRaDPaN2azxWgwGm1G-w6Z6WNuWIy-oTnlkXlFy2t1enMYFC6DxTstWqStw9FnlPmsEddps4x-JlafOOM1KDwHj-lji_5Fnm3lay0ZFY6DRRFLBBfpRGVymv6Wh8_st_jdOrPD7XddLmKJ0nSRTvRip83lOT3PLr_cb3p6nA6_ZLBY7hWTvdplNvotL89b5Hcr7H633vNWu9wuz1vtcHreKrvP8vA4TH7PW-RySwaL5VxnNL3NFrFEcLpIJ6KX8XRR_5EhZru5cDjXzRWzySoBAAAAAAAAACxhyrwJAAAAwGkwu9Vyt1rngQxWw8FwtVwAiT9Q3R_6e9nWCPWJXbzWBzuxWe7G4saPKcrkNP0tD5_Zb_G7dWaH2--6XBlAwk2UefNnglir1bIGAAAQwAYAAAjg1s1bIOkU_____x8HAAAgI0cPAABAvw_E9MaFUi_8yE-Am9Vi!&cmcv=&pix=undefined&cb=1661404435349&uv=3219&tms=1661404435349&abt=aat1_vB!adh5c-1_vA!ecp_vA!inc_all_video_vA!spa2_vA!t45!t45!tvrReverse1_vB!ufm_vE&ru=http://sandramaria.online.anamarialopez.site/&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=e2337a4e-a3fe-4953-a0d0-3da015b872f9&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imprchmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
44227

Redirect headers

location
https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=3f972114ac3847b7be822442042c77eb&orig=video
date
Thu, 25 Aug 2022 05:13:55 GMT
server
Apache-Coyote/1.1
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame EFDD
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b7a4120e-2434-11ed-a1bf-1184b4c80503&orig=video&us_privacy=1---gdpr=0&
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b7a4120e-2434-11ed-a1bf-1184b4c80503&orig=video&us_privacy=1---gdpr=0&
Requested by
Host: imprchmp.taboola.com
URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7P9ACFgPhFd8KigZCGwThFd8KigZCGwUAAAAGBvQHJGXZbHYL08qt8MxcbtFytVkrDCPDWjNyGBariXE3mTmHQFKWzWa3MK3cCs_M5RYtV5u1wjAyrDUjh2Gxmhh3k5lzCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8b1NB0Onyue73O7HD7XZe7zuy3-O0av9svdtpcntPz7PLL_aanx-nwSwaL5V4x2atdZqPf8vK8RX63wu536z1vtcvt8rzVDqfnrbL7LA-Pw-T3vEUut2SwWM51RtPbbAcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DYDxDYGkk4Mh7Sanw-4w_M1Ozz8AAAAAQAAAAABIAAp4T0sAPs7KTv7_________YwboM29k_v___28WegAefAAehAAAAC6G6u9ZG1Q8FbaIDhiKGAEAAACcYh2IHk3qhMqi6v__v98K4AoAIEBweg06PUt3UOItDAAAoEAsQRrSCDPMjGNsgR4Wv9_ssGv8bpf9_________5v9n_2jCXmEI6UJs3riqv0CAgCs_QICALCpGwDAmwBcyLWg6XS47vWah91kebgdlqfDrrebnXaXXWF3uB2Wp8PsN7ysd83T9PKLLgBWpxC74WywmwxWu9kBAAAA3P3____jJUhDGmGGmXHogczKYrENNxuLw2RxTVYr18ZmGMwmK89kuFyuTIPtbSkvO0uhI6T3hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02t9ADEYDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEgZVlsdktJm6Fb2Nci2YW31phXKzWms1uNRiZXBOHybQWvT6mh2EwXDgnU3yg2-VTuV0uLdvL8nk5tigYcLYXydMinegmG-dkY3KNbDaHaTDYjFwz38blmjhWntFgONxYxBLNySKdyC77zspisQ03G4vDZHFNVivXxmYYzCYrz2S4XK5Mg31hZVlsdouJW-HbGNeimcW3VhgXq7Vms1sNRibXxGEyrUWvj-lhGAwXzsm-MZstRoPRaDPaN2azxWgwGm1G-w6Z6WNuWIy-oTnlkXlFy2t1enMYFC6DxTstWqStw9FnlPmsEddps4x-JlafOOM1KDwHj-lji_5Fnm3lay0ZFY6DRRFLBBfpRGVymv6Wh8_st_jdOrPD7XddLmKJ0nSRTvRip83lOT3PLr_cb3p6nA6_ZLBY7hWTvdplNvotL89b5Hcr7H633vNWu9wuz1vtcHreKrvP8vA4TH7PW-RySwaL5VxnNL3NFrFEcLpIJ6KX8XRR_5EhZru5cDjXzRWzySoBAAAAAAAAACxhyrwJAAAAwGkwu9Vyt1rngQxWw8FwtVwAiT9Q3R_6e9nWCPWJXbzWBzuxWe7G4saPKcrkNP0tD5_Zb_G7dWaH2--6XBlAwk2UefNnglir1bIGAAAQwAYAAAjg1s1bIOkU_____x8HAAAgI0cPAABAvw_E9MaFUi_8yE-Am9Vi!&cmcv=&pix=undefined&cb=1661404435349&uv=3219&tms=1661404435349&abt=aat1_vB!adh5c-1_vA!ecp_vA!inc_all_video_vA!spa2_vA!t45!t45!tvrReverse1_vB!ufm_vE&ru=http://sandramaria.online.anamarialopez.site/&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=e2337a4e-a3fe-4953-a0d0-3da015b872f9&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imprchmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
44172

Redirect headers

date
Thu, 25 Aug 2022 05:13:55 GMT
location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b7a4120e-2434-11ed-a1bf-1184b4c80503&orig=video&us_privacy=1---gdpr=0&
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
363
content-length
0
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 585E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=f392b494-04f1-4190-8b81-965c828ca97a
0
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=f392b494-04f1-4190-8b81-965c828ca97a
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V7P9ACFgPhFd8KigZCGwThFd8KigZCGwUAAAAGBvQHJGXZbHYL08qt8MxcbtFytVkrDCPDWjNyGBariXE3mTmHQFKWzWa3MK3cCs_M5RYtV5u1wjAyrDUjh2Gxmhh3k5lzCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8b1NB0Onyue73O7HD7XZe7zuy3-O0av9svdtpcntPz7PLL_aanx-nwSwaL5V4x2atdZqPf8vK8RX63wu536z1vtcvt8rzVDqfnrbL7LA-Pw-T3vEUut2SwWM51RtPbbAcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DYDxDYGkk4Mh7Sanw-4w_M1Ozz8AAAAAQAAAAABIAAp4T0sAPs7KTv7_________YwboM29k_v___28WegAefAAehAAAAC6G6u9ZG1Q8FbaIDhiKGAEAAACcYh2IHk3qhMqi6v__v98K4AoAIEBweg06PUt3UOItDAAAoEAsQRrSCDPMjGNsgR4Wv9_ssGv8bpf9_________5v9n_2jCXmEI6UJs3riqv0CAgCs_QICALCpGwDAmwBcyLWg6XS47vWah91kebgdlqfDrrebnXaXXWF3uB2Wp8PsN7ysd83T9PKLLgBWpxC74WywmwxWu9kBAAAA3P3____jJUhDGmGGmXHogczKYrENNxuLw2RxTVYr18ZmGMwmK89kuFyuTIPtbSkvO0uhI6T3hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02t9ADEYDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEgZVlsdktJm6Fb2Nci2YW31phXKzWms1uNRiZXBOHybQWvT6mh2EwXDgnU3yg2-VTuV0uLdvL8nk5tigYcLYXydMinegmG-dkY3KNbDaHaTDYjFwz38blmjhWntFgONxYxBLNySKdyC77zspisQ03G4vDZHFNVivXxmYYzCYrz2S4XK5Mg31hZVlsdouJW-HbGNeimcW3VhgXq7Vms1sNRibXxGEyrUWvj-lhGAwXzsm-MZstRoPRaDPaN2azxWgwGm1G-w6Z6WNuWIy-oTnlkXlFy2t1enMYFC6DxTstWqStw9FnlPmsEddps4x-JlafOOM1KDwHj-lji_5Fnm3lay0ZFY6DRRFLBBfpRGVymv6Wh8_st_jdOrPD7XddLmKJ0nSRTvRip83lOT3PLr_cb3p6nA6_ZLBY7hWTvdplNvotL89b5Hcr7H633vNWu9wuz1vtcHreKrvP8vA4TH7PW-RySwaL5VxnNL3NFrFEcLpIJ6KX8XRR_5EhZru5cDjXzRWzySoBAAAAAAAAACxhyrwJAAAAwGkwu9Vyt1rngQxWw8FwtVwAiT9Q3R_6e9nWCPWJXbzWBzuxWe7G4saPKcrkNP0tD5_Zb_G7dWaH2--6XBlAwk2UefNnglir1bIGAAAQwAYAAAjg1s1bIOkU_____x8HAAAgI0cPAABAvw_E9MaFUi_8yE-Am9Vi!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 25 Aug 2022 05:13:55 GMT
via
1.1 varnish
server
nginx
x-timer
S1661404436.704260,VS0,VE2
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-chi-klot8100047-CHI

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=f392b494-04f1-4190-8b81-965c828ca97a
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
/
sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/ Frame 585E
Redirect Chain
  • https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us...
  • https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=5f350149733c4ce48fb900e652a587e5&orig=video
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=5f350149733c4ce48fb900e652a587e5&orig=video
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V7P9ACFgPhFd8KigZCGwThFd8KigZCGwUAAAAGBvQHJGXZbHYL08qt8MxcbtFytVkrDCPDWjNyGBariXE3mTmHQFKWzWa3MK3cCs_M5RYtV5u1wjAyrDUjh2Gxmhh3k5lzCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8b1NB0Onyue73O7HD7XZe7zuy3-O0av9svdtpcntPz7PLL_aanx-nwSwaL5V4x2atdZqPf8vK8RX63wu536z1vtcvt8rzVDqfnrbL7LA-Pw-T3vEUut2SwWM51RtPbbAcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DYDxDYGkk4Mh7Sanw-4w_M1Ozz8AAAAAQAAAAABIAAp4T0sAPs7KTv7_________YwboM29k_v___28WegAefAAehAAAAC6G6u9ZG1Q8FbaIDhiKGAEAAACcYh2IHk3qhMqi6v__v98K4AoAIEBweg06PUt3UOItDAAAoEAsQRrSCDPMjGNsgR4Wv9_ssGv8bpf9_________5v9n_2jCXmEI6UJs3riqv0CAgCs_QICALCpGwDAmwBcyLWg6XS47vWah91kebgdlqfDrrebnXaXXWF3uB2Wp8PsN7ysd83T9PKLLgBWpxC74WywmwxWu9kBAAAA3P3____jJUhDGmGGmXHogczKYrENNxuLw2RxTVYr18ZmGMwmK89kuFyuTIPtbSkvO0uhI6T3hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02t9ADEYDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEgZVlsdktJm6Fb2Nci2YW31phXKzWms1uNRiZXBOHybQWvT6mh2EwXDgnU3yg2-VTuV0uLdvL8nk5tigYcLYXydMinegmG-dkY3KNbDaHaTDYjFwz38blmjhWntFgONxYxBLNySKdyC77zspisQ03G4vDZHFNVivXxmYYzCYrz2S4XK5Mg31hZVlsdouJW-HbGNeimcW3VhgXq7Vms1sNRibXxGEyrUWvj-lhGAwXzsm-MZstRoPRaDPaN2azxWgwGm1G-w6Z6WNuWIy-oTnlkXlFy2t1enMYFC6DxTstWqStw9FnlPmsEddps4x-JlafOOM1KDwHj-lji_5Fnm3lay0ZFY6DRRFLBBfpRGVymv6Wh8_st_jdOrPD7XddLmKJ0nSRTvRip83lOT3PLr_cb3p6nA6_ZLBY7hWTvdplNvotL89b5Hcr7H633vNWu9wuz1vtcHreKrvP8vA4TH7PW-RySwaL5VxnNL3NFrFEcLpIJ6KX8XRR_5EhZru5cDjXzRWzySoBAAAAAAAAACxhyrwJAAAAwGkwu9Vyt1rngQxWw8FwtVwAiT9Q3R_6e9nWCPWJXbzWBzuxWe7G4saPKcrkNP0tD5_Zb_G7dWaH2--6XBlAwk2UefNnglir1bIGAAAQwAYAAAjg1s1bIOkU_____x8HAAAgI0cPAABAvw_E9MaFUi_8yE-Am9Vi!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
44227

Redirect headers

location
https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=5f350149733c4ce48fb900e652a587e5&orig=video
date
Thu, 25 Aug 2022 05:13:55 GMT
server
Apache-Coyote/1.1
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 585E
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b7a4120e-2434-11ed-a1bf-1184b4c80503&orig=video&us_privacy=1---gdpr=0&
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b7a4120e-2434-11ed-a1bf-1184b4c80503&orig=video&us_privacy=1---gdpr=0&
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V7P9ACFgPhFd8KigZCGwThFd8KigZCGwUAAAAGBvQHJGXZbHYL08qt8MxcbtFytVkrDCPDWjNyGBariXE3mTmHQFKWzWa3MK3cCs_M5RYtV5u1wjAyrDUjh2Gxmhh3k5lzCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8b1NB0Onyue73O7HD7XZe7zuy3-O0av9svdtpcntPz7PLL_aanx-nwSwaL5V4x2atdZqPf8vK8RX63wu536z1vtcvt8rzVDqfnrbL7LA-Pw-T3vEUut2SwWM51RtPbbAcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DYDxDYGkk4Mh7Sanw-4w_M1Ozz8AAAAAQAAAAABIAAp4T0sAPs7KTv7_________YwboM29k_v___28WegAefAAehAAAAC6G6u9ZG1Q8FbaIDhiKGAEAAACcYh2IHk3qhMqi6v__v98K4AoAIEBweg06PUt3UOItDAAAoEAsQRrSCDPMjGNsgR4Wv9_ssGv8bpf9_________5v9n_2jCXmEI6UJs3riqv0CAgCs_QICALCpGwDAmwBcyLWg6XS47vWah91kebgdlqfDrrebnXaXXWF3uB2Wp8PsN7ysd83T9PKLLgBWpxC74WywmwxWu9kBAAAA3P3____jJUhDGmGGmXHogczKYrENNxuLw2RxTVYr18ZmGMwmK89kuFyuTIPtbSkvO0uhI6T3hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02t9ADEYDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEgZVlsdktJm6Fb2Nci2YW31phXKzWms1uNRiZXBOHybQWvT6mh2EwXDgnU3yg2-VTuV0uLdvL8nk5tigYcLYXydMinegmG-dkY3KNbDaHaTDYjFwz38blmjhWntFgONxYxBLNySKdyC77zspisQ03G4vDZHFNVivXxmYYzCYrz2S4XK5Mg31hZVlsdouJW-HbGNeimcW3VhgXq7Vms1sNRibXxGEyrUWvj-lhGAwXzsm-MZstRoPRaDPaN2azxWgwGm1G-w6Z6WNuWIy-oTnlkXlFy2t1enMYFC6DxTstWqStw9FnlPmsEddps4x-JlafOOM1KDwHj-lji_5Fnm3lay0ZFY6DRRFLBBfpRGVymv6Wh8_st_jdOrPD7XddLmKJ0nSRTvRip83lOT3PLr_cb3p6nA6_ZLBY7hWTvdplNvotL89b5Hcr7H633vNWu9wuz1vtcHreKrvP8vA4TH7PW-RySwaL5VxnNL3NFrFEcLpIJ6KX8XRR_5EhZru5cDjXzRWzySoBAAAAAAAAACxhyrwJAAAAwGkwu9Vyt1rngQxWw8FwtVwAiT9Q3R_6e9nWCPWJXbzWBzuxWe7G4saPKcrkNP0tD5_Zb_G7dWaH2--6XBlAwk2UefNnglir1bIGAAAQwAYAAAjg1s1bIOkU_____x8HAAAgI0cPAABAvw_E9MaFUi_8yE-Am9Vi!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
44172

Redirect headers

date
Thu, 25 Aug 2022 05:13:55 GMT
location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b7a4120e-2434-11ed-a1bf-1184b4c80503&orig=video&us_privacy=1---gdpr=0&
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
383
content-length
0
js
www.googletagmanager.com/gtag/ 		202 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WE4K4RF1F3
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c9bfec5c614c8a6eed84872eef8b7ee7746e51c07867c6d86716b7f2d9c13150
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:55 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73492
x-xss-protection
0
expires
Thu, 25 Aug 2022 05:13:55 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
216 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=globo/editora/202208241429&cb=1661404435440
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.33.123 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-33-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

unused62
8096267
date
Thu, 25 Aug 2022 05:13:55 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Thu, 25 Aug 2022 05:23:55 GMT
controltag.js.387e8802bbd0d9fbfa52c1546d7297df
cdn.krxd.net/ctjs/ 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/J2lZajxx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d1872ace7c3af8a214bec239d58ad3d4f3e0d5eee7a18bb416aa9cd28fff233d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Thu, 25 Aug 2022 05:13:55 GMT
content-encoding
gzip
age
10280495
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
880989
content-length
84742
x-served-by
cache-chi-klot8100119-CHI
last-modified
Thu, 28 Apr 2022 05:17:05 GMT
x-timer
S1661404435.466107,VS0,VE0
etag
"387e8802bbd0d9fbfa52c1546d7297df"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Sun, 25 Apr 2032 05:17:04 GMT
tinypass.min.js
cdn.tinypass.com/api/ 		325 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=VnaP3rYVKc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3d151187e45a17fd8cb8b85ebed3cd25222463f17cf5151749636b8a74aff25
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:55 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
11757
content-type
application/javascript
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
48W4KGKNMHAXJX1X
x-amz-id-2
Pghg4Dtl6GC+MTlxs1TuH/CCA91TtXTl0ItDA4yQmtqCseo1F3I5j+fE02xAV4PwweUz2MT2U80=
last-modified
Wed, 24 Aug 2022 13:57:33 GMT
server
cloudflare
etag
W/"c522c9d0e841906dcdf9063e3880af20"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
x-amz-version-id
QSNWkKU42vkgFK8TXHKa5Dd3Rs5VcWjk
cache-control
public, max-age=14400
cf-ray
7401d759b9a62c6c-ORD
expires
Thu, 25 Aug 2022 09:13:55 GMT
advertising.js
www.npttech.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/1.tiny.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5476 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1984
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
M7JNEYD8BN6J89N1
x-amz-id-2
gCKCw4zt74qgGGul6SHDl1A1nCDQajAB12Mx1IV/QBYV+9/u11AWFDoB5YZdHxyk+APVGobVTIA=
last-modified
Wed, 19 Jun 2019 08:25:01 GMT
server
cloudflare
etag
W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uTp%2FFdRjNgaIqMwV3RAH1z9baLJym%2B9dhIS4RCM3UrD5U9Pj%2B5AJ%2FsnAz5E3bKeuB1PVHtI7IfURU%2FoQv4xmRuut2MKdtVXC9y4oSw12n2nYA0gqiyx%2BkZzGmAxSmMUJ98QsjQb6fGKiukFD0X4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
x-amz-version-id
hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray
7401d75a2c2486f6-ORD
proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame 2AEF 		805 B
843 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
4470061
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
525
content-type
text/html
date
Thu, 25 Aug 2022 05:13:55 GMT
etag
"3d2100fd7107262ecb55ce6847f01fa5"
expires
Fri, 19 Feb 2027 17:50:50 GMT
last-modified
Tue, 21 Feb 2017 17:50:54 GMT
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
231795
x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
x-served-by
cache-chi-klot8100119-CHI
x-timer
S1661404436.523437,VS0,VE0
get.js
buy.tinypass.com/api/v3/anon/captcha/ 		153 B
312 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=VnaP3rYVKc
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
372e64d527e017d6fa47d3749c9a7a04a18fceb25add2fef0d1911487af4b3cb
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:55 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
66
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Mdtn5hrXS2p
pragma
wn
prod-dash-10-0-136-167
last-modified
Thu, 25 Aug 2022 05:12:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
server-time
0.009
cache-control
public, max-age=1200
cf-ray
7401d75aab0a2c6c-ORD
expires
Thu, 25 Aug 2022 05:33:55 GMT
cx.cce.js
cdn.cxense.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:7a8::268b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
eb578e5229cead21a487f38f0428ce5362cc04b13dfbc686cb380be538c0e79f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:13:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 May 2022 19:29:56 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5964
Expires
Thu, 25 Aug 2022 06:13:55 GMT
execute
c2.piano.io/xbuilder/experience/ 		17 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=VnaP3rYVKc
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6b561b7b2a6cbd9da277210fe6159e6598c736fc4ee000be466388c8d328e8f
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 25 Aug 2022 05:13:55 GMT
content-encoding
gzip
vary
Accept-Encoding, Origin
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
wx7yshtntv
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
7401d75b0c9c2c8c-ORD
5007d44e-09d1-49b7-8c99-6b1cc38c3cbc
consumer.krxd.net/consent/get/ 		220 B
285 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
90da253f1f39dfefae0ae769d3c82522a3689912b1c0c581a1b1db7794ed8dab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:55 GMT
via
1.1 varnish
age
1
x-served-by
consumer-a007-ash-prod.krxd.net, cache-chi-klot8100161-CHI
vary
Accept-Encoding
x-cache
MISS, HIT
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1661404436.651992,VS0,VE0
content-length
185
x-cache-hits
0, 1
J2lZajxx.js
cdn.krxd.net/controltag/ Frame 2AEF 		107 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/J2lZajxx.js
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
231e3afb8ac1d691297cb2ceb6829e229f45f52b0b6f50c2590d62e700736926

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Thu, 25 Aug 2022 05:13:55 GMT
via
1.1 varnish, 1.1 varnish
age
283
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
22626
x-served-by
config-service-a004-ash-prod.krxd.net, cache-iad-kcgs7200049-IAD, cache-chi-klot8100119-CHI
x-response-time
1
x-do-esi
esi
x-timer
S1661404436.657685,VS0,VE0
etag
"f2b73a291a6a1993c72ecb64294e82098936d5eb"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 5
publisher:getClientId
ampcid.google.com/v1/ 		3 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 25 Aug 2022 05:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
modules.037fa2a5f9634344bb40.js
script.hotjar.com/ 		252 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.037fa2a5f9634344bb40.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2732676.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-88.ewr53.r.cloudfront.net
Software
/
Resource Hash
0ebe2c16dd702fb36cb07dc99f2d813d0beaf371fbe3a642a2fdf81e0935e278
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 09:09:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
158689
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains
content-length
65462
access-control-allow-origin
*
last-modified
Tue, 23 Aug 2022 09:08:13 GMT
etag
"09f4d29c25bcfe4e00b570bb04ce589d"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 4c18e6ed879a674305cb5156731cf396.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
XlbrO2Gcj0KDjTSFu8cRCkyKr5hQT7DqbyYW4DspwvprSYW10qSLDg==
pubads_impl_2022081802.js
securepubads.g.doubleclick.net/gpt/ 		384 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
sffe /
Resource Hash
d415f82142d578c1440e0f194b5694315a05f0daa2aa8a4ccd1706697bd133c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 22:46:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109638
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133669
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 20:32:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 23 Aug 2023 22:46:37 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		1 KB
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=glamour.globo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
6efbed25888cacc7830c8e1342324fbc9db45c5913c7e76fe10adabae301844a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 05:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Thu, 25 Aug 2022 05:13:55 GMT
controltag.js.387e8802bbd0d9fbfa52c1546d7297df
cdn.krxd.net/ctjs/ Frame 2AEF 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/J2lZajxx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d1872ace7c3af8a214bec239d58ad3d4f3e0d5eee7a18bb416aa9cd28fff233d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Thu, 25 Aug 2022 05:13:55 GMT
content-encoding
gzip
age
10280495
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
880991
content-length
84742
x-served-by
cache-chi-klot8100119-CHI
last-modified
Thu, 28 Apr 2022 05:17:05 GMT
x-timer
S1661404436.694048,VS0,VE0
etag
"387e8802bbd0d9fbfa52c1546d7297df"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Sun, 25 Apr 2032 05:17:04 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-WE4K4RF1F3&gtm=2oe8m0&_p=1121990618&gdid=dYmQxMT&cid=1455757629.1661404436&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661404435&sct=1&seg=0&dl=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&dr=http%3A%2F%2Fsandramaria.online.anamarialopez.site%2F&dt=Melhores%20do%20ano%3A%20os%20memes%20mais%20engra%C3%A7ados%20de%202019%20%7C%20Lifestyle%20%7C%20Glamour&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WE4K4RF1F3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-1ada912494ba7fc7aca15fcef1c2a7ae.html
vars.hotjar.com/ Frame 0A65 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2732676.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.39.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-39-89.ewr53.r.cloudfront.net
Software
/
Resource Hash
90438997aa817bad94f49d367b04dbaaaa387493ef5a1f5b5d5f7b953b76c1ac
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
3703249
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Jul 2022 08:33:06 GMT
etag
"0b3d3f4206ab84d8861a8cc4b2ddbe66"
last-modified
Wed, 13 Jul 2022 08:32:20 GMT
strict-transport-security
max-age=86400; includeSubDomains
vary
Accept-Encoding
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
x-amz-cf-id
2m_hqhotO-NIyWvy5F2b1sAeYtbLydnhAVutJppX5L6cJcSzAqTraA==
x-amz-cf-pop
EWR53-C2
x-cache
Hit from cloudfront
x-robots-tag
none
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		376 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f61b78524373ae1f4a9aa5e208b47d192c83b2ea393b435f4b42b3aba45d05be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128178
x-xss-protection
0
expires
Thu, 25 Aug 2022 05:13:55 GMT
ima3_dai.js
imasdk.googleapis.com/js/sdkloader/ 		482 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3_dai.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2a683e1bc6389e0cbaaca33c82d9268a57156bb46f035593d8ce9a7e09ea056
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
162330
x-xss-protection
0
expires
Thu, 25 Aug 2022 05:13:55 GMT
7.tiny.js
static.infoglobo.com.br/paywall/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/js/7.tiny.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js?utv=ut4.44.202112201735
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
Apache /
Resource Hash
a336595607ff8e8bb0ce3d49613de82ead1e92232a13101a16828ca1dcc97bf9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 04:54:33 GMT
Content-Encoding
gzip
Age
1162
grace
none
X-Cache
HIT
Connection
Keep-Alive
Content-Length
1275
Last-Modified
Fri, 12 Aug 2022 15:06:39 GMT
Server
Apache
ETag
"a046da64-e00-5e60ca104ddc0"
vary
X-Forwarded-Proto
Content-Type
text/javascript
Access-Control-Allow-Origin
*
cache-control
public, max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
X-Cache-Hits
523
0.tiny.js
static.infoglobo.com.br/paywall/js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/js/0.tiny.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js?utv=ut4.44.202112201735
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
Apache /
Resource Hash
dbff361120b68fef0d37e18d9a64530c432f9c7ee025253d1084c8d32fa88f66

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 04:49:02 GMT
Content-Encoding
gzip
Age
1493
grace
none
X-Cache
HIT
Connection
Keep-Alive
Content-Length
5220
Last-Modified
Fri, 12 Aug 2022 15:06:39 GMT
Server
Apache
ETag
"a056dcea-4ecd-5e60ca104ddc0"
vary
X-Forwarded-Proto
Content-Type
text/javascript
Access-Control-Allow-Origin
*
cache-control
public, max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
X-Cache-Hits
563
2.tiny.js
static.infoglobo.com.br/paywall/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/js/2.tiny.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js?utv=ut4.44.202112201735
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
Apache /
Resource Hash
fbac4ad8670acaf09b2d4ad862bf2d407f99c8ee193c48979faeb8dccd4f6883

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 04:54:00 GMT
Content-Encoding
gzip
Age
1195
grace
none
X-Cache
HIT
Connection
Keep-Alive
Content-Length
1455
Last-Modified
Fri, 12 Aug 2022 15:06:39 GMT
Server
Apache
ETag
"a0155cee-10e1-5e60ca104ddc0"
vary
X-Forwarded-Proto
Content-Type
text/javascript
Access-Control-Allow-Origin
*
cache-control
public, max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
X-Cache-Hits
289
subscribe-button.js
static.infoglobo.com.br/paywall/valor-subscribe-button/v1/scripts/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/valor-subscribe-button/v1/scripts/subscribe-button.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js?utv=ut4.44.202112201735
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
Apache /
Resource Hash
ac2b0b24d095a1cbd0b3a8a099a9df8c82013e2901a7a46a0a47c1b50d941e05

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 04:52:05 GMT
Content-Encoding
gzip
Age
1311
grace
none
X-Cache
HIT
Connection
Keep-Alive
Content-Length
692
Last-Modified
Fri, 12 Aug 2022 15:05:00 GMT
Server
Apache
ETag
"a0368f52-7a3-5e60c9b1e3f00"
vary
X-Forwarded-Proto
Content-Type
text/javascript
Access-Control-Allow-Origin
*
cache-control
public, max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
X-Cache-Hits
142
5007d44e-09d1-49b7-8c99-6b1cc38c3cbc
consumer.krxd.net/consent/get/ Frame 2AEF 		220 B
252 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
90da253f1f39dfefae0ae769d3c82522a3689912b1c0c581a1b1db7794ed8dab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:55 GMT
via
1.1 varnish
age
2
x-served-by
consumer-a007-ash-prod.krxd.net, cache-chi-klot8100161-CHI
vary
Accept-Encoding
x-cache
MISS, HIT
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1661404436.966731,VS0,VE0
content-length
185
x-cache-hits
0, 2
collect
stats.g.doubleclick.net/j/ 		1 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-29532176-1&cid=1455757629.1661404436&jid=1217470801&gjid=515716929&_gid=1987327054.1661404436&_u=ICDAgAABAAQCAE~&z=973727960
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 25 Aug 2022 05:13:56 GMT
content-type
text/plain
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1121990618&t=pageview&_s=1&dl=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&dr=http%3A%2F%2Fsandramaria.online.anamarialopez.site%2F&ul=en-us&de=UTF-8&dt=Melhores%20do%20ano%3A%20os%20memes%20mais%20engra%C3%A7ados%20de%202019%20%7C%20Lifestyle%20%7C%20Glamour&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=ICDAgAABAAQC~&jid=1217470801&gjid=515716929&cid=1455757629.1661404436&tid=UA-29532176-1&_gid=1987327054.1661404436&cd2=multi-content%20-%20materia&cd19=responsivo&cd20=8162043013768284160&cd21=anonymous&cd22=%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&cd43=20191209&z=1940673021
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 12:45:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
59336
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1121990618&t=event&_s=2&dl=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&dr=http%3A%2F%2Fsandramaria.online.anamarialopez.site%2F&ul=en-us&de=UTF-8&dt=Melhores%20do%20ano%3A%20os%20memes%20mais%20engra%C3%A7ados%20de%202019%20%7C%20Lifestyle%20%7C%20Glamour&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Tipo%20de%20Cadastro&ea=Pageview&el=An%C3%B4nimo&_u=ICDAgAABAAQCAE~&jid=&gjid=&cid=1455757629.1661404436&tid=UA-29532176-1&_gid=1987327054.1661404436&z=705590377
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 12:45:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
59336
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
cx.js
cdn.cxense.com/ 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:7a8::268b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
bfb366045d59dcc51855c1deacc3ddfca4c792f7e7a5b83898b9ae02a75b7e26

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:13:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 13:59:11 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29436
Expires
Thu, 25 Aug 2022 06:13:56 GMT
bulk
trc.taboola.com/editoraglobo-glamour/log/3/ 		0
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/editoraglobo-glamour/log/3/bulk?tvi2=-2&route=US%3ACH%3AV&lti=deflated&bulkSize=4
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220824-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
2
pragma
no-cache
date
Thu, 25 Aug 2022 05:13:56 GMT
via
1.1 varnish
server
nginx
x-timer
S1661404436.107579,VS0,VE2
x-served-by
cache-chi-klot8100047-CHI
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://glamour.globo.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 25 Aug 2022 05:13:56 GMT
server
ATS/9.1.10.25
fastlane.json
fastlane.rubiconproject.com/a/api/ 		323 B
781 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15688&site_id=265214&zone_id=1312714&size_id=198&eid_pubcid.org=485f07d1-d4d9-43f3-a6ad-a01c830c71cf%5E1&rf=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&tg_i.aupname=%2F85042905.*%26pub-in-.*&tg_i.pbadslot=%2F85042905%2Fglamour%2Flifestyle&tk_flint=dmpbjs_v6.24.1&x_source.tid=e73bffdd-ad27-43fe-8036-79ec3b91809f&l_pb_bid_id=36bd6a5171b16c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.47004650233305645
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_glamour.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::116 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
35121e05137fdc8597cada42dc822d01b1e96a465b99927b72aa4cca4eaa2db1

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:56 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
323
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_glamour.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e99f9949ade385291b0f5bf78ab7619cd5f91643dae4d3a7e8069398db16727a

Request headers

Referer
https://glamour.globo.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 25 Aug 2022 05:13:56 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
content-length
66
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
24683
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
XkXb5VFb/G1JzoUZ5cw4p2XdfpLTC44ODnHzh1ZrwNJn0R6tuVjNl2T6cKnOw+9Bn5UDA3BXhUE=
x-served-by
cache-chi-klot8100047-CHI
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1661404436.131731,VS0,VE0
date
Thu, 25 Aug 2022 05:13:56 GMT
x-amz-request-id
TAZWG40JMYPJJA1X
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
46
x-cache-hits
62
usermatch.gif
beacon.krxd.net/ Frame 2AEF
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=google
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=UENlRm9sTnc
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEMJR6cxpMpUXsiymBJ9omoA&google_cver=1
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEMJR6cxpMpUXsiymBJ9omoA&google_cver=1
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
34.196.228.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-228-175.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:56 GMT
cache-control
private, no-cache, no-store
x-request-time
D=27 t=1661404434
x-served-by
beacon-n031-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEMJR6cxpMpUXsiymBJ9omoA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 2AEF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=UENlRm9sTnc
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEMJR6cxpMpUXsiymBJ9omoA&google_cver=1
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEMJR6cxpMpUXsiymBJ9omoA&google_cver=1
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
34.196.228.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-228-175.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:56 GMT
cache-control
private, no-cache, no-store
x-request-time
D=46 t=1661404436
x-served-by
beacon-n013-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEMJR6cxpMpUXsiymBJ9omoA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
26357
stags.bluekai.com/site/ Frame 2AEF 		62 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/26357?id=PCeFolNw
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.184.224 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-184-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:56 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length
62
content-type
image/gif
usermatch.gif
beacon.krxd.net/ Frame 2AEF
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=LDN6h48jnZwlBFoOOyku7lJ8c_bZpf4r
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=LDN6h48jnZwlBFoOOyku7lJ8c_bZpf4r
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
34.196.228.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-228-175.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:56 GMT
cache-control
private, no-cache, no-store
x-request-time
D=24 t=1661404436
x-served-by
beacon-n016-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=LDN6h48jnZwlBFoOOyku7lJ8c_bZpf4r
date
Thu, 25 Aug 2022 05:13:55 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
3469
content-length
218
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
p
sb.scorecardresearch.com/ Frame 2AEF 		43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=PCeFolNw&rn=1661404436
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-90.jfk51.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:56 GMT
via
1.1 d3ab4cd494305c2d222c92f599e3c7c6.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
content-length
43
x-amz-cf-id
QDwrpec6jbBFFn0pcalGg9GP6TJutFQZnUGYVBq4kYCoRmq7EtiRTg==
x-cache
Miss from cloudfront
content-type
image/gif
ibs:dpid=66757&&dpuuid=PCeFolNw
dpm.demdex.net/ Frame 2AEF 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=66757&&dpuuid=PCeFolNw
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.162.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-162-154.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v038-03f58e01d.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
hKhAblMQSCM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
usermatch.gif
beacon.krxd.net/ Frame 2AEF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID
  • https://beacon.krxd.net/usermatch.gif?adnxs_uid=7412760816595641933
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?adnxs_uid=7412760816595641933
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
34.196.228.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-228-175.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:56 GMT
cache-control
private, no-cache, no-store
x-request-time
D=16 t=1661404436
x-served-by
beacon-n010-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:56 GMT
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
3d6fc4f0-61ed-4591-b899-06dedc04f2d6
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://beacon.krxd.net/usermatch.gif?adnxs_uid=7412760816595641933
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mapuid
ib.adnxs.com/ Frame 2AEF 		43 B
959 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/mapuid?member=1780&user=PCeFolNw
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:56 GMT
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
1572e87b-9d93-4c9d-9a38-37d0a4876583
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
379708.gif
idsync.rlcdn.com/ Frame 2AEF 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/379708.gif?partner_uid=PCeFolNw
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 05:13:56 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
token
token.rubiconproject.com/ Frame 2AEF 		0
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=27384&puid=krux_id&gdpr=0
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
83041abbe8494cb29eff3083edd6dff6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usersync
pixel-sync.sitescout.com/connectors/krux/ Frame 2AEF
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=sitescout
  • https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=PCeFolNw
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=PCeFolNw
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
207.198.113.88 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:55 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location
https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=PCeFolNw
date
Thu, 25 Aug 2022 05:13:56 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a021-ash-prod.krxd.net
usermatch.gif
beacon.krxd.net/ Frame 2AEF
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=verizon
  • https://cms.analytics.yahoo.com/cms?partner_id=KRUX&_hosted_id=PCeFolNw
  • https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-TH6R.stE2pu0Eh5i4G4tFcsZ9twuY31fig--~A
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-TH6R.stE2pu0Eh5i4G4tFcsZ9twuY31fig--~A
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
34.196.228.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-228-175.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:56 GMT
cache-control
private, no-cache, no-store
x-request-time
D=25 t=1661404436
x-served-by
beacon-n007-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 25 Aug 2022 05:13:56 GMT
via
http/1.1 spdc0113.tgt.bf1.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-TH6R.stE2pu0Eh5i4G4tFcsZ9twuY31fig--~A
content-length
0
sync
sync.navdmp.com/ Frame 2AEF
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=navegg
  • https://sync.navdmp.com/sync?prtid=30&salid=PCeFolNw
6 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.navdmp.com/sync?prtid=30&salid=PCeFolNw
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7401d75f39222994-ORD
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript

Redirect headers

location
https://sync.navdmp.com/sync?prtid=30&salid=PCeFolNw
date
Thu, 25 Aug 2022 05:13:56 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a019-ash-prod.krxd.net
RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005
sync.targeting.unrulymedia.com/csync/ Frame 2AEF
Redirect Chain
  • https://sync.1rx.io/usersync/krux/PCeFolNw?dspret=1
  • https://sync.targeting.unrulymedia.com/csync/RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Server
199.127.204.147 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:13:56 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:56 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
getdata.xgi
r.nexac.com/e/ Frame 2AEF 		0
0
sp1.html
cdn.cxense.com/ Frame E566 		684 B
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/sp1.html
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:7a8::268b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
379
Content-Type
text/html
Date
Thu, 25 Aug 2022 05:13:56 GMT
Expires
Sun, 04 Sep 2022 05:13:56 GMT
Last-Modified
Tue, 11 Jan 2022 07:21:04 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
gl_footer_desk.gif
s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/mobiliario_revistas/00_atual/glamour/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/mobiliario_revistas/00_atual/glamour/gl_footer_desk.gif
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
e6f842ccb9f05ede4f39819492a3c2ef22fd899c3c667da47fd2e8349ea62722

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:56 GMT
x-openstack-request-id
tx3d7aeb8f10ee49beb9171-0063070514
last-modified
Fri, 27 May 2022 17:58:48 GMT
x-trans-id
tx3d7aeb8f10ee49beb9171-0063070514
x-thanos
0AB14003
etag
3ad27a649e6954cc9f3589a9f7bd392d
vary
Accept-Encoding, Origin
content-type
image/gif
x-timestamp
1653674327.54869
cache-control
public, max-age=180
accept-ranges
bytes
content-length
8181
x-request-id
35353942-d41a-4897-a584-36239549b7c6
cx.js
cdn.cxense.com/ Frame E566 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:7a8::268b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
bfb366045d59dcc51855c1deacc3ddfca4c792f7e7a5b83898b9ae02a75b7e26

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.cxense.com/sp1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:13:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 13:59:11 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29436
Expires
Thu, 25 Aug 2022 06:13:56 GMT
p1.js
p1cluster.cxense.com/ Frame E566 		47 B
636 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p1cluster.cxense.com/p1.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.40.89.32 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
8985f56d8352122e1dd604f7c57797f5d4ecd215226b1fd0d6424c61dba052cc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:56 GMT
last-modified
Fri, 25 Feb 2022 05:13:56 GMT
server
Jetty(9.4.28.v20200408)
etag
37r5frcrfmx9k3eqnw4tlkqb8m
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
private, proxy-revalidate
content-type
text/javascript;charset=utf-8
content-length
47
expires
Fri, 25 Aug 2023 05:13:56 GMT
gl-botao-desk.png
s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/mobiliario_revistas/00_atual/glamour/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/mobiliario_revistas/00_atual/glamour/gl-botao-desk.png
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
40c6e73505b42c7e66cca644b0bdeda5b54eba8b125787fd1757d168622dee78

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:56 GMT
x-openstack-request-id
tx16c2d095c715409ebf20e-0063070514
last-modified
Fri, 27 May 2022 17:51:16 GMT
x-trans-id
tx16c2d095c715409ebf20e-0063070514
x-thanos
0AB14003
etag
82a68af3a1e64705f72eaa084512b867
vary
Accept-Encoding, Origin
content-type
image/png
x-timestamp
1653673875.99055
cache-control
public, max-age=180
accept-ranges
bytes
content-length
2497
x-request-id
4fccf1e9-32ef-4289-846c-bd5f096ba979
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=glamour.globo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 05:13:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		45 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3466766554428734&correlator=907405556086941&eid=31068830%2C31069131&output=ldjh&gdfp_req=1&vrg=2022081802&ptt=17&impl=fif&iu_parts=85042905%2Cglamour%2Clifestyle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90%7C728x90%7C970x250%7C1x1%7C970x150&ifi=1&adks=3229887313&sfv=1-0-38&fsapi=false&prev_scp=Editora.pos%3DTop%26editora.url%3Dmelhores-do-ano-os-memes-mais-engracados-de-2019%26Editora.random%3D4&eri=1&cust_params=ognCluster%3D%26kuid%3D&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1661404436599&lmt=1661404436&dlt=1661404432003&idt=4060&adxs=315&adys=215&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&ref=http%3A%2F%2Fsandramaria.online.anamarialopez.site%2F&frm=20&vis=1&psz=1600x250&msz=1600x0&fws=4&ohw=1600&ga_vid=1455757629.1661404436&ga_sid=1661404437&ga_hid=1121990618&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
a53e01b44ed913191eabb9a71596bff60a18acc4b7bdb189c35e151213873b0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18682
x-xss-protection
0
google-lineitem-id
6082032434
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138401896031
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3466766554428734&correlator=468530251284667&eid=31068830%2C31069131&output=ldjh&gdfp_req=1&vrg=2022081802&ptt=17&impl=fif&iu_parts=85042905%2Cglamour%2Clifestyle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=2&adks=3576296953&sfv=1-0-38&fsapi=false&prev_scp=Editora.pos%3DTop%26editora.url%3Dmelhores-do-ano-os-memes-mais-engracados-de-2019%26Editora.random%3D9&eri=1&cust_params=ognCluster%3D%26kuid%3D&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1661404436607&lmt=1661404436&dlt=1661404432003&idt=4060&adxs=892&adys=773&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&ref=http%3A%2F%2Fsandramaria.online.anamarialopez.site%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=4&ohw=1600&ga_vid=1455757629.1661404436&ga_sid=1661404437&ga_hid=1121990618&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
bd21be3acfc1eebc9e0e8f374016a2493cd5df45e12213e72044e63580a64882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9635
x-xss-protection
0
google-lineitem-id
5709452580
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138351778082
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3466766554428734&correlator=2939494705931701&eid=31068830%2C31069131&output=ldjh&gdfp_req=1&vrg=2022081802&ptt=17&impl=fif&iu_parts=85042905%2Cglamour%2Clifestyle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=640x480%7C640x360&ifi=3&adks=3850837918&sfv=1-0-38&fsapi=false&prev_scp=Editora.pos%3DInread%26editora.url%3Dmelhores-do-ano-os-memes-mais-engracados-de-2019&eri=1&cust_params=ognCluster%3D%26kuid%3D&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1661404436611&lmt=1661404436&dlt=1661404432003&idt=4060&adxs=0&adys=2066&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&ref=http%3A%2F%2Fsandramaria.online.anamarialopez.site%2F&frm=20&vis=1&psz=1600x1965&msz=1600x0&fws=4&ohw=1600&ga_vid=1455757629.1661404436&ga_sid=1661404437&ga_hid=1121990618&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
f828a24912517602d4bef7f8d8ba39ebbb8317146bc6119887e7f76285d9e906
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9465
x-xss-protection
0
google-lineitem-id
4565038482
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138336733253
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3466766554428734&correlator=443750997397234&eid=31068830%2C31069131&output=ldjh&gdfp_req=1&vrg=2022081802&ptt=17&impl=fif&iu_parts=85042905%2Cglamour%2Clifestyle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=4&adks=3935049410&sfv=1-0-38&fsapi=false&prev_scp=Editora.pos%3Din-image%26editora.url%3Dmelhores-do-ano-os-memes-mais-engracados-de-2019&eri=1&cust_params=ognCluster%3D%26kuid%3D&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1661404436616&lmt=1661404436&dlt=1661404432003&idt=4060&adxs=0&adys=5537&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&ref=http%3A%2F%2Fsandramaria.online.anamarialopez.site%2F&frm=20&vis=1&psz=1600x130&msz=1600x0&fws=4&ohw=1600&ga_vid=1455757629.1661404436&ga_sid=1661404437&ga_hid=1121990618&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
7e6ac82bd5dfd18808f76e7c228d07a2c649618a40aac16fda8e7aaf99e8088c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9439
x-xss-protection
0
google-lineitem-id
5705163548
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138351052101
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3466766554428734&correlator=1410970807387347&eid=31068830%2C31069131&output=ldjh&gdfp_req=1&vrg=2022081802&ptt=17&impl=fif&iu_parts=85042905%2Cglamour%2Clifestyle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&adks=2074024431&sfv=1-0-38&fsapi=false&prev_scp=Editora.pos%3DDhtml%26editora.url%3Dmelhores-do-ano-os-memes-mais-engracados-de-2019&eri=1&cust_params=ognCluster%3D%26kuid%3D&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1661404436619&lmt=1661404436&dlt=1661404432003&idt=4060&adxs=0&adys=5537&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&ref=http%3A%2F%2Fsandramaria.online.anamarialopez.site%2F&frm=20&vis=1&psz=1600x130&msz=1600x0&fws=4&ohw=1600&ga_vid=1455757629.1661404436&ga_sid=1661404437&ga_hid=1121990618&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
e54cdda4e8f06859b0178a908b45c1a52ce4965405725b381910ed204a8e1741
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9400
x-xss-protection
0
google-lineitem-id
5693016947
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138358623781
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b914bae64ee38a1f51ab4d193a1b562e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AE3E 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b914bae64ee38a1f51ab4d193a1b562e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 05:13:56 GMT
expires
Fri, 25 Aug 2023 05:13:56 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rep.gif
comcluster.cxense.com/Repo/ Frame E566 		43 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comcluster.cxense.com/Repo/rep.gif?ver=2.6.7&typ=pgv&rnd=l78layyxpc0w3gyt&sid=4756157261768221469&loc=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&new=0&arf=0&ltm=1661404436170&ref=http%3A%2F%2Fsandramaria.online.anamarialopez.site%2F&tzo=0&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=l78lazglc87wzg79&ckp=l78layyx74zpmnnn&glb=&cp_userState=anon&cst=37r5frcrfmx9k3eqnw4tlkqb8m
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.40.89.32 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:56 GMT
server
Jetty(9.4.28.v20200408)
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
43
content-type
image/gif
id
id.cxense.com/public/user/ 		117 B
688 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22l78layyx74zpmnnn%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%2237r5frcrfmx9k3eqnw4tlkqb8m%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%2237r5frcrfmx9k3eqnw4tlkqb8m%22%7D%5D%2C%22siteId%22%3A%224756157261768221469%22%2C%22location%22%3A%22https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml%22%7D&callback=cXJsonpCBl78lazso77oan178
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.40.89.32 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
50cae258c9ee6b608c8f8593e4efaf5ed86f8708864722db239baae7de75f7cb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:56 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-type
text/javascript;charset=utf-8
content-length
117
expires
Mon, 26 Jul 1997 05:00:00 GMT
pubcid.min.js
id.sharedid.org/lib/ 		732 B
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.sharedid.org/lib/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.209.30.241 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-30-241.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:56 GMT
cache-control
public, max-age=86400
last-modified
Thu, 25 Aug 2022 00:33:33 GMT
accept-ranges
bytes
content-length
732
vary
accept-encoding
content-type
application/javascript
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 09:41:10 GMT
content-encoding
gzip
age
934366
x-guploader-uploadid
ADPycds1r6ayGRyhGbN-oxADIawMOLLK1OxM6dc49Rjall_Fie7D76amBGJO-Eb2Yl7jT8s4br_rL2ooraI8jQP2qmkx9LYiSKLm
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-generation
1622140251693895
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 14 Aug 2023 09:41:10 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8cd6a935771c335b708ce50bb07ff972f1e8d65185231435365bb0a66062411
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:56 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
3277
x-amz-server-side-encryption
AES256
x-amz-request-id
2Y58ZV375HAP4B45
x-amz-id-2
fm0yp6eAkZTOG156Ulc6X4LORDxB6Gwbwu/JRn/7NpS1gWAIe7bC1ha/xOFz+AaTDKiCAMBnGgs=
last-modified
Tue, 23 Aug 2022 08:57:12 GMT
server
cloudflare
etag
W/"c812189e503819b30a1ac4c9187a58eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7401d7621a6b2aba-ORD
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
afa1d5bcfbc58ede9d71fd9eb2c5b53c369f05f3255ea4a36398be35b52979b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:56 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 07:20:46 GMT
server
nginx
etag
W/"62fb454e-9dbd"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 26 Aug 2022 05:13:56 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.39.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-39-34.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
094b946adc39ade08f6d927ea066c8fef3ba6ee5c12919873172315ef7428e92

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 25 Aug 2022 04:29:05 GMT
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 18:12:40 GMT
server
AmazonS3
age
2692
etag
W/"2fa1275c04d6208db458c1ec8559f92d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 47f167ca4b48d927b2e7abade7ebfcfc.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
EWR53-C2
x-amz-cf-id
PEY-KLaPIXEkOYgIg-au_68B4UtFRPDp2XjV_PuoSU2DeM57beyFaA==
uid2-sdk-0.0.1b.js
prod.uidapi.com/static/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.19.38.244 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-19-38-244.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:56 GMT
cache-control
public, max-age=86400
last-modified
Tue, 17 May 2022 17:30:07 GMT
accept-ranges
bytes
content-length
4559
vary
accept-encoding
content-type
application/javascript
view
securepubads.g.doubleclick.net/pcs/ Frame 7DDE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCgOL1cOmn1ODb4jZVEv3b20iUQqrelWDRce_2vonTdistwMLpZVC6S9XcwmcQQ1i2i2pGyuUlhwFixJW9bOEEKbUm599JDiNKhKe4A8h_mI2bmpZA2B0ixm8UlbhVFT-95ahj6BjNriIep7TVMuW3zZsBjTsXAUNSGrSqWj4lY5RGuOEyma8JIrGKWWNEIchYLhxspyEz6JhEnLJ1fC332ynLAIsM-jOpaSs2Z6CgyAh4Krs0Bg6SrPzsDAj9-oR7-mWG07Kqm_COgQY65qnVWzo2IQ6MxVlc-2S2ahWO8WUB0kpM95r-4YjVzAdIjpNSlapCYg&sai=AMfl-YTmvyT-4vIBH2P7DbX6jHmf3mQmLFlV4xq9-2Uo8w6yS7_PZsR9WfXYXsr3m3C8-ZYkL1kSC023NU9Muy1ZHxQ2b-H4TNMmSHNgGDx2pgheVRkM82u6LPcynUaNNpw&sig=Cg0ArKJSzN-aDiHBleV4EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 05:13:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
5773-7780-01.js
t.seedtag.com/t/ Frame 7DDE 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/t/5773-7780-01.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.133.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b697ac38711d89885dc3fd819b001b3262af4c1374bb4ce5820a1b471cefd955

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
7401d7625ea32ad2-ORD
date
Thu, 25 Aug 2022 05:13:56 GMT
via
1.1 google
cf-cache-status
EXPIRED
server
cloudflare
etag
W/"ab11-lYdxJjLtGg0pAbMx7fY/r1Cdg6Y"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=1200
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 25 Aug 2022 05:33:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7DDE 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44079
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661341966742178"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 25 Aug 2022 05:13:56 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E2E8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBhbVfMnvfbvhACpbsIul9dCVY5HpkuMA5weEkjRxK-4Fzzu9mvNjklusAxbiQ5NIMS5NUIEfRK9UVIJG1pg4GrlBCdvoavhGtb4GIRKfwFiHU5hS0epbn0YwtmAOhnC7oD3eE2UpmFJFTf8PFMn5JswLWRb7iy0jiL3v_3PuyF8w0cLqfBCBXSEn4GaKbM58hcLonGUl9AJv2d4IhNyLKU2j_66aSnOMxV8NCsylh0NcgERN_BrodgY-1iN3BroacYfNLe0_z8E9zfUdJ4qQg6TX2bfmrB8h-sFs51Uk3oOBhJ7Hs96-lrFnLdVNU0LqedZXPIbNKUg&sai=AMfl-YTl8_pxUaTqBEvPYRZPhO35JvHf6AwwVIzoLojLL9_naqufTmfnfPtiJVmJ5ROcGiMFhdeKCtKPWGmm2cVOS4USn-KTspy-PSGj9b1Dhmtq8czpV0Ldt8uAGXheqw&sig=Cg0ArKJSzLFZldVH7LZUEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 05:13:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
revistaglamour.globo.com_16671.js
ads.vidoomy.com/ Frame E2E8 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.vidoomy.com/revistaglamour.globo.com_16671.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.19.54.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-19-54-139.us-east-2.compute.amazonaws.com
Software
Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
707f24244143f4fc39816c5f9231a26b9ccd064cd9544e48376991ee06e32ffa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:56 GMT
Server
Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Content-Length
5560
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E2E8 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44079
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661341966742178"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 25 Aug 2022 05:13:56 GMT
optout_check
beacon.krxd.net/ 		78 B
237 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.globo.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.228.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-228-175.compute-1.amazonaws.com
Software
/
Resource Hash
ae15aec3673c096fed01b1f56e2d3e9ab159a4f02578e29dce88f9880e5dab81

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:56 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=28 t=1661404436
x-served-by
beacon-n002-ash-prod.krxd.net
content-type
text/javascript
get
cdn.krxd.net/userdata/ 		367 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/userdata/get?pub=5007d44e-09d1-49b7-8c99-6b1cc38c3cbc&technographics=1&callback=Krux.ns.globo.kxjsonp_userdata
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2d88b91136dea0a275445da1a78e53364603a09ace9bcb84945805308be6ea8e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date
Thu, 25 Aug 2022 05:13:56 GMT
content-encoding
gzip
age
0
x-served-by
userdata-a006-ash-prod.krxd.net, cache-chi-klot8100119-CHI
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript
via
1.1 varnish
cache-control
private, max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1661404437.909372,VS0,VE31
content-length
277
x-cache-hits
0, 0
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&rid=esp&cc=1
85 B
103 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&rid=esp&cc=1
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
27e5923af3721531989460fc532eca43646827a386543f5259a729e319261d90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:57 GMT
via
1.1 google
etag
W/"55-rvjouZx2m58uazHFMQ5anLvp24g"
x-powered-by
Express
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Thu, 25 Aug 2022 05:13:56 GMT
via
1.1 google
access-control-allow-origin
https://glamour.globo.com
x-powered-by
Express
vary
Origin
location
/esp?url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
increment
id5-sync.com/api/esp/ 		0
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Thu, 25 Aug 2022 05:13:56 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
strict-transport-security
max-age=63072000; includeSubDomains; preload
5007d44e-09d1-49b7-8c99-6b1cc38c3cbc
consumer.krxd.net/consent/get/ 		220 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_1
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8e838d758085f343311d6d1485d578727410f44628e53fd119f00978024396c4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:57 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a008-ash-prod.krxd.net, cache-chi-klot8100161-CHI
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1661404437.008546,VS0,VE28
content-length
185
x-cache-hits
0, 0
view
securepubads.g.doubleclick.net/pcs/ Frame 6737 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssPJE2SxLRoFOE-92OzPWSLxQD7F_B8RLUJBmJPFVIQ5vqiETcFTYwb2gw4s5vPDewnuvMwn8yzSeRR16XJz4RgRID0M-ZCtUVL1oZjvuZd_tvTWy7Bfg5ZnFNn7KofB32Xd6gwPE7JWbDn2uKxIQr0A-7DUZ9lI83a2MkrplUs4Ge_Um2DSiNGBGZrwL31KzRZkUJJAUwgJ4PinbY5sEBZprLboh3hEiVLNL96ihCQXiZ4pMRO4ueWIV-5QbMU5Sky2cm9p5vbaaiGqithSMwBnmXaksgYUwhf8lo1acltZ5fsZESjcTqq-1kWVlSSmvT0lVItHH0UTQ&sai=AMfl-YSraimwJVwq08ofimpP11DVFqmn0cfG4haCi97jhe3E0Fegr_DOG0GgM9744Ms85V160fLN7yebYr_WVZnmlXeh0XmRuJdrZUjp4vmrBgFthnaQLjR-2XePWPv37Q&sig=Cg0ArKJSzAzX2WDmAxBHEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 05:13:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
tag
a.teads.tv/page/80259/ Frame 6737 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/80259/tag
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.29.133.72 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-133-72.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3967cf031a451f1d50726a9c7d4bfee59e1b4ff70d98807f8fc47838400a5f6f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:57 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
1262
expires
Thu, 25 Aug 2022 06:13:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6737 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44079
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661341966742178"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 25 Aug 2022 05:13:57 GMT
event
prebid-a.rubiconproject.com/ 		61 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_glamour.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.100.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-100-150.compute-1.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 25 Aug 2022 05:13:57 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.100.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-100-150.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Thu, 25 Aug 2022 05:13:57 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
/
trc.taboola.com/sg/rubicon-network-display/1/rtb-h/ Frame 1CCA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L78LAY60-1Y-88US
0
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L78LAY60-1Y-88US
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 25 Aug 2022 05:13:57 GMT
via
1.1 varnish
server
nginx
x-timer
S1661404437.323612,VS0,VE2
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
x-served-by
cache-chi-klot8100047-CHI

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L78LAY60-1Y-88US
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4f2e9ddc15e6cc2c3861f8e2683d2514
Expires
0
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 1CCA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEOjqwE-PEDx0SMlcthIYlxU&google_cver=1
0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEOjqwE-PEDx0SMlcthIYlxU&google_cver=1
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 25 Aug 2022 05:13:57 GMT
via
1.1 varnish
server
nginx
x-timer
S1661404437.235740,VS0,VE2
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-chi-klot8100047-CHI

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEOjqwE-PEDx0SMlcthIYlxU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1CCA 		42 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92:$UID
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 16:50:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 1CCA
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92
date
Thu, 25 Aug 2022 05:13:57 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
45092
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 1CCA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=f392b494-04f1-4190-8b81-965c828ca97a
0
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=f392b494-04f1-4190-8b81-965c828ca97a
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-vcl-time-ms
4
date
Thu, 25 Aug 2022 05:13:57 GMT
via
1.1 varnish
server
nginx
x-timer
S1661404437.233180,VS0,VE4
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-chi-klot8100047-CHI

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:57 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=f392b494-04f1-4190-8b81-965c828ca97a
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame 1CCA
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
43 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Server
23.92.190.68 Katy, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 1CCA 		49 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-6d7578d788-x8mpp
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 1CCA 		43 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&gdpr=0&gdpr_consent=
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.199 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:57 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame 1CCA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.208.243.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-243-83.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 1CCA
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=8c70ec81-2319-4d1a-a663-78be1b2e2a11
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=8c70ec81-2319-4d1a-a663-78be1b2e2a11
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:57 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
45231

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:56 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=8c70ec81-2319-4d1a-a663-78be1b2e2a11
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1314043
content-length
0
expires
Thu, 25 Aug 2022 00:00:00 GMT
/
sync.taboola.com/sg/id5-network/1/rtb-h/ Frame 1CCA
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&gdpr=0&gdpr_consent=&us_privacy=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/6/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/464/2/6/2.gif?puid=7412760816595641933&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOAlGWnG9thL1fr_OIVdW5XyPkXFOYhFbqxgIaTA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F5%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/464/3/5/3.gif?puid=b9936307-0516-4500-b3ae-7b63940e6617&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=f392b494-04f1-4190-8b81-965c828ca97a&ttl=%%TTL%%
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAD9KU7GDgoAABMQ-KCgjw
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F796%2F2%2F6.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
  • https://id5-sync.com/c/464/796/2/6.gif?puid=4c12d306-7bd7-45ec-a97a-8304a6a92f40&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F429%2F1%2F7.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/464/429/1/7.gif?puid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F434%2F0%2F8.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/464/434/0/8.gif?puid=fe9dd889-665a-426c-864c-a01eef9241c6&gdpr=0&gdpr_consent=
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOAlGWnG9thL1fr_OIVdW5XyPkXFOYhFbqxgIaTA
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOAlGWnG9thL1fr_OIVdW5XyPkXFOYhFbqxgIaTA
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
47975

Redirect headers

location
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOAlGWnG9thL1fr_OIVdW5XyPkXFOYhFbqxgIaTA
date
Thu, 25 Aug 2022 05:13:59 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 1CCA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ce95d937-04dc-4d9f-a5f7-40c522420de0&ssp=taboola&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10602036474860944696&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10602036474860944696&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=35311a1f-8b8c-4ce6-925a-329ee2037a4d&ssp=taboola&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10602036474860944696&ssp=taboola&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=213520604254002659520&ssp=taboola&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10602036474860944696&ssp=taboola&gdpr=0&gdpr_consent=
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=ce95d937-04dc-4d9f-a5f7-40c522420de0
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=ce95d937-04dc-4d9f-a5f7-40c522420de0
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
48531

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=ce95d937-04dc-4d9f-a5f7-40c522420de0
Date
Thu, 25 Aug 2022 05:13:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 1CCA
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ac760d52-1f1a-400d-96a6-ce79bebf6dfd
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ac760d52-1f1a-400d-96a6-ce79bebf6dfd&tbid=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&query=taboola_hm%3Dac760d52-1f1a-...
0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ac760d52-1f1a-400d-96a6-ce79bebf6dfd&tbid=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&query=taboola_hm%3Dac760d52-1f1a-400d-96a6-ce79bebf6dfd&isDirect=0
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:57 GMT
via
1.1 varnish
server
nginx
x-timer
S1661404438.820039,VS0,VE2
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-chi-klot8100047-CHI

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ac760d52-1f1a-400d-96a6-ce79bebf6dfd&tbid=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&query=taboola_hm%3Dac760d52-1f1a-400d-96a6-ce79bebf6dfd&isDirect=0
date
Thu, 25 Aug 2022 05:13:57 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
49931
sd
u.openx.net/w/1.0/ Frame 1CCA 		43 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=543998486&val=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&gdpr=0&gdpr_consent=
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
xuid
eb2.3lift.com/ Frame 1CCA
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7772&xuid=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&dongle=tbla
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7772&xuid=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
date
Thu, 25 Aug 2022 05:13:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
visitor.omnitagjs.com/visitor/ Frame 1CCA 		49 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=54ac1f569912e3c4967bf7b5df910a44&name=TABOOLA&visitor=[BUYER_USERID]&external=true
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:57 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-type
image/gif
content-length
49
expires
0
/
s.uuidksinc.net/match/1135/ Frame 1CCA 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.uuidksinc.net/match/1135/?remote_uid=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.155 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:57 GMT
server
nginx/1.19.0
rtb-h
sync.taboola.com/sg/stackadaptrtb-network/1/ Frame 1CCA
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=140
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=DStGRj0VSaBPBl_Yc4F1YKdYB6I
0
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=DStGRj0VSaBPBl_Yc4F1YKdYB6I
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:57 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
49931

Redirect headers

Location
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=DStGRj0VSaBPBl_Yc4F1YKdYB6I
Date
Thu, 25 Aug 2022 05:13:57 GMT
Connection
keep-alive
Content-Length
119
Content-Type
text/html; charset=utf-8
sync
x.bidswitch.net/ Frame 1CCA 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=453&user_id=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:13:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
t.adx.opera.com/ Frame 1CCA 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60151&uid=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:57 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 1CCA
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=0503e3b0-984e-4551-a19c-665cdd4ab6a4
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=0503e3b0-984e-4551-a19c-665cdd4ab6a4
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:57 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
50821

Redirect headers

date
Thu, 25 Aug 2022 05:13:57 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=0503e3b0-984e-4551-a19c-665cdd4ab6a4
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
truncated
/ Frame 7DDE 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae088547fab8dbaf2f34b7e7dcb734c0ac1a001f1a602de2411cdb561767a3f5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 5897 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssx0Rxt9hO3OdYRiRJbnK_XlgJ3IuX_M1mUxalkdvSFmyCwwOHF72lGbKxIiNKGEj-jYo69ccAfn9wm7my5cJjBuTscZmeiUmI088OCriHQJJm4K1CMhXgdQMft9ZUwqKg6mMsIZTYkp-s8438j0Eth0yNyLTFjQ72-3TyboWmIMJBpS9IT88mwzV_1HmL9DcuDH3Es5pA-LN_UQP_aA8a5KyjhszjaYLcDL4wUq9q0JYTUFV6uo9pBi6rEkoUCeUa_Wdx6DJUuNuZYTtBZQG87idjuiaLYDNNR39QmYPj63zXzqjJ6X4bBWv389c_XIT0HMTh42F9Eig&sai=AMfl-YR6x40aaum1x3QappdlDQ5h9hHEF03i7HT9L9AzbXaJkJ3rWH_Nnt45l86BE7tyoTa24w50PR9e9eVYcQhpdn24LVdCszYXlU8V4whGA4cnqcjCIWH7c3kfbherKrI&sig=Cg0ArKJSzIyv9MgjCTGlEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 05:13:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 5897 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
sffe /
Resource Hash
8122177cca9baba8feb65c312043212098ec6be86ef09540ba2c77b3a233b7c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28536
x-xss-protection
0
server
sffe
etag
"1313 / 969 of 1000 / last-modified: 1661378961"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 25 Aug 2022 05:13:57 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157163/4985/ Frame 5897 		433 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.132.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-212.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f6b1dff67df73f0f41f55601b7b331893331bd4c3033c17d419aa027c6347213

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:57 GMT
content-encoding
gzip
last-modified
Fri, 10 Jun 2022 01:03:13 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=130681
accept-ranges
bytes
content-type
application/javascript
content-length
134682
expires
Fri, 26 Aug 2022 17:31:58 GMT
owHCMR.js
s3.amazonaws.com/script-tags/ Frame 5897 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/script-tags/owHCMR.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.227.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7c6bd4c3afadedeb84cf0b47867e871b8e2383f395b4e4c1cfaee16dfce2615b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:13:58 GMT
Last-Modified
Tue, 09 Aug 2022 19:31:17 GMT
Server
AmazonS3
x-amz-request-id
SQD2V17K214ZEDCF
ETag
"15b3dd0aa9bb42805b5ff0a4da1cfb78"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
13608
x-amz-id-2
GMQK/yLUa+ITlqIWlpLwA40+v9eV1eW2lAJbGsfE09FQMDlIXWJ4pYjN53Edkg8erqiuk+oPq5c=
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5897 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44079
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661341966742178"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 25 Aug 2022 05:13:57 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 10D8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRUICKhJhqQe5UQb__9AS9_EF5ZY0Dsr_Q9KVZrNQnIFu7lXBbU9w_6ChRIkXnkRN9-GOlepiIVcTlR75EKsJFRxtQLg7ucnrveWQ81UFUY0AYJ95ppqQOZkzZV38s6Qsz_reri0QLgy5JbTyofBoDLEGL8I-ileR9EW5CgFHSkWDpiVZHgXWukfz6q4umy5vniB10ogM9cWR1h81UCR4vJFYFzDUPCJCr7y-4J7X-3K3S348yQOwAEA61_9YyJ4_aBQ48HyZpc_qtD6ud72gkqoIlIzBKc_KPFghPzF6U-Zc5bYKh_2w0oMIYF4S-b3HbT9xcqaaPUA&sai=AMfl-YSWqvGLEPFYXt0rbFjpAs5OMOkKYR_n5teJvyU3paLLQtvMzKHb4gl-hSTq4LpX9Z9KSR2uRMLf8hroGwkkil0uCuYrOzq0PaGTbqwecFEZp3PVzRwGQoaY4INJcQ&sig=Cg0ArKJSzCRsPPcOdsX_EAE&uach_m=[UACH]&adurl=
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 05:13:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 10D8 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Sep 2022 05:12:50 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 10D8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:11:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
146
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Sep 2022 05:11:31 GMT
l
www.google.com/ads/measurement/ Frame 10D8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRmqk22LjqgAA2gRRyyhG7O9_MoVbaBh-WD6fQlejVGdkTA87GMzTwd2v1JwEIm602PEYsm3I1_TaiMQ2byg4oZJbBLQg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 10D8 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44079
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661341966742178"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 25 Aug 2022 05:13:57 GMT
1451767038133474001
tpc.googlesyndication.com/simgad/ Frame 10D8 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1451767038133474001
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e4cb721621a38fd7149906a5211c54361fa49ced050bd0c93a58aed174e642d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 03:21:19 GMT
x-content-type-options
nosniff
age
6758
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
92153
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 21:27:08 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 25 Aug 2023 03:21:19 GMT
5773-7780-01.js
t.seedtag.com/t/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/t/5773-7780-01.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/t/5773-7780-01.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.133.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b697ac38711d89885dc3fd819b001b3262af4c1374bb4ce5820a1b471cefd955

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
7401d7643f422988-ORD
date
Thu, 25 Aug 2022 05:13:57 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
1
etag
W/"ab11-lYdxJjLtGg0pAbMx7fY/r1Cdg6Y"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=1200
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 25 Aug 2022 05:33:57 GMT
map
bcp.crwdcntrl.net/6/ 		156 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.205.219.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-219-62.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
76ea345832f8b763af19019030139f7305a572c00fd30ce0f41e95b95e952678

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:57 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache
x-server
10.40.7.78
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
156
expires
0
syncframe
gum.criteo.com/ Frame 37AC 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=glamour.globo.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
17b6c419a7f65afd0e75266dcace486b79ceae9242177feaa960dda92816c4cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6144
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 05:13:56 GMT
server-processing-duration-in-ticks
3313
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
formats.js
ad.lkqd.net/vpaid/ Frame 1061 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:57 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1661404437.cds261.ch4.hn,1661404437.cds265.ch4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
formats.js
ad.lkqd.net/vpaid/ Frame 94FF 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:57 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1661404437.cds261.ch4.hn,1661404437.cds265.ch4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
auto-user-sync
ads.stickyadstv.com/ 		43 B
558 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:57 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1661404437722090-269
p
sb.scorecardresearch.com/ 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=802602&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1661404437
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-90.jfk51.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:57 GMT
via
1.1 d3ab4cd494305c2d222c92f599e3c7c6.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
content-length
43
x-amz-cf-id
isTfvZRk6S2lnbK56jO12dowOVAD-96FPGZcBFGYF8EkGdCZGwxzTg==
x-cache
Miss from cloudfront
content-type
image/gif
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=252806910.250996441334139906.7024693
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dvidoo...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=b2babc02caac49d6a21d1daadc38396f&ssp=vidoomy&bsw_param=ce95d937-04dc-4d9f-a5f7-40c522420de0&gdpr=&consent=&gdpr_pd=&expires=7
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=ce95d937-04dc-4d9f-a5f7-40c522420de0
43 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=ce95d937-04dc-4d9f-a5f7-40c522420de0
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
18.198.39.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-39-162.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
content-encoding
none
server
fasthttp
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

Location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=ce95d937-04dc-4d9f-a5f7-40c522420de0
Date
Thu, 25 Aug 2022 05:13:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58610/occ
  • https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-T4gubExE2uHl11yJqiA0EIqbv8Nl_EL6mCu_FFk-~A
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-T4gubExE2uHl11yJqiA0EIqbv8Nl_EL6mCu_FFk-~A
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
18.198.39.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-39-162.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
content-encoding
none
server
fasthttp
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

location
https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-T4gubExE2uHl11yJqiA0EIqbv8Nl_EL6mCu_FFk-~A
date
Thu, 25 Aug 2022 05:13:57 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
truncated
/ Frame E2E8 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c3403d3f47060a5cdaae7540d17cb9d7d2c8c21ecb2425c71e01e53b3fa02e56

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame E2E8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst35KLp8b9G7BfDGgYWCCegN89zx_W3XYYGWSJZOUGrljl5nsAO8qVB0u2hIfEjza9WktK5EkfOvj36WfjZl8A4f-3Xi7epS8eMUNtSpVAWmmOthgXkDeZS6z3xKl-NmLILAP8yd-_Q0nFteI3sutrXiOGZkFDvzAwYjwu7V5hG_w9jCjR8awKpZxfqmgonRAX5KoJ4Tz_2l2QTRf2Y3vXHx0Sr_iw6ssWnUavN_k7BwLeOK3dzKtkntQDoWObuj2n3R10mw0giDLXH3Um_HgBnb3iiHMDJf-j729VHt3N6oS7mTDUy2SLFH3aBKV_dQjj2spl5Z7O2khms&sai=AMfl-YSD_SZ2SmFiNhtrypTKj6VyxX1vk1NOLE3f_VD5V92Si73Efi88gWldj0RFWadusaH4VRzWJjcYBl3ohibT60epjJDVZ-06E3aWMkdFgh2VkvBByYNHjuir0uCEgQ&sig=Cg0ArKJSzGJLSCSnlbDwEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 05:13:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 25 Aug 2022 05:13:57 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7DDE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstd_sbXuyEO0fAVbX5zKySdbeiX2QOXDrU9Bfg1uREVPtK_ZwiLfAMKzpa5mSZ_njolynIVaSJjmVuKQ0RiYQyrPrpsDQSa5zJTcSPX4KxbbgfMB_CWTCHJY4He2lPUmU9h6q0jUojVHeguUKzWXmA-eOtTvwISky_P3E2ySR-v9mlHomlPf3DcRwWhoLfBhSCBXuhh7m_7IHCObgQQm9x8zs75_W0QxmSLlW9LneIwov3kybZto1rDBB1izXO_MmJqY2GTqXXNyHolu2EI_Yb0di3evUHbHg8mRcy4nrNTMg1LChfgbDEwVxDggQ2qLWeY9qWBAjfr&sai=AMfl-YRlzaiErXjdpM9VHT2tMqFVgnJayJ7leJParRRz3a6gCErBO_1QyhbecnXj9QRSs0PeT9UeGm4cPrv5otxj6HhW18xlvNpdRCSeIQkbWq_6vZiMyqjBhF4CGuHLk08&sig=Cg0ArKJSzBPHPVBHidJoEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 05:13:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 25 Aug 2022 05:13:57 GMT
pixel.gif
beacon.krxd.net/ 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=sexqhznbn&_kpid=5007d44e-09d1-49b7-8c99-6b1cc38c3cbc&_kcp_s=Infoglobo&_kcp_d=glamour.globo.com&_knifr=17&_kpref_=http%3A%2F%2Fsandramaria.online.anamarialopez.site%2F&_kua_kx_tz=0&geo_country=us&geo_region=ar&geo_dma=734&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_glbdt_utype=anonymous&_kua_dmp_globo_id=8162043013768284160&_kua_kx_tech_browser=Chrome%2010&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=us&_kua_kx_geo_region=ar&_kua_kx_geo_dma=734&_kpa_meta_keywordsDELIM=%2C&_kpa_kx_context_terms=Nu7TTsTR%3A2%2CNu7TVOIg%3A1%2CNu7TTFG6%3A1%2CNu7TUsNK%3A1%2CNu7TXfT8%3A1%2CNu7TWVvS%3A1&_kpa_url_path_1=lifestyle&_kpa_url_path_2=noticia&_kpa_url_path_3=2019&_kpa_url_path_4=12&_kpa_url_path_5=melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&_kpa_content_type=materia&_kpa_page_name=materia&_kpa_meta_site_name=Glamour&_kpa_title=Melhores%20do%20ano%3A%20os%20memes%20mais%20engra%C3%A7ados%20de%202019%20%7C%20Lifestyle%20%7C%20Glamour&_kpa_full_path=glamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&_kpa_subdomain=glamour&_kpa_domain=globo&_kpa_utag_editoria=glamour%2CLifestyle&_kpa_utag_page_type=multi-content&_kpa_browser_name=Chrome&t_navigation_type=0&t_dns=130&t_tcp=333&t_http_request=-1&t_http_response=492&t_content_ready=2283&t_window_load=0&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=xqasak8f2&userdata_user=PCeFolNw%2Cxqasak8f2&sview=1&kplt0=19929&kplt1=19930&kplt2=19936&kplt3=27202&kplt4=30153&kplt5=32767&kplt6=35254&kplt7=38352&kplt8=38515&kplt9=43900&kplt11=46183&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F5007d44e-09d1-49b7-8c99-6b1cc38c3cbc%2C206%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C225%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C228%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F5007d44e-09d1-49b7-8c99-6b1cc38c3cbc%2CNaN
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.228.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-228-175.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:57 GMT
cache-control
private, no-cache, no-store
x-request-time
D=53 t=1661404437
x-served-by
beacon-n018-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
fbevents.js
connect.facebook.net/en_US/ 		100 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aba13e76e0dfc68cd2710d1745d55c6b210cb2bec6ecd14a541615b685af8564
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26535
x-xss-protection
0
pragma
public
x-fb-debug
AznHKF4QkNfANXzXJ7M2j1D8Y7cr/iXch6mPgYynCbWfCjpRe4HeNox3K5YA8Co8G/0kO68gKZv1sCNyXpWnrw==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 25 Aug 2022 05:13:57 GMT
vary
Accept-Encoding
x-content-cdn-origin-ts
1661404180541
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pubads_impl_2022081701.js
securepubads.g.doubleclick.net/gpt/ Frame 5897 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
sffe /
Resource Hash
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 01:10:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14595
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133512
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 08:37:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 25 Aug 2023 01:10:42 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 4FEA 		623 B
740 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
1825c9980b2f0d55a196d613bec16bb07611bf9fea58a2c102c01cfb46d079b8

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
407
content-type
text/html
date
Thu, 25 Aug 2022 05:13:57 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
st_3.b1ae53e309dc3d45b39a.js
t.seedtag.com/c/ 		70 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/c/st_3.b1ae53e309dc3d45b39a.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/t/5773-7780-01.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.133.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e2343e938140d17c2ceb77133f12f505bbbc046a195ba491f127be04d10534f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:57 GMT
via
1.1 google
cf-cache-status
HIT
age
55902
x-guploader-uploadid
ADPycdt3tImich33ovzBC3eT_IqZAJ3rn_RNXggxIbIzRl7lTJRr4FQikMyEthfKXnZCxTq2ngItu2eiM8gSBWn2Q94yh1NPOISm
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 24 Aug 2022 13:42:12 GMT
server
cloudflare
etag
W/"b260e7101bcc1bc6931f34564693e90b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=ZPt05g==, md5=smDnEBvMG8aTHzRWRpPpCw==
x-goog-generation
1661348532269006
content-type
application/javascript
cache-control
public, max-age=31480097
x-goog-stored-content-length
20792
cf-ray
7401d765a9262988-ORD
expires
Thu, 24 Aug 2023 13:42:14 GMT
st_2.335008b7b27c404c8cd9.js
t.seedtag.com/c/ 		386 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/c/st_2.335008b7b27c404c8cd9.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/t/5773-7780-01.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.133.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28c2449c7daa8635b900d163437b4348705d129fe6c53a674ee37fa6064ff36a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:57 GMT
via
1.1 google
cf-cache-status
HIT
age
55902
x-guploader-uploadid
ADPycdt-FwhP4sBgOxhj6htx1C1AMmG9wCKPW8a9oKSv1wSIIJU-JdkrG-6SJVgVcGs4mO9vwKol2Z-6Z9lZgEt4CdQKyZ57ph2r
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 24 Aug 2022 13:42:12 GMT
server
cloudflare
etag
W/"555329785b78881a305d1fda654bc7db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=KJ8Ifg==, md5=VVMpeFt4iBowXR/aZUvH2w==
x-goog-generation
1661348532303162
content-type
application/javascript
cache-control
public, max-age=31480097
x-goog-stored-content-length
106531
cf-ray
7401d765a9282988-ORD
expires
Thu, 24 Aug 2023 13:42:14 GMT
sid
mug.criteo.com/ Frame 37AC
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=globo.com&sn=ChromeSyncframe&so=0&topUrl=glamour.globo.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=FUGrB3w0elF6WTkrYVBId0JGSlFIMk1oY1M0Zld1R0w0bUxjQ1dhUWpqbXhnZkhKYWRmeDdMUEZGajRWMStLL3dES3hZaE1jZHQrVm9ycFVEOFlXT0lYbERnMkdINmhVY1Z0R2FDNG1meFJOSVBLT0I2T29CeGlpWkxNal...
441 B
636 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=FUGrB3w0elF6WTkrYVBId0JGSlFIMk1oY1M0Zld1R0w0bUxjQ1dhUWpqbXhnZkhKYWRmeDdMUEZGajRWMStLL3dES3hZaE1jZHQrVm9ycFVEOFlXT0lYbERnMkdINmhVY1Z0R2FDNG1meFJOSVBLT0I2T29CeGlpWkxNaldBWS81aGlRNTlrUlpPMDNXWHM1c3Exc1FmbmNOdWlSMkg2aE80WXNzN21wc01DeXNuQ2RXcGFyd3hqakJZekt2Rmd2R2U2NnQySEo0QTQ0M2l2YWRzMUljalFWWGpCNk12djF5ZDFTd29KRndFQVBaNHJ2ZHBTSmd0VkxCS3lVVC9ZeW4yOUMyZ2pYS2NHVFRPM1BqWHBMdC9hZk51UT09fA&cppv=2
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
68711ddb4517b043fd142e7b0d9007ec8925c823eba13e1e6e66298d55ebf2d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:57 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3556
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:56 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=FUGrB3w0elF6WTkrYVBId0JGSlFIMk1oY1M0Zld1R0w0bUxjQ1dhUWpqbXhnZkhKYWRmeDdMUEZGajRWMStLL3dES3hZaE1jZHQrVm9ycFVEOFlXT0lYbERnMkdINmhVY1Z0R2FDNG1meFJOSVBLT0I2T29CeGlpWkxNaldBWS81aGlRNTlrUlpPMDNXWHM1c3Exc1FmbmNOdWlSMkg2aE80WXNzN21wc01DeXNuQ2RXcGFyd3hqakJZekt2Rmd2R2U2NnQySEo0QTQ0M2l2YWRzMUljalFWWGpCNk12djF5ZDFTd29KRndFQVBaNHJ2ZHBTSmd0VkxCS3lVVC9ZeW4yOUMyZ2pYS2NHVFRPM1BqWHBMdC9hZk51UT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1472
content-length
541
expires
0
teads-format.min.js
a.teads.tv/media/format/v3/ 		600 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/80259/tag
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.29.133.72 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-133-72.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
99725e21800ccc55e79d462f475db2fec19f1c82057b6b5bc87bdfe5212927d4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 25 Aug 2022 05:13:57 GMT
content-encoding
br
last-modified
Tue, 23 Aug 2022 13:37:14 GMT
x-amz-request-id
QYGQ6QSEQ5XYVGJF
etag
"64ef8a8414b0709762a104370ec0c6fc"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
4
accept-ranges
bytes
content-length
134075
x-amz-id-2
IAFUzxjpXjx1DYNUbjprqZdpZVHXo/VgiZoFIV4arjDHYOKdwKLR9WJWVZT0TjEii2vaVEHSIPk=
expires
Thu, 25 Aug 2022 05:43:57 GMT
truncated
/ Frame 10D8 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eae79b443a97e7b97aa8db3345d2841aa034a09901d296467a8f3c32348f8a74

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 10D8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxG7eBrX7sAyzygsorzQdzO1nC2bwf-M4QymdSqQ5H9bNExgIaMfQyVjXDPL8A9gNfv7cDyXcZRueBzhUnXYSN6IMuUqJIkwUMMB_AUn0RKlgk_uWzfUAmxXWruzu-BzKfBX2hUxK-F63ZYOLtIHpbyMzSVElpfwKQG0x2A_ICS0UZI0UaRcgP6Lfkb3r9GCxk2YUelhWcyoxrp3CJVgRE2GNVQTwFvq2dpa4IVWz3o4DSUCpvjQS2st0HCDEkOI3cniRXiUOFNX0UIocgfpki4F4MSOubFmUUHJzXejS4L8aRwa3Ymv_85W_R33EAh95QVSEYD0Ko0HkX&sai=AMfl-YQujZpE2qOiIuLGE7UunvG2j6S6ODXA505Q_EmmveDIsirejJOb7wvxmHLaMriBvlspvktkwmaqLmglEhmQt8kSx9N0vbqDygWP833bldUN1UgxIA1Cl1zHDKqt_w&sig=Cg0ArKJSzGrJcABrMZ_TEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 05:13:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 25 Aug 2022 05:13:57 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6737 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuAQU9HR3u1J3gj7IRuL8JUmimSEhs72jEWqTbxzkBEsxJlrIgSCOvis5jly0t0eIy9y_hralWEpjLF2-fGK2wqliyUXrMG8TDe0xGWk5ZKOGaNKjY6YiFjXZKdL-qB6B-0hHGj1BrsTtlI_oAdy4wzra01Ccy1v94N8zJb4J1XRVQIoIAH0wBGnQBWn9ZWTUtjnT4HwSG4Fwno2FNpwt27tCuOrcylWl7j2mYavduWol2h9DU68JyM-Rx7VQkmn4CNFvCOKsN8WYtZKfx7Ty91bvq0J_nIFrsZA1eG6PGLYIfa8mkpGF-BWf9nzntyECF1jacrco8Vr3X-&sai=AMfl-YSBzKaGBuAxWq_IR_olpO3tDHMl9U0ajae4Mtb3RT1Hupwnuvpo9VK816-dpi0KY_9FP4XQPnuFdT7gswMQdu7ja9rpOYA2T0MWDhuQHXpI_Fc67j5nFJWvJ7dRBg&sig=Cg0ArKJSzBZF4tNaQXv8EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 05:13:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 25 Aug 2022 05:13:57 GMT
sd
us-u.openx.net/w/1.0/ Frame 4FEA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YwcFFQACNb5MfABN
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YwcFFQACNb5MfABN&_test=YwcFFQACNb5MfABN
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YwcFFQACNb5MfABN&_test=YwcFFQACNb5MfABN
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:57 GMT
via
1.1 varnish
server
Varnish
x-timer
S1661404438.657621,VS0,VE0
x-served-by
cache-chi-kigq8000057-CHI
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YwcFFQACNb5MfABN&_test=YwcFFQACNb5MfABN
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
16fe66d7-e2e3-e64f-e2e5-712f8360df59
pr-bh.ybp.yahoo.com/sync/openx/ Frame 4FEA 		43 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/16fe66d7-e2e3-e64f-e2e5-712f8360df59?gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:453e:66f9:9eff:3281 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:57 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame 4FEA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=82390093-724f-7406-d332-67da7c371210&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=f392b494-04f1-4190-8b81-965c828ca97a&ttd_puid=82390093-724f-7406-d332-67da7c371210&gdpr=0&gdpr_consent=
43 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=f392b494-04f1-4190-8b81-965c828ca97a&ttd_puid=82390093-724f-7406-d332-67da7c371210&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:57 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=f392b494-04f1-4190-8b81-965c828ca97a&ttd_puid=82390093-724f-7406-d332-67da7c371210&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
pixel
cm.g.doubleclick.net/ Frame 4FEA 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWU1NmQzNTktYmIzOC0yYWEyLWM2ZDItM2Q2M2I2ZDVkYzcw
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4FEA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPfd-znVGqJM3u54KC-xeVo&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPfd-znVGqJM3u54KC-xeVo&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPfd-znVGqJM3u54KC-xeVo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 5897 		159 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/owHCMR.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.192.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-192-196.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
15db152f386fbb66b5610a32b7b5d8662aeab674ce38a2c446cd73d2a250a92f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 25 Aug 2022 04:41:08 GMT
content-encoding
gzip
last-modified
Mon, 15 Aug 2022 16:11:59 GMT
server
AmazonS3
age
1970
etag
W/"364e5d6f95bbab2e2e1b3226cf815641"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9c90b41a9e5ac2856624d29ed4da4234.cloudfront.net (CloudFront), 1.1 12142717248e0e7148a5c1a9151ab918.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
IAD89-C3, BOS50-C3
x-amz-cf-id
bMRNuyOFP3k0262Asg3XqxSOAkrIuueDydHUqR5FgCJ-99U5Ylz-Sw==
truncated
/ Frame 5897 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e76c575c357313ca74c63e3ccc615f2eccf074ae2518b80d07d57362a04acd1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fglamour.globo.com%2F&domain=glamour.globo.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 25 Aug 2022 05:13:57 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1084
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 5897
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fglamour.globo.com%2F&domain=glamour.globo.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=b7_punxDcFpWbFV0UHhNc0FpOUhVZGNQQWpqYUpyajVHcmNRUmpJcjkvR3BSNDlwaXBWZ0Eya1ZtQTE5Z3RTUGZWRzVrK1R5Y0tqbUdiWVZ4Skg5RkFQajQ4NHRjdmZUR0o2aHcxalV6eEs5eTE5cjJnVWNsM1lJOXA1Rl...
406 B
662 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=b7_punxDcFpWbFV0UHhNc0FpOUhVZGNQQWpqYUpyajVHcmNRUmpJcjkvR3BSNDlwaXBWZ0Eya1ZtQTE5Z3RTUGZWRzVrK1R5Y0tqbUdiWVZ4Skg5RkFQajQ4NHRjdmZUR0o2aHcxalV6eEs5eTE5cjJnVWNsM1lJOXA1RlY0NHgzU1pFZmpQSUxoTEdkS0tyc0Nya0xHcDdibFFQK3k0ME1qYkR6VFhveXNqYngwb2VTM1FOZG5iMHJxdktwVmI0ZFdaUVNEMjVGTndmSmxNSDZmOU9tNUNBVlVGVDZrN2xTUlY1am9DVmJDa29YODR1S0l6VG11UjdhYm1WNUllWWovR0lBSnhENTV6WFdac2RTSnNycWM2L3hNUT09fA&cppv=2
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
bbf09747201f6130ccaff1ebd2dea7ab90042b3f1a66e9a981ecee3e2566d440
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:57 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3644
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:57 GMT
location
https://mug.criteo.com/sid?cpp=b7_punxDcFpWbFV0UHhNc0FpOUhVZGNQQWpqYUpyajVHcmNRUmpJcjkvR3BSNDlwaXBWZ0Eya1ZtQTE5Z3RTUGZWRzVrK1R5Y0tqbUdiWVZ4Skg5RkFQajQ4NHRjdmZUR0o2aHcxalV6eEs5eTE5cjJnVWNsM1lJOXA1RlY0NHgzU1pFZmpQSUxoTEdkS0tyc0Nya0xHcDdibFFQK3k0ME1qYkR6VFhveXNqYngwb2VTM1FOZG5iMHJxdktwVmI0ZFdaUVNEMjVGTndmSmxNSDZmOU9tNUNBVlVGVDZrN2xTUlY1am9DVmJDa29YODR1S0l6VG11UjdhYm1WNUllWWovR0lBSnhENTV6WFdac2RTSnNycWM2L3hNUT09fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1269
content-length
541
expires
0
arj
hcodemedia-d.openx.net/w/1.0/ Frame 5897 		173 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hcodemedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b30da94d-bd58-4129-af50-72ba1c6068ae&nocache=1661404437579&pubcid=adb2cfbd-24d8-4438-86a0-a35d6de93305&schain=1.0%2C1!hcodemedia.com%2C288%2C1%2C%2C%2C&aus=300x250&divids=%252F138871148%252Frevistaglamour.globo.com.dw.300x250&aucs=%252F138871148%252C85042905%252Frevistaglamour.globo.com.dw.300x250&auid=544116577
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
846eaf14037753c7d6f8d6dbc9eee5f9b1ee1d7f5f1b341b336062cf756db256

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:57 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://glamour.globo.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 5897 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0f02dfc186ec2537081d8b2348681cf2b0ad1aaa5a7cf77097b3823f1dde2baa
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:57 GMT
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
0927c661-24b3-44ee-9f57-f797fcd219bc
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 5897 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Thu, 25 Aug 2022 05:13:57 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ Frame 5897 		36 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=829120&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2272d73f38b9668c%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22hcodemedia.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%22288%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228e39fe1963d556%22%2C%22ext%22%3A%7B%22siteID%22%3A%22829120%22%2C%22dfp_ad_unit_code%22%3A%22%2F138871148%2C85042905%2Frevistaglamour.globo.com.dw.300x250%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c5fa74196b08889ba18bfccd2d22415ba5e3a76937d125477456936b86988b8

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 25 Aug 2022 05:13:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=orwUuequv0NsRfKCZLdkMdU4GirjqSnhV4%2BTcKbkFv7gig4VHxFv0FHsGjlP0mppVFnLwTDltPc1YhyTBzxyQoYre31sQK1ZP0cWJlLKZkDKj67nLIEFJVoAPBg319Gicb6uIkcj"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7401d7677d4f6354-ORD
expires
0
pub
pixel.adsafeprotected.com/services/ Frame 5897 		279 B
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931348&slot=%7Bid:/138871148/revistaglamour.globo.com.dw.300x250,ss:%5B300.250%5D,p:/138871148/revistaglamour.globo.com.dw.300x250%7D&wr=300.250&sr=1600.1200&url=https%253A%252F%252Fglamour.globo.com%252Flifestyle%252Fnoticia%252F2019%252F12%252Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.190.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-190-218.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a5a5599366ed1c70c195773a8e9cce9f19859f4e67d56c41bab071e937a61a83

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 25 Aug 2022 05:13:57 GMT
x-server-name
app03.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5897 		439 B
897 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13894&site_id=160068&zone_id=1519174&size_id=15&rp_schain=1.0,1!hcodemedia.com,288,1,,,&eid_pubcid.org=adb2cfbd-24d8-4438-86a0-a35d6de93305%5E1&rf=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&tg_i.adunit=revistaglamour.globo.com.dw.300x250&tg_i.dfp_ad_unit_code=138871148%2C85042905%2Frevistaglamour.globo.com.dw.300x250&tg_i.pbadslot=138871148%2C85042905%2Frevistaglamour.globo.com.dw.300x250&tk_flint=pbjs_lite_v4.43.0&x_source.tid=b30da94d-bd58-4129-af50-72ba1c6068ae&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6731432749176904
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::116 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6b39e69f29412508e654d4fc21e3194d3d60ae5a19b3aff7b652d088118af415

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:57 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
439
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ Frame 5897 		338 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2410EL
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d9891fa494491d0568e605c871d580816221bc90881cbb8701154ae470ea824d

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:57 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
bid
ap.lijit.com/rtb/ Frame 5897 		24 B
767 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 Lakeland, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
0a5abbd4d0003b810cbffdadf48c97e7a6379f9b6adcdb231e6c71265fd12c85

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 25 Aug 2022 05:13:57 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://glamour.globo.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
467226423720066
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/467226423720066?v=2.9.77&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1417897fde1f0bccd939b8a72b9064ac98b1909f9ac36492f6aff012a6b9c0f6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86351
x-xss-protection
0
pragma
public
x-fb-debug
6dcc1CwwH7YF88bRyErD69qnvnH2J2AomVhAhC0W7dWSYHix438PCR7SOc052ahMepBHzmS33pXzbbCKREfBeQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 25 Aug 2022 05:13:57 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1661404225987
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
http-source
s8t.teads.tv/logs/format/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv/logs/format/http-source?%5B20%5D%5B1067%7Cd%7CWindows%7C10%7CChrome%7C104%7Cweb%7C%7C%7C%5D%5B%7C%7C%5D%5Bwarning%5D%20getViewerInfo%20api%20not%20accessible
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:694::26e5 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
http-source
s8t.teads.tv/logs/format/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv/logs/format/http-source?%5B20%5D%5B1067%7Cd%7CWindows%7C10%7CChrome%7C104%7Cweb%7C%7C%7C%5D%5B%7C%7C%5D%5Bwarning%5D%20getViewerInfo%20cookie%20not%20accessible
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:694::26e5 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
track
t.teads.tv/ 		23 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=9a0134a7-f69d-4538-862b-fe7898d15f8b&pageId=80259&pid=86881&debug_metadata=bk18V9VVFL&fv=1067&ts=1661404437721&f=1&referer=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.109.215 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-109-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
http-source
s8t.teads.tv/logs/format/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv/logs/format/http-source?%5B40%5D%5B1067%7Cd%7CWindows%7C10%7CChrome%7C104%7Cweb%7C%7C%7C%5D%5B86881%7C%7C%5D%5Binfo%5D%20f11
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:694::26e5 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
http-source
s8t.teads.tv/logs/format/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv/logs/format/http-source?%5B40%5D%5B1067%7Cd%7CWindows%7C10%7CChrome%7C104%7Cweb%7C%7C%7C%5D%5B86881%7C%7C%5D%5Binfo%5D%20tagtype%203
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:694::26e5 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=9a0134a7-f69d-4538-862b-fe7898d15f8b&pageId=80259&pid=86881&slot=native&fv=1067&ts=1661404437735&f=1&referer=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.109.215 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-109-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
http-source
s8t.teads.tv/logs/format/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv/logs/format/http-source?%5B40%5D%5B1067%7Cd%7CWindows%7C10%7CChrome%7C104%7Cweb%7C%7C%7C%5D%5B86881%7C%7C%5D%5Binfo%5D%20f24
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:694::26e5 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
http-source
s8t.teads.tv/logs/format/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv/logs/format/http-source?%5B10%5D%5B1067%7Cd%7CWindows%7C10%7CChrome%7C104%7Cweb%7C%7C%7C%5D%5B86881%7C%7C%5D%5Binfo%5D%20ccpa-iab-consent%200%202
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:694::26e5 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
ad
a.teads.tv/page/80259/ 		538 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/80259/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&pageReferrerUrl=http%3A%2F%2Fsandramaria.online.anamarialopez.site&windowReferrerUrl=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&page=%7B%22id%22%3A80259%2C%22placements%22%3A%5B%7B%22id%22%3A86881%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A1600%2C%22height%22%3A900%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3Anull%7D%7D&auctid=9a0134a7-f69d-4538-862b-fe7898d15f8b&formatVersion=1067&env=js-web&netBw=9.3&ttfb=204
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.29.133.72 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-133-72.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cfff8803c0f2695644db4e3bc709cfe6bcf14b84bc963894ffdda4a6a0f3d88f

Request headers

Accept
application/json; charset=UTF-8
Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:57 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
382
expires
Thu, 25 Aug 2022 05:13:57 GMT
http-source
s8t.teads.tv/logs/format/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv/logs/format/http-source?%5B40%5D%5B1067%7Cd%7CWindows%7C10%7CChrome%7C104%7Cweb%7C%7C%7C%5D%5B86881%7C%7C%5D%5Binfo%5D%20gdpr-iab-consent%200
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:694::26e5 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=b7_punxDcFpWbFV0UHhNc0FpOUhVZGNQQWpqYUpyajVHcmNRUmpJcjkvR3BSNDlwaXBWZ0Eya1ZtQTE5Z3RTUGZWRzVrK1R5Y0tqbUdiWVZ4Skg5RkFQajQ4NHRjdmZUR0o2aHcxalV6eEs5eTE5cjJnVWNsM1lJOXA1RlY0NHgzU1pFZmpQSUxoTEdkS0tyc0Nya0xHcDdibFFQK3k0ME1qYkR6VFhveXNqYngwb2VTM1FOZG5iMHJxdktwVmI0ZFdaUVNEMjVGTndmSmxNSDZmOU9tNUNBVlVGVDZrN2xTUlY1am9DVmJDa29YODR1S0l6VG11UjdhYm1WNUllWWovR0lBSnhENTV6WFdac2RTSnNycWM2L3hNUT09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 25 Aug 2022 05:13:57 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1095
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync.html
ad.lkqd.net/cookie-sync/ Frame 7FE7 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Thu, 25 Aug 2022 05:13:57 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1661404437.cds261.ch4.hn,1661404437.cds008.ch4.c
ad
v.lkqd.net/ Frame 1061 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1142899&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fglamour.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C61323%2C1%2C&c5=&c6=61323&rnd=62068053&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
6c623b85b40c5d38e415c15df85453a1efd0c4ba6e66304b407ed03e4668fbce

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1407
pv
s.seedtag.com/c/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/pv?token=5773-7780-01&device=desktop&fullUrl=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&cache=1661404437847&v=-&ft=true
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.335008b7b27c404c8cd9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2f610b371489c341c6a7b5ab786ad4a5c771dcf9c0c94a11b0bb60f8c0e67a7e

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 25 Aug 2022 05:13:57 GMT
content-encoding
gzip
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
etag
W/"bdc-u/OEdS3EvOrHZXeM4X1jc/ShXc0"
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 548E 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/80259/tag
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
sffe /
Resource Hash
8122177cca9baba8feb65c312043212098ec6be86ef09540ba2c77b3a233b7c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28536
x-xss-protection
0
server
sffe
etag
"1313 / 787 of 1000 / last-modified: 1661378961"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 25 Aug 2022 05:13:57 GMT
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=passback-noAd&env=js-web&auctid=9a0134a7-f69d-4538-862b-fe7898d15f8b&pageId=80259&pid=86881&slot=native&vid=68c09383-5e89-4719-b475-c0c924b13cf4&fv=1067&ts=1661404437865&f=1&referer=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.109.215 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-109-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
usync.html
ad.lkqd.net/cookie-sync/ Frame 43A1 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Thu, 25 Aug 2022 05:13:57 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1661404437.cds261.ch4.hn,1661404437.cds008.ch4.c
ad
v.lkqd.net/ Frame 94FF 		180 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1142900&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fglamour.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C61323%2C1%2C&c5=&c6=61323&rnd=80930387&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
150
config
c.amazon-adsystem.com/cdn/prod/ Frame 5897 		385 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fglamour.globo.com&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.192.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-192-196.bos50.r.cloudfront.net
Software
Server /
Resource Hash
bbc029f1d997ab0fa9fc1499f94fb93f83b350470966b2227c6b761b282e527c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:22:34 GMT
via
1.1 12142717248e0e7148a5c1a9151ab918.cloudfront.net (CloudFront)
server
Server
age
3082
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
BOS50-C3
content-length
385
x-amz-cf-id
H1nhX8AbB9Lpgdi8bLp6tDexMoJn41nwMQTW5T1tm35y5HlPrww4qA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 5897 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.192.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-192-196.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 23:28:38 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
20721
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 24 Aug 2022 19:06:24 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
via
1.1 dcf91885f867cf935702b92732a304e6.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
BOS50-C3
content-type
application/javascript
x-amz-cf-id
oM2beCeuU8dSsgo8PSThTyODiGGHmAmvPtikN5ori5SvSW7xTFfA5g==
view
securepubads.g.doubleclick.net/pcs/ Frame 5897 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssGnLSV9nTPQzJ7Hu0xu6TLgXiq2GCwVrzpWlXM6UM-MNhaPO2Ejef6sBxfu_9LwR6CblHoaYVtfseutr9rf6Epp_liqfLBL32sVxI7aj4MKxgisdIJR7RHvnCaFS6jgcrJ5imvfarl312L8X8red1kiopzqQVGBtSdNf01BqltueAAjZje3dQ2juKk0eJAE0gvSNCGWF7dHElGtSUgDNFwc_uM3gic2-GdHENo4wzenoHov9C-3HLWT3UYUM0BWW665rvDg34SBzYJjlhExkNx7I3tmBnesFmTm7dHfPzovbAhRm93hruRx1lbNHjhWzYyRMfb4PrKF1Vd&sai=AMfl-YTPJu3F2wylaomKocCbSVjJF_HthUYUkMTMsBFipgpvzLKcx_kLhtKlAn6s7NRwlxjVqHpVlbBmeia49hRKMjtsYhAyfOEH1cb9e5aO7AGCNDq-IsNHfBy2bc42KUw&sig=Cg0ArKJSzLf0E4xQP8X1EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 05:13:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 25 Aug 2022 05:13:58 GMT
cs
cs.lkqd.net/ Frame 7FE7
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=49a415b1-b09f-4e1b-9d32-f3f5e3270315
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=49a415b1-b09f-4e1b-9d32-f3f5e3270315
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

date
Thu, 25 Aug 2022 05:13:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=49a415b1-b09f-4e1b-9d32-f3f5e3270315
cf-ray
7401d76afefc635d-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
lkqd
event.clientgear.com/cookie/ Frame 7FE7
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
  • https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=UvxcDMZkrL8
0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=UvxcDMZkrL8
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
47.252.78.131 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

date
Thu, 25 Aug 2022 05:13:58 GMT
server
nginx
location
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=UvxcDMZkrL8
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame 7FE7
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252...
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=sTNI9fkRROA&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=22e6ac08-c7ee-4333-a411-38f9eccaa61c
43 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=22e6ac08-c7ee-4333-a411-38f9eccaa61c
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:58 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=22e6ac08-c7ee-4333-a411-38f9eccaa61c
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
cs
cs.lkqd.net/ Frame 7FE7
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4061702563327631275
43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4061702563327631275
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4061702563327631275
pragma
no-cache
date
Thu, 25 Aug 2022 05:13:57 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 7FE7
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=DStGRj0VSaBPBl_Yc4F1YKdYB6I
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=DStGRj0VSaBPBl_Yc4F1YKdYB6I
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=DStGRj0VSaBPBl_Yc4F1YKdYB6I
Date
Thu, 25 Aug 2022 05:13:58 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
quant.js
secure.quantserve.com/ Frame 6310 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.335008b7b27c404c8cd9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
c5068652d2e91ff8a12bd334ea7ce87b7225f6da4a6a2841c8b51c24029a392b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
content-encoding
gzip
etag
"gV5iHc/sd8Rde4C/i53H5w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 01 Sep 2022 05:13:58 GMT
t3m.js
tags.t.tailtarget.com/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.t.tailtarget.com/t3m.js?i=TT-12765-5/CT-1068
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.335008b7b27c404c8cd9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
nginx/1.8.1 /
Resource Hash
40e4951dffea740356de1c800b47ff35a1fac0756b592a4ff5ea9a316b0119b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:12:11 GMT
content-encoding
gzip
age
107
x-guploader-uploadid
ADPycduFnayFcksVShzbEztypEwEXLmLrfXuk8x8Vo-DF3BG7MoJAOIOuaRonQ9j8dPIiL0WVcb_aJF78er_TbDMjz6jkZc8Jf4T
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7679
last-modified
Thu, 17 Mar 2022 15:35:15 GMT
server
nginx/1.8.1
etag
"ad2f9abb7bbec08e62cf17d0cc7d9125"
vary
Accept-Encoding
x-goog-hash
crc32c=6uEZZw==, md5=rS+au3u+wI5izxfQzH2RJQ==
x-goog-generation
1647531315191220
via
1.1 google
cache-control
max-age=7200,public
x-goog-stored-content-length
7679
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 25 Aug 2022 07:12:11 GMT
cs.html
cs.seedtag.com/ Frame 4C8A 		50 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.335008b7b27c404c8cd9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.133.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a85b4f00a6ee86411335c25efe78776bdf430abffad78030f7d57a2badef9884

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
348
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=86400
cf-cache-status
HIT
cf-ray
7401d769b9192ad2-ORD
content-encoding
br
content-type
text/html
date
Thu, 25 Aug 2022 05:13:58 GMT
etag
W/"897f7a65224affa0d21e97e0f08f8e7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Fri, 26 Aug 2022 05:13:58 GMT
last-modified
Tue, 09 Aug 2022 09:09:49 GMT
server
cloudflare
vary
Accept-Encoding
x-goog-generation
1660036189350917
x-goog-hash
crc32c=TGIKUQ== md5=iX96ZSJK/6DSHpfg8I+Oew==
x-goog-metageneration
2
x-goog-storage-class
REGIONAL
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
15158
x-guploader-uploadid
ADPycdtgMcP5XgZs7RM9VQEMKEl55k5qAGep5Vr8_91utCTjWlo1IqgrG6afNSwZrGyPa4P1e5NtjUq-xZucFfHOuytRHQ
p
sb.scorecardresearch.com/ 		43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=8&c2=26817122&c3=$accountId&c7=$currentUrl&c9=$referrerUrl&cv=2.0&cj=1
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-90.jfk51.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
via
1.1 d3ab4cd494305c2d222c92f599e3c7c6.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
content-length
43
x-amz-cf-id
BPj556hvUfDb38deZvPV_Njq5LiBRa-iJOhl_0MiMKk0RJbazTjkGQ==
x-cache
Miss from cloudfront
content-type
image/gif
bid
c.amazon-adsystem.com/e/dtb/ Frame 5897 		691 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&pr=http%3A%2F%2Fsandramaria.online.anamarialopez.site%2F&pid=qMUzrejOm2WqO&cb=0&ws=300x250&v=22.8.42053&t=2000&slots=%5B%7B%22sd%22%3A%22%2F138871148%2Frevistaglamour.globo.com.dw.300x250%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F138871148%2C85042905%2Frevistaglamour.globo.com.dw.300x250%22%7D%5D&schain=1.0%2C1!hcodemedia.com%2C288%2C1%2C%2C%2C&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.192.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-192-196.bos50.r.cloudfront.net
Software
Server /
Resource Hash
1939b4a9daba0c2d497ea0cac9fd1caa10856603c66c3b271d2bd29c93dc91e7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
via
1.1 12142717248e0e7148a5c1a9151ab918.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
BOS50-C3
x-amz-rid
JQ3KE7Q9FFRRKSEGHVMN
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
691
x-amz-cf-id
6Awruym-J-aDI-Nqb7a7viRoygBUl9diyJbni68WMH3oY50jTledJw==
pubads_impl_2022081701.js
securepubads.g.doubleclick.net/gpt/ Frame 548E 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
sffe /
Resource Hash
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 01:10:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14596
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133512
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 08:37:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 25 Aug 2023 01:10:42 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 5897 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49907fa8e3c67675f143d2d13940ac5ebe29522c5feb70c570aab1e0c1fba2e3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
3312
x-amz-server-side-encryption
AES256
x-amz-request-id
XEGC476F1GD4ACGG
x-amz-id-2
a0iYJ4cyBa5mv3IHSJVQlt+mHFWV/bpv9LpgJWv1alxEWczYxMOlgJVaU3g01NwlIXnlEzm15ds=
last-modified
Tue, 23 Aug 2022 08:57:12 GMT
server
cloudflare
etag
W/"bc3c521f89b11aa48366adef8a4f24e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7401d76a1d772aba-ORD
cs
cs.lkqd.net/ Frame 43A1
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=726141dc-155d-42c4-8647-150879cac71e
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=726141dc-155d-42c4-8647-150879cac71e
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

date
Thu, 25 Aug 2022 05:13:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=726141dc-155d-42c4-8647-150879cac71e
cf-ray
7401d76afefe635d-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cs
cs.lkqd.net/ Frame 43A1
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4133760157365559211
43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4133760157365559211
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4133760157365559211
pragma
no-cache
date
Thu, 25 Aug 2022 05:13:57 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 43A1
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=DStGRj0VSaBPBl_Yc4F1YKdYB6I
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=DStGRj0VSaBPBl_Yc4F1YKdYB6I
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=DStGRj0VSaBPBl_Yc4F1YKdYB6I
Date
Thu, 25 Aug 2022 05:13:58 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
cs
cs.lkqd.net/ Frame 43A1
Redirect Chain
  • https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID
  • https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_5d3bfd0b-5cc9-4162-b30d-c3160311b330
43 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_5d3bfd0b-5cc9-4162-b30d-c3160311b330
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_5d3bfd0b-5cc9-4162-b30d-c3160311b330
date
Thu, 25 Aug 2022 05:13:58 GMT
via
1.1 google
server
WildFly/10
x-powered-by
Undertow/1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cm
p.rfihub.com/ Frame 43A1 		42 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?pub=35678&in=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
199.38.167.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:13:58 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
t
t.lkqd.net/ Frame C61E 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Thu, 25 Aug 2022 05:13:58 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid.js
ad.lkqd.net/vpaid/ Frame 1323 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1661404438.cds261.ch4.hn,1661404438.cds058.ch4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
t
t.lkqd.net/ Frame 6C3D 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Thu, 25 Aug 2022 05:13:58 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
bid
s.seedtag.com/c/tag/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/tag/bid
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.335008b7b27c404c8cd9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
f5cb3759e19705655ab24ec4cd015a0e2bfe6d49965d1b3b6ad88b068e72c2dc

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
content-encoding
gzip
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
etag
W/"cd6-A/DwbpuSmt1pnlY+iYShk+o5qhg"
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
bid
s.seedtag.com/c/tag/ 		17 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/tag/bid
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.335008b7b27c404c8cd9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
8d5031b445e9a734bb616a887293d7b79e4fdacb5258d59872c354e6755f2d45

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
content-encoding
gzip
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
etag
W/"45d2-7NbNmIgPJ+0L/svIgAUKGjq+1N8"
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 25 Aug 2022 05:13:58 GMT
server
nginx
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 25 Aug 2022 05:13:58 GMT
server
nginx
usync.html
eus.rubiconproject.com/ Frame 19E3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=seedtag&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 25 Aug 2022 05:13:58 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 25 Aug 2022 05:13:58 GMT
location
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
server
AkamaiGHost
CookieSync.html
csync.smartadserver.com/rtb/csync/ Frame 445B 		435 B
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8230 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
435
Content-Type
text/html
Date
Thu, 25 Aug 2022 05:13:58 GMT
ETag
"4b81e967df07d41c24270ccf669f7336:1645524912.090457"
Last-Modified
Tue, 22 Feb 2022 09:59:55 GMT
Server
AkamaiNetStorage
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9489 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.132.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-212.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=71310
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 25 Aug 2022 05:13:58 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 26 Aug 2022 01:02:28 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame B948
Redirect Chain
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1661404438252&pubconsent=&euconsent=&hasConsent=1
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1661404438252&pubconsent=&euconsent=&hasConsent=1&rd=1
2 KB
959 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1661404438252&pubconsent=&euconsent=&hasConsent=1&rd=1
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.211.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.211.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
447bc8ef2417813171bf8eeeb9ce80fb81b9ecf01ef886afa4e7fee13b7407c5

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 25 Aug 2022 05:13:58 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.2
vary
Accept-Encoding

Redirect headers

content-type
text/html; charset=UTF-8
date
Thu, 25 Aug 2022 05:13:58 GMT
location
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1661404438252&pubconsent=&euconsent=&hasConsent=1&rd=1
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.2
/
hde.tynt.com/deb/ Frame 9613
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
14d955815de13df65a984c62d09ab137bfea2b61d82d618cba305ccfd8af874b

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1808
content-type
text/html
date
Thu, 25 Aug 2022 05:13:57 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Thu, 25 Aug 2022 05:13:57 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
isync
visitor.omnitagjs.com/visitor/ Frame 806F 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
33996f376c957101342a144e53e499906d3e233b691f30d75c05be9ce79ad094
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1316
content-type
text/html; charset=UTF-8
date
Thu, 25 Aug 2022 05:13:58 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-usa02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
/
onetag-sys.com/usync/ Frame CBBF 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75601b04186d260
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.187 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip187.ip-51-222-39.net
Software
/
Resource Hash
72ef1fed88139c27162cd64c7029d145f1adcb6079f4edaa293a4492c14a029e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1444
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
s
s.seedtag.com/cs/st/ Frame 4C8A 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/st/s
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
appnexus
s.seedtag.com/cs/cookiesync/ Frame 4C8A
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fappnexus%3Fchanneluid%3D%24UID
  • https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=7412760816595641933
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=7412760816595641933
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H3
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:58 GMT
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
c38b4a20-60d3-46d1-bb09-aa4d4204647a
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=7412760816595641933
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
smart
s.seedtag.com/cs/cookiesync/ Frame 4C8A
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=3050&url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsmart%3Fchanneluid%3D%5Bsas_uid%5D
  • https://s.seedtag.com/cs/cookiesync/smart?channeluid=1526083351859992907
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/smart?channeluid=1526083351859992907
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H3
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/smart?channeluid=1526083351859992907
date
Thu, 25 Aug 2022 05:13:57 GMT
content-length
0
outbrain
s.seedtag.com/cs/cookiesync/ Frame 4C8A
Redirect Chain
  • https://b1sync.zemanta.com/usersync/seedtag?puid=&gdpr=0&gdpr_consent=&us_privacy=$USPCONSENT&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__
  • https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=&gdpr=0&us_privacy=$USPCONSENT
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=&gdpr=0&us_privacy=$USPCONSENT
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H3
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Location
https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=&gdpr=0&us_privacy=$USPCONSENT
Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
117
Content-Type
text/html; charset=utf-8
ttd
s.seedtag.com/cs/cookiesync/ Frame 4C8A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=5jrh0rv&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://s.seedtag.com/cs/cookiesync/ttd?channeluid=f392b494-04f1-4190-8b81-965c828ca97a
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/ttd?channeluid=f392b494-04f1-4190-8b81-965c828ca97a
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H3
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.seedtag.com/cs/cookiesync/ttd?channeluid=f392b494-04f1-4190-8b81-965c828ca97a
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
Bidswitch
s.seedtag.com/cs/cookiesync/ Frame 4C8A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=seedtag&user_id=&gdpr=0&gdpr_consent=&us_privacy=$USPCONSENT
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ce95d937-04dc-4d9f-a5f7-40c522420de0&ssp=seedtag&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10602036474860944696&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=35311a1f-8b8c-4ce6-925a-329ee2037a4d&ssp=seedtag&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10602036474860944696&ssp=seedtag&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=213520604254002659520&ssp=seedtag&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10602036474860944696&ssp=seedtag&gdpr=0&gdpr_consent=
  • https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=ce95d937-04dc-4d9f-a5f7-40c522420de0
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=ce95d937-04dc-4d9f-a5f7-40c522420de0
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H3
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Location
//s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=ce95d937-04dc-4d9f-a5f7-40c522420de0
Date
Thu, 25 Aug 2022 05:13:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
spotx
s.seedtag.com/cs/cookiesync/ Frame 4C8A
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8651&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fspotx%3Fchanneluid%3D%24SPOTX_USER_ID
  • https://s.seedtag.com/cs/cookiesync/spotx?channeluid=b7a4120e-2434-11ed-a1bf-1184b4c80503
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/spotx?channeluid=b7a4120e-2434-11ed-a1bf-1184b4c80503
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H3
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

date
Thu, 25 Aug 2022 05:13:58 GMT
location
https://s.seedtag.com/cs/cookiesync/spotx?channeluid=b7a4120e-2434-11ed-a1bf-1184b4c80503
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
416
content-length
0
/
sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/ Frame 4C8A
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Frichaudience%3Fchanneluid%3D%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcs.seedtag.com%2F
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fuid%3D[sas_uid]&gdpr_consent=&nwid=2441/
  • https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=1526083351859992907
95 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=1526083351859992907
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H2
Server
157.90.211.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.211.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=1526083351859992907
date
Thu, 25 Aug 2022 05:13:58 GMT
content-length
0
partner
sync.search.spotxchange.com/ Frame 4C8A
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=249286
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D&uid=CAESEFV7Cp-ELskG5BWWIaeo94g&google_cver=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=spotx&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.search.spotxchange.com/partner?adv_id=7028&uid=f392b494-04f1-4190-8b81-965c828ca97a&img=1
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1&gdpr=0&gdpr_consent=
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YwcFFQACNb5MfABN&img=1&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/sx?gdpr=0&gdpr_consent=
  • https://sync.search.spotxchange.com/partner?adv_id=8304&uid=AAD9KU7GDgoAABMQ-KCgjw&gdpr=0
  • https://sync.springserve.com/usersync?redirect_url=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D8876%26uid%3DSS_UUID
  • https://sync.search.spotxchange.com/partner?adv_id=8876&uid=af99dbf2-1628-441e-8880-4f6c398bdd41
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=44&gdpr=0&gdpr_consent=
  • https://sync.search.spotxchange.com/partner?adv_id=7308&uid=ac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=30&redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6653%26uid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://sync.search.spotxchange.com/partner?adv_id=6653&uid=b9936307-0516-4500-b3ae-7b63940e6617&gdpr=0&gdpr_consent=
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6653&uid=b9936307-0516-4500-b3ae-7b63940e6617&gdpr=0&gdpr_consent=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H2
Server
69.12.8.74 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
/
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
431
content-length
43

Redirect headers

Date
Thu, 25 Aug 2022 05:14:00 GMT
Server
MT3 4494 7cf1da7 master nrt-pixel-x7 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.search.spotxchange.com/partner?adv_id=6653&uid=b9936307-0516-4500-b3ae-7b63940e6617&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 25 Aug 2022 05:13:59 GMT
improvedigital
s.seedtag.com/cs/cookiesync/ Frame 4C8A
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D
  • https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=7a6a2a8e-bcf4-4ed3-9df8-974d3b475beb
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=7a6a2a8e-bcf4-4ed3-9df8-974d3b475beb
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H3
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=7a6a2a8e-bcf4-4ed3-9df8-974d3b475beb
date
Thu, 25 Aug 2022 05:13:58 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
indexexchange
s.seedtag.com/cs/cookiesync/ Frame 4C8A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191730&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D&s=191730&C=1
  • https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=YwcFFiEqvqgxgytikig15QAA%26468
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=YwcFFiEqvqgxgytikig15QAA%26468
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H3
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VOlxThukVfsyv%2FcQlxRAq6qH%2BUiMRz8u9paN9H5VLuNsEx5WkZzAiqcc9QhxQ0NnYXSini%2F4BCGthrKFzixbKqVNwjdTOzv80J4gcQ9Fv5IjFV9geyp8nJOuIPse79CPRRBaqVYhBDl4zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=YwcFFiEqvqgxgytikig15QAA%26468
cache-control
no-cache
cf-ray
7401d76cb923633c-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
verizon
s.seedtag.com/cs/cookiesync/ Frame 4C8A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58427/occ
  • https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-T4gubExE2uHl11yJqiA0EIqbv8Nl_EL6mCu_FFk-~A
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-T4gubExE2uHl11yJqiA0EIqbv8Nl_EL6mCu_FFk-~A
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H3
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-T4gubExE2uHl11yJqiA0EIqbv8Nl_EL6mCu_FFk-~A
date
Thu, 25 Aug 2022 05:13:58 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie
cm.adform.net/ Frame 4C8A 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fadform%3Fchanneluid%3D%24UID
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
server
nginx
content-length
43
content-type
image/gif
sovrn
s.seedtag.com/cs/cookiesync/ Frame 4C8A
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsovrn%3Fchanneluid%3D%24UID
  • https://s.seedtag.com/cs/cookiesync/sovrn?channeluid=FNAZaQZHODOZrd-dQ5WMojSM
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/sovrn?channeluid=FNAZaQZHODOZrd-dQ5WMojSM
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5773-7780-01&pc=BR
Protocol
H3
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Date
Thu, 25 Aug 2022 05:13:58 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://s.seedtag.com/cs/cookiesync/sovrn?channeluid=FNAZaQZHODOZrd-dQ5WMojSM
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
integrator.js
adservice.google.com/adsid/ Frame 5897 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=glamour.globo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 05:13:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 5897 		21 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3572886188714534&correlator=1612295147807137&eid=31068501%2C31069105&output=ldjh&gdfp_req=1&vrg=2022081701&ptt=17&impl=fifs&iu_parts=138871148%3A85042905%2Crevistaglamour.globo.com.dw.300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=2347996017&sfv=1-0-38&fsapi=false&prev_scp=pwtdeal_ias%3DPMP_-_42_-_93a61c1d70080b%26adt%3Dlow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26fr%3Dfalse%26id%3Db8e7030f-2434-11ed-a2df-028169c47751%26pwtsid%3D93a61c1d70080b%26pwtbst%3D1%26pwtecp%3D0.01%26pwtdid%3D42%26pwtpid%3Dias%26pwtpubid%3D157163%26pwtprofid%3D4985%26pwtverid%3D4%26pwtsz%3D100x200%26pwtplt%3Ddisplay%26amznbid%3D1k86gao%26amznp%3D1wn6a68%26amzniid%3DJDZYXOlSq4rmnOgKeCN5JUMAAAGC02vexwEAAAJYAQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICCAepfi%26amznsz%3D300x250%26hcmviewable%3Dtrue&eri=1&sc=1&cookie=ID%3D30e736b72b0b0c66%3AT%3D1661404436%3AS%3DALNI_MaoCUdUbaCtpccQN07eTXRHlmnhJQ&cdm=glamour.globo.com&gpic=UID%3D00000793bc6ce933%3AT%3D1661404436%3ART%3D1661404436%3AS%3DALNI_MYbg5l38fELvCgU8LxQ4747Wc03gw&arp=1&abxe=1&dt=1661404438301&lmt=1661404438&dlt=1661404437074&idt=397&adxs=892&adys=773&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=rdtgmmjctocw&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&top=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&frm=23&vis=1&psz=300x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1455757629.1661404436&ga_sid=1661404438&ga_hid=1136125606&ga_fc=true&a3p=EhUKCnVpZGFwaS5jb20Yt7Ovm60wSAASGwoMaWQ1LXN5bmMuY29tGPq2r5utMEgAUgIIahIaCg1jcndkY250cmwubmV0EgAY-bavm60wSAASOwoKcHViY2lkLm9yZxIkNDg1ZjA3ZDEtZDRkOS00M2YzLWE2YWQtYTAxYzgzMGM3MWNmGPy1r5utMEgAEj4KBW9wZW54EixleUpwSWpvaVZWcFZMM2wwZGtsVEwwZEtOVXM0ZVVkQ1FXZzNVVDA5SW4wPRjltq-brTBIAA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
95da462879060769029255b8a1819b52077133dbef9df22b15e9db0c07395d76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12227
x-xss-protection
0
google-lineitem-id
6071312053
pragma
no-cache
server
cafe
google-creative-id
612726143989
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5897 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
72def364e4a3a2bc432ca2bd27bac26fea170cf0b7b4ad29f6cacd7aedc950b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 05:13:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10959
x-xss-protection
0
container.html
9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 827E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 05:13:58 GMT
expires
Fri, 25 Aug 2023 05:13:58 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 548E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=glamour.globo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 05:13:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 548E 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1651489435537402&correlator=1272503674770311&output=ldjh&gdfp_req=1&vrg=2022081701&ptt=17&impl=fif&iu_parts=85042905%2Cglamour%2Cpassback&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x240%7C320x180%7C640x360%7C640x480&ifi=1&adks=1539729608&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3D30e736b72b0b0c66%3AT%3D1661404436%3AS%3DALNI_MaoCUdUbaCtpccQN07eTXRHlmnhJQ&cdm=glamour.globo.com&gpic=UID%3D00000793bc6ce933%3AT%3D1661404436%3ART%3D1661404436%3AS%3DALNI_MYbg5l38fELvCgU8LxQ4747Wc03gw&arp=1&abxe=1&dt=1661404438355&lmt=1661404438&dlt=1661404437872&idt=456&adxs=800&adys=2162&biw=1600&bih=1200&isw=1&ish=1&scr_x=0&scr_y=0&btvi=1&ucis=qjpszt7uuizb&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&top=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&frm=23&vis=1&psz=1x1&msz=1x0&fws=256&ohw=0&ea=0&ga_vid=1455757629.1661404436&ga_sid=1661404438&ga_hid=2083455678&ga_fc=true&a3p=EhUKCnVpZGFwaS5jb20Yt7Ovm60wSAASGwoMaWQ1LXN5bmMuY29tGPq2r5utMEgAUgIIahIaCg1jcndkY250cmwubmV0EgAY-bavm60wSAASOwoKcHViY2lkLm9yZxIkNDg1ZjA3ZDEtZDRkOS00M2YzLWE2YWQtYTAxYzgzMGM3MWNmGPy1r5utMEgAEj4KBW9wZW54EixleUpwSWpvaVZWcFZMM2wwZGtsVEwwZEtOVXM0ZVVkQ1FXZzNVVDA5SW4wPRjltq-brTBIAA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
d68124938cd0c2efbd1c4b893afcfc241f353b24351375c44ead1209d0e0e751
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12329
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 548E 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b88946b2661815a68a137a11dfc9d009c2c9d4792b66add708d039035281aa5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 05:13:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11138
x-xss-protection
0
container.html
3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6AAF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 05:13:58 GMT
expires
Fri, 25 Aug 2023 05:13:58 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
v1
lb.eu-1-id5-sync.com/lb/ Frame 5897 		33 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
deca07caa88b4bd74d4d085b34834757973f5f788e22335643157e6346767eff

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Thu, 25 Aug 2022 05:13:58 GMT
transfer-encoding
chunked
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
usync.html
ad.lkqd.net/cookie-sync/ Frame 8117 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Thu, 25 Aug 2022 05:13:58 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1661404438.cds261.ch4.hn,1661404438.cds008.ch4.c
ad
v.lkqd.net/ Frame 1323 		107 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1142899&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fglamour.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C61323%2C1%2C&c5=&c6=61323&rnd=62068053&m=&rtv=1&thost=glamour.globo.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
96eba94b807a6480c7491108ed3bdf99f5b62b6958e36955b33381bedb22e76e

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
7179
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1142899&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fglamour.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C61323%2C1%2C&c5=&c6=61323&rnd=62068053&m=&rtv=1&thost=glamour.globo.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Thu, 25 Aug 2022 05:13:58 GMT
server
nginx
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
iu3
s.amazon-adsystem.com/ Frame 0127
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&dcc=t
323 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
1d7f6ffcdfd27562629eec3440c52f50b2eb54b76e899a871c41a266c17664fa
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
323
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 25 Aug 2022 05:13:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
12CPDZAHHYJ052M8CVF3

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 25 Aug 2022 05:13:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&dcc=t
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
5AQ46C0BGNWA172M4GBV
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 806F
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2f...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=7412760816595641933&gdpr=0&gdpr_consent=
49 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=7412760816595641933&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:58 GMT
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
cec37353-1594-4ac1-aa56-56e4eae34117
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=7412760816595641933&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 806F
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26vis...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=7412760816595641933&gdpr=0&gdpr_consent=
49 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=7412760816595641933&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:58 GMT
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
4080b793-97fb-4804-a52d-a9811e5b7f1b
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=7412760816595641933&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ayl_pixel
api-2-0.spot.im/pixels/ Frame 806F 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-2-0.spot.im/pixels/ayl_pixel?ayl_id=5070ff59403a910c44a27bea31752fcb
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-105.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
via
1.1 177517a7a813d3db43efccb1bf2be96a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
x-amz-cf-id
Ys3b5RuldgZr-hVgd3UvYZdJK3H7MjnXIWs4BAQBCulT35OMYdsApQ==
x-cache
Miss from cloudfront
sync
visitor.omnitagjs.com/visitor/ Frame 806F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=adyoulike
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=adyoulike
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=2938986838554184882&ssp=adyoulike
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=ce95d937-04dc-4d9f-a5f7-40c522420de0&name=BIDSWITCH
49 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=ce95d937-04dc-4d9f-a5f7-40c522420de0&name=BIDSWITCH
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-type
image/gif
content-length
49
expires
0

Redirect headers

Location
//visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=ce95d937-04dc-4d9f-a5f7-40c522420de0&name=BIDSWITCH
Date
Thu, 25 Aug 2022 05:13:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
711333.gif
id.rlcdn.com/ Frame 806F 		42 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711333.gif?&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 05:13:58 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sync
visitor.omnitagjs.com/visitor/ Frame 806F
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=adyoulike
  • https://creativecdn.com/cm-notify?pi=adyoulike&tc=1
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=v9oQfujxQcoR0TJPtVBy&name=RTB_HOUSE&pi=adyoulike&tc=1
49 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=v9oQfujxQcoR0TJPtVBy&name=RTB_HOUSE&pi=adyoulike&tc=1
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=v9oQfujxQcoR0TJPtVBy&name=RTB_HOUSE&pi=adyoulike&tc=1
pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT, Thu, 25 Aug 2022 05:13:59 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 806F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/aul
  • https://match.prod.bidr.io/cookie-sync/aul?_bee_ppp=1
  • https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAD9KU7GDgoAABMQ-KCgjw&name=BEESWAX
49 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAD9KU7GDgoAABMQ-KCgjw&name=BEESWAX
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAD9KU7GDgoAABMQ-KCgjw&name=BEESWAX
Date
Thu, 25 Aug 2022 05:13:58 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
sync
visitor.omnitagjs.com/visitor/ Frame 806F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=f392b494-04f1-4190-8b81-965c828ca97a&name=THE_TRADE_DESK
49 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=f392b494-04f1-4190-8b81-965c828ca97a&name=THE_TRADE_DESK
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=f392b494-04f1-4190-8b81-965c828ca97a&name=THE_TRADE_DESK
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
319
sync
visitor.omnitagjs.com/visitor/ Frame 806F
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=49a415b1-b09f-4e1b-9d32-f3f5e3270315%20&gdpr_consent=null&gdpr=0
49 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=49a415b1-b09f-4e1b-9d32-f3f5e3270315%20&gdpr_consent=null&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-type
image/gif
content-length
49
expires
0

Redirect headers

date
Thu, 25 Aug 2022 05:13:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=49a415b1-b09f-4e1b-9d32-f3f5e3270315 &gdpr_consent=null&gdpr=0
cf-ray
7401d76d5df18753-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 806F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visit...
  • https://stags.bluekai.com/site/23178?id=ZkrtzuAFEUlvAYJ9b3aF&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33N...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGNZQW2ZJ5LJCU2QKOKRAV6...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=ZkrtzuAFEUlvAYJ9b3aF
49 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=ZkrtzuAFEUlvAYJ9b3aF
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:58 GMT
P3p
CP="We do not support P3P header."
Location
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=ZkrtzuAFEUlvAYJ9b3aF
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
192
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 806F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visitor%3...
  • https://stags.bluekai.com/site/23178?id=4BFK5PS6DwFZltdDeQ6H&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33N...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGNZQW2ZJ5LJCU2QKOKRAV6...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=4BFK5PS6DwFZltdDeQ6H
49 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=4BFK5PS6DwFZltdDeQ6H
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:58 GMT
P3p
CP="We do not support P3P header."
Location
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=4BFK5PS6DwFZltdDeQ6H
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
188
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 806F
Redirect Chain
  • https://sync.e-volution.ai/4460e88f3323cf4d9f4263656a846075.gif?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dfcd0c0bfff5af32579cdcdb6ff804bf8%26visitor%3D%5BUID%5D%26name%3Dev...
  • https://visitor.omnitagjs.com/visitor/sync?uid=fcd0c0bfff5af32579cdcdb6ff804bf8&visitor=13726d7f-6977-4550-a7db-0cdae1a573f6&name=evolution
49 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=fcd0c0bfff5af32579cdcdb6ff804bf8&visitor=13726d7f-6977-4550-a7db-0cdae1a573f6&name=evolution
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:58 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://visitor.omnitagjs.com/visitor/sync?uid=fcd0c0bfff5af32579cdcdb6ff804bf8&visitor=13726d7f-6977-4550-a7db-0cdae1a573f6&name=evolution
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 806F
Redirect Chain
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_user...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=080e220407f59d2375b542c5
49 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=080e220407f59d2375b542c5
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-type
image/gif
content-length
49
expires
0

Redirect headers

Location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=080e220407f59d2375b542c5
Date
Thu, 25 Aug 2022 05:13:58 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Powered-By
Express
Content-Length
0
Vary
Origin
sync
visitor.omnitagjs.com/visitor/ Frame 806F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-0d2b4646-3d15-49a0-4f06-5fd873817560$ip$167.88.7.162&name=STACKADAPT
49 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-0d2b4646-3d15-49a0-4f06-5fd873817560$ip$167.88.7.162&name=STACKADAPT
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-type
image/gif
content-length
49
expires
0

Redirect headers

Location
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-0d2b4646-3d15-49a0-4f06-5fd873817560$ip$167.88.7.162&name=STACKADAPT
Date
Thu, 25 Aug 2022 05:13:58 GMT
Connection
keep-alive
Content-Length
189
Content-Type
text/html; charset=utf-8
sync
visitor.omnitagjs.com/visitor/ Frame 806F
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3538&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=7ab967d40b91570ff51c4cdaa51fe5d6&name=FREEWHEEL&visitor=fe54cc25c25d36983adbdcfa7f1e5df
49 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=7ab967d40b91570ff51c4cdaa51fe5d6&name=FREEWHEEL&visitor=fe54cc25c25d36983adbdcfa7f1e5df
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
26
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:58 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://visitor.omnitagjs.com/visitor/sync?uid=7ab967d40b91570ff51c4cdaa51fe5d6&name=FREEWHEEL&visitor=fe54cc25c25d36983adbdcfa7f1e5df
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1661404438735035-52
sync
visitor.omnitagjs.com/visitor/ Frame 806F
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8778&redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D5a6dfefcb43521ff293762793ad668db%26visitor%3D%24SPOTX_USER_ID%26name%3DSPOTX
  • https://visitor.omnitagjs.com/visitor/sync?uid=5a6dfefcb43521ff293762793ad668db&visitor=b7a4120e-2434-11ed-a1bf-1184b4c80503&name=SPOTX
49 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=5a6dfefcb43521ff293762793ad668db&visitor=b7a4120e-2434-11ed-a1bf-1184b4c80503&name=SPOTX
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-type
image/gif
content-length
49
expires
0

Redirect headers

date
Thu, 25 Aug 2022 05:13:58 GMT
location
https://visitor.omnitagjs.com/visitor/sync?uid=5a6dfefcb43521ff293762793ad668db&visitor=b7a4120e-2434-11ed-a1bf-1184b4c80503&name=SPOTX
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
416
content-length
0
sync
visitor.omnitagjs.com/visitor/ Frame 806F
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=61ce30ab-3031-4665-ab46-6176ea45d255&name=BIDTELLECT
49 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=61ce30ab-3031-4665-ab46-6176ea45d255&name=BIDTELLECT
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
6
content-type
image/gif
content-length
49
expires
0

Redirect headers

x-servername
Track004-iad
pragma
no-cache
date
Thu, 25 Aug 2022 05:13:17 GMT
x-aspnetmvc-version
5.2
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
p3p
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
location
https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=61ce30ab-3031-4665-ab46-6176ea45d255&name=BIDTELLECT
cache-control
private,no-cache
content-type
text/html; charset=utf-8
content-length
265
expires
-1
activeview
pagead2.googlesyndication.com/pcs/ Frame 10D8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswdohyAv9pWO7RnmRdceX7hyPF_9KI7YGppL0QtQ_3EAaVLQOBmUdcdAKFJi0psZ-qB3Bi7Adnwc_6fIXCqmUx1ORnVwQDMIDcIxlJxt7FuhZpyjTR&sig=Cg0ArKJSzO0jaxMhAheMEAE&id=lidar2&mcvt=1057&p=90,315,340,1285&mtos=1057,1057,1057,1057,1057&tos=1057,0,0,0,0&v=20220824&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3229887313&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661404437089&rpt=325&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-PFW5FesqXn206.js
rules.quantcount.com/ Frame 6310 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-PFW5FesqXn206.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:2a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f5215e4227ed76a2060cb35ce90e6da2d5ae98c4502d09a79408f2e4d2dd2f3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:00:57 GMT
content-encoding
gzip
age
782
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Mon, 11 Jul 2022 10:44:34 GMT
server
AmazonS3
etag
W/"743328763e3cba2249436647403efc2e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 2772ea7c91d6d2b9d83ea6d082faecc8.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
EWR53-C2
x-amz-cf-id
WAJLvQ3LNSCTvcckk4jz_lrQK4SS7zgTKAmjinH0eP-Ol9ak1-GuLQ==
/
www.facebook.com/tr/ 		44 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=467226423720066&ev=PageView&dl=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&rl=http%3A%2F%2Fsandramaria.online.anamarialopez.site%2F&if=false&ts=1661404438531&sw=1600&sh=1200&v=2.9.77&r=stable&a=tmsalesforce&ec=0&o=30&fbp=fb.1.1661404438529.404171807&it=1661404437640&coo=false&rqm=GET
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Thu, 25 Aug 2022 05:13:58 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 9489 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=4003219&p=157743&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f7c0c573646a32a4e95e37cea152d051cf7edf71db72e26c051adb25b94f48d5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:57 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cmp.js
ced-ns.sascdn.com/diff/js/modules/ Frame 445B 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/modules/cmp.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:822b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b730ee413841da70b67f550de8ffce8148c3fd15dacc5274bd0b80bf18a44da7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:13:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Feb 2022 11:31:40 GMT
Server
AkamaiNetStorage
ETag
"49623d3e5c04865dd012dafa25c82381:1645098702.977678"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2929
CookieSync.min.js
csync.smartadserver.com/rtb/csync/ Frame 445B 		61 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/CookieSync.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8230 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8dca50fcee123f3c6e81f3f042a96d1b3e4ce967e2ee5eb1204a6f079a65ddd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:13:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Aug 2022 10:15:16 GMT
Server
AkamaiNetStorage
ETag
"c611f43a7b88bc8947b4b7a7aa506f8a:1660646051.99024"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13773
TemplatePool.min.js
csync.smartadserver.com/rtb/csync/ Frame 445B 		157 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/TemplatePool.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8230 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1994385f88f1ab4086932c27d8d94dc89d01d2fc4fdd728ed330551b491984b6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:13:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Aug 2022 10:15:16 GMT
Server
AkamaiNetStorage
ETag
"b29f1d71c9601bc84b16fa7c9c3ee2b7:1660646052.149943"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5036
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 548E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 25 Aug 2022 05:13:58 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5897 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 25 Aug 2022 05:13:58 GMT
sync.html
s.spotim.market/ Frame 0723 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.151.8.226 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
ac899d9b44c2bd38725c26a0276ef5b69954d9a8e6f59b44f1483373884acd6f

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://visitor.omnitagjs.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1009
Content-Type
text/html; charset=UTF-8
Date
Thu, 25 Aug 2022 05:13:58 GMT
Server
Adtelligent
X-Robots-Tag
noindex
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 99A4 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.132.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-212.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=71310
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 25 Aug 2022 05:13:58 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 26 Aug 2022 01:02:28 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame D579
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 25 Aug 2022 05:13:58 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 25 Aug 2022 05:13:58 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
server
AkamaiGHost
ssync.html
player.aniview.com/ssync/5e0e296628a061270b21ccab/ Frame DDE5 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/ssync/5e0e296628a061270b21ccab/ssync.html?pid=5e0e296628a061270b21ccab&r=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3De8ecb87ff2ef3a3b16ba16c51e7986ac%26visitor%3D%5BAV_UID%5D%26name%3DOPENWEB_VIDEO&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:5000:3a0::2c79 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
46e4dfa96644020484b012dc7d59fb17991401df9dc28cabe53f5c3b624b310a

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
no-transform, max-age=300
content-encoding
gzip
content-language
en
content-length
1388
content-type
text/html
date
Thu, 25 Aug 2022 05:13:58 GMT
etag
"33e83150082be3e380069462586bdaaf"
expires
Thu, 25 Aug 2022 05:18:58 GMT
last-modified
Tue, 31 May 2022 13:06:44 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1654002404084554
x-goog-hash
crc32c=KWHuZw== md5=M+gxUAgr4+OABpRiWGvarw==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
1388
x-guploader-uploadid
ADPycdu2O9OHwXJSu-Ba4Clh2Tt4z-sa5m8w5DuHxodMdZGCvzTI5NKYZbw_oYhdvcExBQiPLdBiPv7GbltR2Vlas-aFmLaazBzX
usync.html
eus.rubiconproject.com/ Frame A10E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 25 Aug 2022 05:13:58 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 25 Aug 2022 05:13:58 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
server
AkamaiGHost
sync
ssbsync.smartadserver.com/api/ Frame 046C 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.197 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
420ecb0d91b5220871480d2f240a7614939a4ebe7d3f30b67f521c2bd84b547a

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
1077
content-type
text/html
date
Thu, 25 Aug 2022 05:13:57 GMT
usync.js
eus.rubiconproject.com/ Frame 19E3 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ed05b379e16f99e991942612551f789ce3f82404bd8e0dfa0b0b16a5e800e9ca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:13:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 13:55:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36649
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9443
Expires
Thu, 25 Aug 2022 15:24:47 GMT
/
onetag-sys.com/match/ Frame CBBF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=b9936307-0516-4500-b3ae-7b63940e6617&gdpr=1&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=b9936307-0516-4500-b3ae-7b63940e6617&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
H2
Server
51.222.39.187 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip187.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 25 Aug 2022 05:13:58 GMT
Server
MT3 4494 7cf1da7 master nrt-pixel-x17 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=1&uid=b9936307-0516-4500-b3ae-7b63940e6617&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 25 Aug 2022 05:13:57 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame CBBF 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.80 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
49049ff336235ad60cb44abcb1cec1d6
Content-Type
image/gif
/
onetag-sys.com/match/ Frame CBBF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7412760816595641933
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7412760816595641933
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
H2
Server
51.222.39.187 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip187.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:58 GMT
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
75ffedea-3966-4cba-bfbc-3a321db21e36
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7412760816595641933
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame CBBF 		42 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=6mON_wj9cjVVAHwHbQc8chvp3hRGSuH1Uhy8wk7geOI
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4f2e9ddc15e6cc2c3861f8e2683d2514
Content-Type
image/gif
pixel
cm.g.doubleclick.net/ Frame CBBF
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgtNr4Jd20-r3Nd-_YE-r02yv7iWZPZ91Gg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgtNr4Jd20-r3Nd-_YE-r02yv7iWZPZ91Gg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgtNr4Jd20-r3Nd-_YE-r02yv7iWZPZ91Gg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame CBBF 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.182 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame CBBF
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=6mON_wj9cjVVAHwHbQc8chvp3hRGSuH1Uhy8wk7geOI
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=6mON_wj9cjVVAHwHbQc8chvp3hRGSuH1Uhy8wk7geOI
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:58 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
B9C2W8C8KC2PB5V6JB03
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=6mON_wj9cjVVAHwHbQc8chvp3hRGSuH1Uhy8wk7geOI
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame CBBF 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.11 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
content-length
0
/
onetag-sys.com/match/ Frame CBBF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESECkUQc7MQb3vaAN2yO4JSeQ&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESECkUQc7MQb3vaAN2yO4JSeQ&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
H2
Server
51.222.39.187 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip187.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESECkUQc7MQb3vaAN2yO4JSeQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame CBBF
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=60863dfcb0300d88&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdp...
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAEzq8HA9WfKgMI9uhdAAAAAAA&expiration=1661490838&is_secure=true
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAEzq8HA9WfKgMI9uhdAAAAAAA&expiration=1661490838&is_secure=true
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
H2
Server
51.222.39.187 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip187.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAEzq8HA9WfKgMI9uhdAAAAAAA&expiration=1661490838&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
occ
ups.analytics.yahoo.com/ups/58488/ Frame CBBF 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-90-66.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
server
ATS/9.1.10.25
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame CBBF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=f392b494-04f1-4190-8b81-965c828ca97a&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=f392b494-04f1-4190-8b81-965c828ca97a&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
H2
Server
51.222.39.187 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip187.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=f392b494-04f1-4190-8b81-965c828ca97a&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
233
sync
x.bidswitch.net/ Frame CBBF 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:13:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
onetag
s.seedtag.com/cs/cookiesync/ Frame CBBF 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/onetag?a=3&channeluid=6mON_wj9cjVVAHwHbQc8chvp3hRGSuH1Uhy8wk7geOI
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
t
t.lkqd.net/ Frame FC9A 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Thu, 25 Aug 2022 05:13:58 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 25 Aug 2022 05:13:58 GMT
server
nginx
usync.html
eus.rubiconproject.com/ Frame 395A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 25 Aug 2022 05:13:58 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 25 Aug 2022 05:13:58 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8A67
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1661404438471.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predire...
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.132.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-212.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=71310
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 25 Aug 2022 05:13:58 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 26 Aug 2022 01:02:28 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Thu, 25 Aug 2022 05:13:58 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP003
x-33x-status
40000000008200000A
33across
s.seedtag.com/cs/cookiesync/ Frame 9613
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1661404438471.&ri=0010b00002MptHCAAZ&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERI...
  • https://s.seedtag.com/cs/cookiesync/33across?channeluid=211953387054738
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/33across?channeluid=211953387054738
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H3
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://s.seedtag.com/cs/cookiesync/33across?channeluid=211953387054738
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 9613
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=the33across&bsw_param=ce95d937-04dc-4d9f-a5f7-40c522420de0&google_hm=Y2U5NWQ5MzctMDRkYy00ZDlmLWE1ZjctNDBjNTIyNDIw...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEIDBcEaPwoKFCl6lH1849VY&google_cver=1&ssp=the33across&bsw_param=ce95d937-04dc-4d9f-a5f7-40c522420de0
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=ce95d937-04dc-4d9f-a5f7-40c522420de0
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=ce95d937-04dc-4d9f-a5f7-40c522420de0&ts=1661404439&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=ce95d937-04dc-4d9f-a5f7-40c522420de0&ts=1661404439&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=ce95d937-04dc-4d9f-a5f7-40c522420de0&ts=1661404439&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 9613
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1661404438471.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=b9936307-0516-4500-b3ae-7b63940e6617
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=b9936307-0516-4500-b3ae-7b63940e6617
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Thu, 25 Aug 2022 05:13:58 GMT
Server
MT3 4494 7cf1da7 master nrt-pixel-x3 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=b9936307-0516-4500-b3ae-7b63940e6617
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 25 Aug 2022 05:13:57 GMT
match
events-ssc.33across.com/ Frame 9613
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-H2suebFE2uFmQvpVK.YNZK2pcDW85jNB~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-H2suebFE2uFmQvpVK.YNZK2pcDW85jNB%7EA&ts=1661404438&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-H2suebFE2uFmQvpVK.YNZK2pcDW85jNB%7EA&ts=1661404438&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-H2suebFE2uFmQvpVK.YNZK2pcDW85jNB%7EA&ts=1661404438&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 9613
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=321a8abee5440d88&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAInp0402VtUwMtOkq7AAAAAAA&expiration=1661490838&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAInp0402VtUwMtOkq7AAAAAAA&ts=1661404439&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAInp0402VtUwMtOkq7AAAAAAA&ts=1661404439&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAInp0402VtUwMtOkq7AAAAAAA&ts=1661404439&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cm
p.rfihub.com/ Frame 1323 		42 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?pub=35678&in=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
199.38.167.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:13:58 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
CookieSyncLKQD
rtb.adentifi.com/ Frame 1323 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncLKQD
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.179.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-179-133.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
cs
cs.lkqd.net/ Frame 1323
Redirect Chain
  • https://sync.1rx.io/usersync2/lkqd
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=540383273
  • https://sync.1rx.io/usersync/tradedesk/f392b494-04f1-4190-8b81-965c828ca97a
  • https://sync.targeting.unrulymedia.com/csync/RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D7%26partnerUserId%3DRX-7c4996e8-b3c4-49d8-8119-65a3c89fec...
  • https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Date
Thu, 25 Aug 2022 05:13:59 GMT
Server
Tengine
ETag
RX7c4996e8b3c449d8811965a3c89fecf6005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005
Connection
keep-alive
Content-Type
text/html
cs
cs.lkqd.net/ Frame 1323
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=lkqd
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=lkqd&bsw_custom_parameter=ce95d937-04dc-4d9f-a5f7-40c522420de0
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=lkqd&bsw_custom_parameter=ce95d937-04dc-4d9f-a5f7-40c522420de0
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=f968a81c-24b9-43f6-bccc-4d204b63a3c4&user_group=1&ssp=lkqd&bsw_param=ce95d937-04dc-4d9f-a5f7-40c522420de0
  • https://cs.lkqd.net/cs?partnerId=12&partnerUserId=ce95d937-04dc-4d9f-a5f7-40c522420de0&redirect=%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D43%26partnerUserId%3Dce95d937-04dc-4d9f-a5f7-40c522420de0%26redi...
  • https://cs.lkqd.net/cs?partnerId=43&partnerUserId=ce95d937-04dc-4d9f-a5f7-40c522420de0&redirect=//cs.lkqd.net/cs?partnerId%3D46%26partnerUserId%3Dce95d937-04dc-4d9f-a5f7-40c522420de0
  • https://cs.lkqd.net/cs?partnerId=46&partnerUserId=ce95d937-04dc-4d9f-a5f7-40c522420de0
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=46&partnerUserId=ce95d937-04dc-4d9f-a5f7-40c522420de0
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

date
Thu, 25 Aug 2022 05:14:00 GMT
server
nginx
location
//cs.lkqd.net/cs?partnerId=46&partnerUserId=ce95d937-04dc-4d9f-a5f7-40c522420de0
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame 1323
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D13%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=13&partnerUserId=49a415b1-b09f-4e1b-9d32-f3f5e3270315
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=13&partnerUserId=49a415b1-b09f-4e1b-9d32-f3f5e3270315
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

date
Thu, 25 Aug 2022 05:13:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://cs.lkqd.net/cs?partnerId=13&partnerUserId=49a415b1-b09f-4e1b-9d32-f3f5e3270315
cf-ray
7401d76dff5b8753-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cs
cs.lkqd.net/ Frame 1323
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=e0d6q5j&ttd_tpi=1
  • https://cs.lkqd.net/cs?partnerId=22&partnerUserId=f392b494-04f1-4190-8b81-965c828ca97a
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=22&partnerUserId=f392b494-04f1-4190-8b81-965c828ca97a
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.lkqd.net/cs?partnerId=22&partnerUserId=f392b494-04f1-4190-8b81-965c828ca97a
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
203
cs
cs.lkqd.net/ Frame 1323
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3162
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3162&s_h=1
  • https://cs.lkqd.net/cs?partnerId=23&partnerUserId=836fed23-7215-42d7-a9cd-46dcadc71f24
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=23&partnerUserId=836fed23-7215-42d7-a9cd-46dcadc71f24
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=23&partnerUserId=836fed23-7215-42d7-a9cd-46dcadc71f24
pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
us.php
gu.dyntrk.com/adx/lkqd/ Frame 1323 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent=
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
15.235.43.120 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5012071.ip-15-235-43.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
cs
cs.lkqd.net/ Frame 1323
Redirect Chain
  • https://media.sabio.us/imp_pixel?invsrc=11&secure=1
  • https://cs.lkqd.net/cs?partnerId=39&partnerUserId=3186156469227133224
43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=39&partnerUserId=3186156469227133224
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=39&partnerUserId=3186156469227133224
date
Thu, 25 Aug 2022 05:13:58 GMT
server
Apache/2.4.23 (Unix)
content-length
257
content-type
text/html; charset=iso-8859-1
/
loadm.exelator.com/load/ Frame 1323
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd&s_h=1
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=836fed23-7215-42d7-a9cd-46dcadc71f24&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1266
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/836fed23-7215-42d7-a9cd-46dcadc71f24/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=836fed23-7215-42d7-a9cd-46dcadc71f24?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1262
  • https://tags.bluekai.com/site/5379?id=836fed23-7215-42d7-a9cd-46dcadc71f24&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1263
  • https://loadm.exelator.com/load/?p=204&g=281&buid=836fed23-7215-42d7-a9cd-46dcadc71f24&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=281&buid=836fed23-7215-42d7-a9cd-46dcadc71f24&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
34.229.3.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-229-3-43.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:01 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

location
https://loadm.exelator.com/load/?p=204&g=281&buid=836fed23-7215-42d7-a9cd-46dcadc71f24&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265
pragma
no-cache
date
Thu, 25 Aug 2022 05:14:00 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
cs
cs.lkqd.net/ Frame 1323
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D
  • https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YwcFFQACNb5MfABN
43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YwcFFQACNb5MfABN
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
via
1.1 varnish
server
Varnish
x-timer
S1661404439.724560,VS0,VE0
x-served-by
cache-chi-kigq8000057-CHI
x-cache
HIT
location
https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YwcFFQACNb5MfABN
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
cs
cs.lkqd.net/ Frame 1323
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D53%26partnerUserId%3D%25%25VGUID%25%25
  • https://cs.lkqd.net/cs?partnerId=53&partnerUserId=Q6k5Ho6QyMMh&ev=1&pid=561322
43 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=53&partnerUserId=Q6k5Ho6QyMMh&ev=1&pid=561322
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://cs.lkqd.net/cs?partnerId=53&partnerUserId=Q6k5Ho6QyMMh&ev=1&pid=561322
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d7578d788-x8mpp
expires
-1
464986.gif
idsync.rlcdn.com/ Frame 1323 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/464986.gif?partner_uid=sTNI9fkRROA
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 05:13:58 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cs
cs.lkqd.net/ Frame 1323
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=c1ROSTlma1JST0E
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEI9GgYVgUKMu2vY45oqh87k&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEI9GgYVgUKMu2vY45oqh87k&google_cver=1
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEI9GgYVgUKMu2vY45oqh87k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs.lkqd.net/ Frame 1323
Redirect Chain
  • https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0
  • https://cs.lkqd.net/cs?partnerId=76&gdpr=0&partnerUserId=m2LBm51kwJqAM8ablDDcnM9lw5SAMJOYmmg8JMNc
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=76&gdpr=0&partnerUserId=m2LBm51kwJqAM8ablDDcnM9lw5SAMJOYmmg8JMNc
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://cs.lkqd.net/cs?partnerId=76&gdpr=0&partnerUserId=m2LBm51kwJqAM8ablDDcnM9lw5SAMJOYmmg8JMNc
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
cs
cs.lkqd.net/ Frame 1323
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/lkq
  • https://match.prod.bidr.io/cookie-sync/lkq?_bee_ppp=1
  • https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAD9KU7GDgoAABMQ-KCgjw
43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAD9KU7GDgoAABMQ-KCgjw
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAD9KU7GDgoAABMQ-KCgjw
Date
Thu, 25 Aug 2022 05:13:59 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
cs
cs.lkqd.net/ Frame 1323
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b30&u=sTNI9fkRROA&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24
  • https://s.tribalfusion.com/z/i.match?p=b30&u=sTNI9fkRROA&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24
  • https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662273532428326
43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662273532428326
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
930
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
7401d7706c6f291c-ORD
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662273532428326
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 1323
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=118
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=ac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2...
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=ac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553%26partner_url%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D97%2526partnerUserId%253Dac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
18.205.219.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-219-62.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.15.87
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=ac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553%26partner_url%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D97%2526partnerUserId%253Dac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
cs
cs.lkqd.net/ Frame 1323
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=v
  • https://s.ad.smaato.net/c/?adExInit=v&cookieCheck=1
  • https://cs.lkqd.net/cs?partnerId=109&partnerUserId=b4a6277b
43 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=b4a6277b
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

date
Thu, 25 Aug 2022 05:13:59 GMT
via
1.1 94452e9f76299393d245c2536c80f67e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=b4a6277b
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
thHUSbxjEDV5Oh8GUrERFGnnbhRmYILoNWBoo22sQ9kLGq3WSzBY5A==
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame E2E8 		67 B
680 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=13385887&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C3967907264519561346104295334%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:58 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1661404438679096-284
av
vidoomy-d.openx.net/v/1.0/ Frame E2E8 		48 B
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fglamour.globo.com%2F&cb=1034939621&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C4519561346104295334483518280,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://glamour.globo.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
245558
search.spotxchange.com/vast/2.0/ Frame E2E8 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/245558?VPAID=JS&content_page_url=http%3A%2F%2Fglamour.globo.com%2F&cb=1501182217&player_width=400&player_height=225&regs[gdpr]=0&device[geo][lat]=41.8879&device[geo][lon]=-88.1995&schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C14696575884519561346104295334%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.35.249.143 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
/
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
x-spotx-timing-transform
0.000356
x-spotx-timing-spotmarket
0.005157
x-spotx-timing-page-require
0.000391
x-fe
442
x-spotx-timing-page-misc
0.008651
x-spotx-timing-page-cookie
0.000030
x-spotx-timing-page
0.016198
pragma
no-cache
x-spotx-timing-page-context
0.001345
last-modified
Thu, 25 Aug 2022 05:13:59 GMT
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
x-spotx-timing-spotmarket-primary
0.005157
access-control-allow-methods
POST, GET, PATCH, DELETE, OPTIONS
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
x-spotx-timing-page-exception
0.000001
x-spotx-timing-spotmarket-secondary
0.000000
x-spotx-timing-page-uri
0.000011
x-spotx-timing-page-mux
0.000256
access-control-allow-headers
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
245554
search.spotxchange.com/vast/2.0/ Frame E2E8 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/245554?VPAID=JS&content_page_url=http%3A%2F%2Fglamour.globo.com%2F&cb=621238433&player_width=400&player_height=225&regs[gdpr]=0&device[geo][lat]=41.8879&device[geo][lon]=-88.1995&schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C20048585784519561346104295334%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.35.249.143 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
/
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
x-spotx-timing-transform
0.000276
x-spotx-timing-spotmarket
0.007097
x-spotx-timing-page-require
0.001216
x-fe
247
x-spotx-timing-page-misc
0.006212
x-spotx-timing-page-cookie
0.000026
x-spotx-timing-page
0.015802
pragma
no-cache
x-spotx-timing-page-context
0.000570
last-modified
Thu, 25 Aug 2022 05:13:59 GMT
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
x-spotx-timing-spotmarket-primary
0.007097
access-control-allow-methods
POST, GET, PATCH, DELETE, OPTIONS
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
x-spotx-timing-page-exception
0.000001
x-spotx-timing-spotmarket-secondary
0.000000
x-spotx-timing-page-uri
0.000013
x-spotx-timing-page-mux
0.000391
access-control-allow-headers
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame E2E8 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C7518571304519561346104295334,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
cf58bdb35ac79f27e6a0091929ac5881699abc820b245f1b6c3bf8bbdda45aa8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:58 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1661404438773086-300
/
x.vindicosuite.com/ Frame E2E8 		65 B
882 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.vindicosuite.com/?l=560976&t=x&rnd=1059371785&u=http%3A%2F%2Fglamour.globo.com%2F&r=http%3A%2F%2Fglamour.globo.com%2F&ip=167.88.7.162&mediaduration=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
204.236.186.35.bc.googleusercontent.com
Software
23bedf3be08dfe44fdd8a269043fb77218e182a5c5c86c11a38548e544aeab08 /
Resource Hash
5f91da25c24e6fb0fc2f6b18964b6bb696253b1d13fa9fa32ca8d27f60ec9fee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
via
1.1 google
server
23bedf3be08dfe44fdd8a269043fb77218e182a5c5c86c11a38548e544aeab08
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, HEAD, POST, TRACE, OPTIONS
p3p
CP="NOI DSP COR DEVa TAIa OUR BUS UNI NAV"
access-control-allow-origin
https://glamour.globo.com
cache-control
no-store,no-cache,must-revalidate,post-check=0,pre-check=0
access-control-allow-credentials
true
content-type
text/xml;charset=ISO-8859-1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Dec 1994 16:00:00 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame E2E8 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C45195613461042953341181753840%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
c186016eefec624345f9a5f597da56b9a88a71a6203130832390b3c0ad4cf0db

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:58 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1661404438772089-245
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame E2E8 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C45195613461042953341677298472%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
27ecb84024851b7f08ffd15abf24d565ddbee9af95907343a272563d28c8eab5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:58 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1661404438764090-256
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame E2E8 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C4519561346104295334954503608%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
a47e5ee9e8c6fbfd2879dcc9ef414a41dc5d6af8b108b0d6ae64929cfb59a900

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:58 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1661404438783078-253
vast.xml
video-ads.rubiconproject.com/video/24386/416676/2350390/203/ Frame E2E8 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/24386/416676/2350390/203/vast.xml?&p_aso.video.api=2&adtype=video&p_aso.video.maxduration=120&p_aso.video.protocols=5&rp_schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.3.125.24 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-125-24.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash
0520f9436ff654fccdd9d3c04c3393205ba92ff4c424dc694002163611e4a251

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:58 GMT
Content-Encoding
gzip
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By
PHP/5.4.16
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/xml
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
943
Expires
Thu, 25 Aug 2022 05:13:58 GMT
5007d44e-09d1-49b7-8c99-6b1cc38c3cbc
consumer.krxd.net/consent/get/ 		220 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_2
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ee67f6cfd9bda354307db25dca19b3b518c02b72f8e4d448012bd33734dd0cd8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a012-ash-prod.krxd.net, cache-chi-klot8100161-CHI
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1661404439.792726,VS0,VE27
content-length
185
x-cache-hits
0, 0
Rubicon
s.seedtag.com/cs/cookiesync/ Frame 19E3
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=seedtag&khaos=L78LAY60-1Y-88US
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=L78LAY60-1Y-88US
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=L78LAY60-1Y-88US
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
H3
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=L78LAY60-1Y-88US
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
d0cea2fb47f5ddedaddf61763f0aedb4
Expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C2C0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
47650
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 15:59:48 GMT
expires
Thu, 24 Aug 2023 15:59:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1DF9 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
608e686158f0d9ae5d0d9db20802a97d5e4eeb0821efcbb6f98794ea9cd91892
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Cg6iefjs0ATSVJ2NBeBpDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-Cg6iefjs0ATSVJ2NBeBpDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 05:13:58 GMT
expires
Thu, 25 Aug 2022 05:13:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
container.html
9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4BB2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 05:13:58 GMT
expires
Fri, 25 Aug 2023 05:13:58 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
996.json
id5-sync.com/g/v2/ Frame 5897 		450 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/996.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
eaff1eb94ac193ad50222292465d92d328b57691db58cc385eca26450eb27eb0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
transfer-encoding
chunked
esp.js
oa.openxcdn.net/ Frame 548E 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 03:03:27 GMT
content-encoding
gzip
age
1563031
x-guploader-uploadid
ADPycdv4G9mVDZANJkZaNPuq13JHazRDJvfj5XcrhE2EdVoX6gHMkmE6fteujGciMQPqRa5rRgpBTNAOnAVXHUnPylhtfw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-generation
1622140251693895
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 07 Aug 2023 03:03:27 GMT
publishertag.ids.js
static.criteo.net/js/ld/ Frame 548E 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
afa1d5bcfbc58ede9d71fd9eb2c5b53c369f05f3255ea4a36398be35b52979b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 07:20:46 GMT
server
nginx
etag
W/"62fb454e-9dbd"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 26 Aug 2022 05:13:58 GMT
container.html
3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 78E4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 05:13:59 GMT
expires
Fri, 25 Aug 2023 05:13:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel;r=2025359787;event=refresh;rf=0;a=p-PFW5FesqXn206;url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml;uht=2;fpan=1;f...
pixel.quantserve.com/ Frame 6310 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=2025359787;event=refresh;rf=0;a=p-PFW5FesqXn206;url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml;uht=2;fpan=1;fpa=P0-1780876739-1661404438907;pbc=adb2cfbd-24d8-4438-86a0-a35d6de93305;ns=1;ce=1;qjs=1;qv=26d71701-20220818164642;cm=;gdpr=0;ref=;d=globo.com;dst=0;et=1661404438907;tzo=0;ogl=
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 31DC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
47650
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 15:59:48 GMT
expires
Thu, 24 Aug 2023 15:59:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 73BE 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
07684a7403c7b6f263ba8903d12f80916926a6eb49c89eab3073e1d4fb51fd7d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qe-_356XfrrD3SWx_A0jFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-qe-_356XfrrD3SWx_A0jFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 05:13:58 GMT
expires
Thu, 25 Aug 2022 05:13:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usync.js
eus.rubiconproject.com/ Frame D579 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ed05b379e16f99e991942612551f789ce3f82404bd8e0dfa0b0b16a5e800e9ca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:13:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 13:55:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36649
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9443
Expires
Thu, 25 Aug 2022 15:24:47 GMT
pr
s.amazon-adsystem.com/v3/ Frame C469 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
d2824c32b4c7001e0444cd3295ee149234b415db7dbb51d82c58343e345d3a5f
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2356
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 25 Aug 2022 05:13:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
D2E3NGF3Z2Q407J20H7Y
usync.js
eus.rubiconproject.com/ Frame A10E 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ed05b379e16f99e991942612551f789ce3f82404bd8e0dfa0b0b16a5e800e9ca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:13:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 13:55:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36649
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9443
Expires
Thu, 25 Aug 2022 15:24:47 GMT
usync.js
eus.rubiconproject.com/ Frame 395A 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ed05b379e16f99e991942612551f789ce3f82404bd8e0dfa0b0b16a5e800e9ca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:13:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 13:55:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36649
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9443
Expires
Thu, 25 Aug 2022 15:24:47 GMT
tap.php
pixel.rubiconproject.com/ Frame 19E3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f392b494-04f1-4190-8b81-965c828ca97a&gdpr=0&gdpr_consent=&expires=30
42 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f392b494-04f1-4190-8b81-965c828ca97a&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f392b494-04f1-4190-8b81-965c828ca97a&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
pixel
cm.g.doubleclick.net/ Frame 19E3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc4TEFZNjAtMVktODhVUw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc4TEFZNjAtMVktODhVUw==
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc4TEFZNjAtMVktODhVUw==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c3b5432477546c086cd062707f625a76
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
esync
token.rubiconproject.com/ Frame 19E3
Redirect Chain
  • https://id.rlcdn.com/709414.gif
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 25 Aug 2022 05:13:58 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 19E3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/9Xttg-bKrYq9LQpqe5Rgdcn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1492735796315124983
42 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1492735796315124983
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
9a0c641c0479142b55591fdf2031b15f
Content-Type
image/gif

Redirect headers

date
Thu, 25 Aug 2022 05:13:59 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1492735796315124983
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
setuid
px.ads.linkedin.com/ Frame 19E3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L78LAY60-1Y-88US
0
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L78LAY60-1Y-88US
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 781BCA3F41EA4FF8915F995B9685197F Ref B: CHGEDGE1205 Ref C: 2022-08-25T05:13:59Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXnCd1vasuZ/fKp8F4Dow==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L78LAY60-1Y-88US
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 19E3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTFmN2U4NTFjNGMwNzM1YzQ5YTRlOTk0MzA3YzZhYWI0NDFjMTNlYw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTFmN2U4NTFjNGMwNzM1YzQ5YTRlOTk0MzA3YzZhYWI0NDFjMTNlYw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTFmN2U4NTFjNGMwNzM1YzQ5YTRlOTk0MzA3YzZhYWI0NDFjMTNlYw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d3682eda7e5cb79782b1d5475f50e8fc
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 19E3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECbhBv2KRW5KngDWRpgkxKM&google_cver=1
42 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECbhBv2KRW5KngDWRpgkxKM&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4f2e9ddc15e6cc2c3861f8e2683d2514
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECbhBv2KRW5KngDWRpgkxKM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 19E3
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=T7Fr36hJSV-c7vmsOng--Q&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=T7Fr36hJSV-c7vmsOng--Q
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=T7Fr36hJSV-c7vmsOng--Q
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:59 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
XBV22KPW1MD7XS15CRFX
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=T7Fr36hJSV-c7vmsOng--Q
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19c1ac3b9706c83a73951eba4d239689
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel.gif
beacon.krxd.net/ 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=J2lZajxx&_kpid=5007d44e-09d1-49b7-8c99-6b1cc38c3cbc&_kcp_s=Barra&_kcp_d=glamour.globo.com&_knifr=21&_kpref_=http%3A%2F%2Fsandramaria.online.anamarialopez.site%2F&_kua_kx_tz=0&geo_country=us&geo_region=ar&geo_dma=734&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_tech_browser=Chrome%2010&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=us&_kua_kx_geo_region=ar&_kua_kx_geo_dma=734&_kpa_meta_keywordsDELIM=%2C&_kpa_kx_context_terms=Nu7TTsTR%3A2%2CNu7TVOIg%3A1%2CNu7TTFG6%3A1%2CNu7TUsNK%3A1%2CNu7TXfT8%3A1%2CNu7TWVvS%3A1&t_navigation_type=0&t_dns=130&t_tcp=333&t_http_request=-1&t_http_response=492&t_content_ready=2283&t_window_load=0&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=xqasak8f2&userdata_user=PCeFolNw%2Cxqasak8f2&sview=2&kplt1=19929&kplt2=19930&kplt3=19936&kplt4=27202&kplt5=30153&kplt6=32767&kplt7=35254&kplt8=41931&kplt10=43632&kplt11=43900&kplt19=45407&kplt20=46183&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F5007d44e-09d1-49b7-8c99-6b1cc38c3cbc%2C40%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C28%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C29
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.228.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-228-175.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
cache-control
private, no-cache, no-store
x-request-time
D=42 t=1661404439
x-served-by
beacon-n024-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
match
c1.adform.net/serving/cookie/ Frame 0F61 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 25 Aug 2022 05:13:59 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 8B8C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YwcFFQACNb5MfABN&gdpr=0&gdpr_consent=
1 B
320 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YwcFFQACNb5MfABN&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 25 Aug 2022 05:13:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 25 Aug 2022 05:13:59 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YwcFFQACNb5MfABN&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-chi-kigq8000057-CHI
x-timer
S1661404439.014745,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame 45D3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b9936307-0516-4500-b3ae-7b63940e6617&gdpr=0&gdpr_consent=
42 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b9936307-0516-4500-b3ae-7b63940e6617&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 25 Aug 2022 05:13:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 25 Aug 2022 05:13:59 GMT
Expires
Thu, 25 Aug 2022 05:13:58 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4494 7cf1da7 master nrt-pixel-x14 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b9936307-0516-4500-b3ae-7b63940e6617&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 1386
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEOUtVN0dEZ29BQUJNUS1LQ2dqdw&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAD9KU7GDgoAABMQ-KCgjw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_current_partn...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas,pp,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD9KU7GDgoAABMQ-KCgjw
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD9KU7GDgoAABMQ-KCgjw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 25 Aug 2022 05:13:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 25 Aug 2022 05:13:59 GMT
Server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD9KU7GDgoAABMQ-KCgjw
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame CD8C
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=b9bcf920-2434-11ed-9deb-2ee29163ff26
42 B
244 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=b9bcf920-2434-11ed-9deb-2ee29163ff26
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 25 Aug 2022 05:13:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 25 Aug 2022 05:13:59 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=b9bcf920-2434-11ed-9deb-2ee29163ff26
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
lga-delivery-1
server
Cowboy
141
match.deepintent.com/usersync/ Frame 4BAA 		0
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Thu, 25 Aug 2022 05:13:58 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
c
Pug
simage2.pubmatic.com/AdServer/ Frame 7D44
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 25 Aug 2022 05:13:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 05:13:58 GMT
expires
Thu, 25 Aug 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1208342
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame AC64
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=DStGRj0VSaBPBl_Yc4F1YKdYB6I
42 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=DStGRj0VSaBPBl_Yc4F1YKdYB6I
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 24 Aug 2022 15:51:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Thu, 25 Aug 2022 05:13:59 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=DStGRj0VSaBPBl_Yc4F1YKdYB6I
Pug
simage2.pubmatic.com/AdServer/ Frame ECAA
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:iEZ61Qhz1Or5bN5&gdpr=0&gdpr_consent=
42 B
196 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:iEZ61Qhz1Or5bN5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 25 Aug 2022 05:13:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 25 Aug 2022 05:13:58 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:iEZ61Qhz1Or5bN5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-05d71c89e4f6d82d8@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 0EE2
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=688269761907
42 B
190 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=688269761907
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 25 Aug 2022 05:13:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=688269761907
i.match
s.tribalfusion.com/z/ Frame 0804
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
421 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7401d7706c6e291c-ORD
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 25 Aug 2022 05:13:59 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7401d76fdb8f291c-ORD
content-type
text/html
date
Thu, 25 Aug 2022 05:13:59 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
3701
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame E360
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=dc4f063f-f7b8-45c6-a293-d1cc572e3038&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4
42 B
493 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.243.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-243-57.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Thu, 25 Aug 2022 05:13:59 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 25 Aug 2022 05:13:59 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
csync
sync.spotim.market/ Frame 54AE
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005&rndcb=3959895559
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=adconductor&bsw_custom_parameter=ce95d937-04dc-4d9f-a5f7-40c522420de0
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=ce95d937-04dc-4d9f-a5f7-40c522420de0&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=35311a1f-8b8c-4ce6-925a-329ee2037a4d%252Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D393%2526user_id%253D...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f392b494-04f1-4190-8b81-965c828ca97a&ttd_puid=35311a1f-8b8c-4ce6-925a-329ee2037a4d%2Chttps%3A%2F%2Fx.bidswitch.net%2Fsync...
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=adconductor&bsw_param=ce95d937-04dc-4d9f-a5f7-40c522420de0
  • https://sync.1rx.io/usersync/bidswitch/ce95d937-04dc-4d9f-a5f7-40c522420de0?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D708476%26extuid%3DRX-7c4996e8-b3c4-49d8-8119-6...
  • https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
0
Date
Thu, 25 Aug 2022 05:13:59 GMT
Etag
26228ea582814d32
Server
Adtelligent

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Thu, 25 Aug 2022 05:13:59 GMT
ETag
RX7c4996e8b3c449d8811965a3c89fecf6005
Location
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Server
Tengine
Transfer-Encoding
chunked
Pug
simage2.pubmatic.com/AdServer/ Frame 7196
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 24 Aug 2022 16:53:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7401d76fdadc8753-ORD
content-length
0
date
Thu, 25 Aug 2022 05:13:59 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
server
cloudflare
Pug
simage2.pubmatic.com/AdServer/ Frame E4D9
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7146908391105684336&uid=Q714690839110568...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7146908391105684336
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7146908391105684336
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 25 Aug 2022 05:13:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=38873
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Thu, 25 Aug 2022 05:13:59 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7146908391105684336
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
pubmatic
s.seedtag.com/cs/cookiesync/ Frame 87A0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/cs/cookiesync/pubmatic?channeluid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 25 Aug 2022 05:13:59 GMT
server
nginx
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9489
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Fsay_w7nSxqLjFcGg-xXxA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
184.29.132.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-212.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=71309
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Fri, 26 Aug 2022 01:02:28 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
usermatch.krxd.net/um/ Frame 9489
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4
  • https://pippio.com/api/sync?pid=5324&it=1&iv=a643c133815814059bf820cefad24df11989064d79f0e9e445365b2e8eb945f7791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBhNjQzYzEzMzgxNTgxNDA1OWJmODIwY2VmYWQyNGRmMTE5ODkwNjRkNzlmMGU5ZTQ0NTM2NWIyZThlYjk0NWY3NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBhNjQzYzEzMzgxNTgxNDA1OWJmODIwY2VmYWQyNGRmMTE5ODkwNjRkNzlmMGU5ZTQ0NTM2NWIyZThlYjk0NWY3NzkxNDI2YjU0MTdkY2UyMRAAGgwIl4qcmAYSBAgCEABCAEoA&goog...
  • https://usermatch.krxd.net/um/v2?partner=liveramp_identity
20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usermatch.krxd.net/um/v2?partner=liveramp_identity
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
52.20.189.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-189-152.compute-1.amazonaws.com
Software
/
Resource Hash
3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
x-age
0
content-length
20
content-type
text/plain; charset=utf-8
x-served-by
usermatch-a005-ash-prod.krxd.net
x-cache
MISS
x-cache-hits
0

Redirect headers

date
Thu, 25 Aug 2022 05:13:59 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://usermatch.krxd.net/um/v2?partner=liveramp_identity
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame 9489
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b9936307-0516-4500-b3ae-7b63940e6617
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b9936307-0516-4500-b3ae-7b63940e6617
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 25 Aug 2022 05:13:59 GMT
Server
MT3 4494 7cf1da7 master nrt-pixel-x6 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b9936307-0516-4500-b3ae-7b63940e6617
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 25 Aug 2022 05:13:58 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9489
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTZDNkIyRkYtMEVFNy00QjFBLThCOEMtNTcwNjgzRUM1N0M0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9489
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENLEqg5jVyahLHe9rFjerEc&google_cver=1
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENLEqg5jVyahLHe9rFjerEc&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENLEqg5jVyahLHe9rFjerEc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9489
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3E9CCFB3269E467B9622CCC5F9172B9A
42 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3E9CCFB3269E467B9622CCC5F9172B9A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Thu, 25 Aug 2022 05:13:59 GMT
x-content-type-options
nosniff
server
openresty
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3E9CCFB3269E467B9622CCC5F9172B9A
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 24 Aug 2022 05:13:59 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9489
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4133760157365559211&gdpr=0&gdpr_consent=&us_privacy=
1 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4133760157365559211&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 17:40:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4133760157365559211&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 9489
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f392b494-04f1-4190-8b81-965c828ca97a
42 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f392b494-04f1-4190-8b81-965c828ca97a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f392b494-04f1-4190-8b81-965c828ca97a
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9489 		43 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:453e:66f9:9eff:3281 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 9489
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-IXMmn81E2uXH3eBjYY2nll3KiJ6lpC4-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-IXMmn81E2uXH3eBjYY2nll3KiJ6lpC4-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-IXMmn81E2uXH3eBjYY2nll3KiJ6lpC4-~A&gdpr=0&gdpr_consent=
date
Thu, 25 Aug 2022 05:13:59 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 9489
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3b6c1c42bb8d0d88&is_secure=true&networkId=17100&version=1&nuid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAEzq8HA9WfNwNAS1JfAAAAAAA&expiration=1661490839&nuid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4&...
42 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAEzq8HA9WfNwNAS1JfAAAAAAA&expiration=1661490839&nuid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 16:53:49 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAEzq8HA9WfNwNAS1JfAAAAAAA&expiration=1661490839&nuid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 9489
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=aLjWWm6-11tz6dFaZ-rLXTy_1FVz6oRZabKDRwhB
42 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=aLjWWm6-11tz6dFaZ-rLXTy_1FVz6oRZabKDRwhB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=aLjWWm6-11tz6dFaZ-rLXTy_1FVz6oRZabKDRwhB
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9489
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4c12d306-7bd7-45ec-a97a-8304a6a92f40&gdpr=0&gdpr_consent=
1 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4c12d306-7bd7-45ec-a97a-8304a6a92f40&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4c12d306-7bd7-45ec-a97a-8304a6a92f40&gdpr=0&gdpr_consent=
Date
Thu, 25 Aug 2022 05:13:59 GMT
X-CI-RTID
f5f70f71-2e50-43c9-a8a0-924d7c669ee0
Connection
keep-alive
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
image2.pubmatic.com/AdServer/ Frame 9489
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7412760816595641933&gdpr=0&gdpr_consent=
42 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7412760816595641933&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:59 GMT
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
3ee9856d-e11d-452f-9317-6bc103438f88
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7412760816595641933&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 9489 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.179.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-179-133.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9489
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=ac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553&gdpr=0&gdpr_consent=
42 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=ac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=ac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sn.ashx
pmp.mxptint.net/ Frame 9489
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B342_F5267841_E6DDDAF5&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
HTTP/1.1
Server
204.2.255.233 Fort Lauderdale, United States, ASN2914 (NTT-LTD-2914, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-344391239; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:58 GMT
Cache-Control
no-cache
Expires
-1
Content-Length
43
Strict-Transport-Security
max-age=-344391239; includeSubDomains
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Wed, 24 Aug 2022 16:10:17 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 9489
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=ce95d937-04dc-4d9f-a5f7-40c522420de0
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=ac760d52-1f1a-400d-96a6-ce79bebf6dfd&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ce95d937-04dc-4d9f-a5f7-40c522420de0&gdpr=&gdpr_consent=&gdpr_pd=
1 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ce95d937-04dc-4d9f-a5f7-40c522420de0&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 15:48:36 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ce95d937-04dc-4d9f-a5f7-40c522420de0&gdpr=&gdpr_consent=&gdpr_pd=
Date
Thu, 25 Aug 2022 05:13:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9489
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2938986838554184882
42 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2938986838554184882
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 15:48:36 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2938986838554184882
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sync
visitor.omnitagjs.com/visitor/ Frame DDE5
Redirect Chain
  • https://sync.aniview.com/ssync?pid=5e0e296628a061270b21ccab&r=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3De8ecb87ff2ef3a3b16ba16c51e7986ac%26visitor%3D%5BAV_UID%5D%26name%3DOPENWEB...
  • https://visitor.omnitagjs.com/visitor/sync?uid=e8ecb87ff2ef3a3b16ba16c51e7986ac&visitor=57064f8d-a433-4deb-abfa-d29f4601b0af&name=OPENWEB_VIDEO
49 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=e8ecb87ff2ef3a3b16ba16c51e7986ac&visitor=57064f8d-a433-4deb-abfa-d29f4601b0af&name=OPENWEB_VIDEO
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/ssync/5e0e296628a061270b21ccab/ssync.html?pid=5e0e296628a061270b21ccab&r=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3De8ecb87ff2ef3a3b16ba16c51e7986ac%26visitor%3D%5BAV_UID%5D%26name%3DOPENWEB_VIDEO&gdpr=0&gdpr_consent=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://player.aniview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=e8ecb87ff2ef3a3b16ba16c51e7986ac&visitor=57064f8d-a433-4deb-abfa-d29f4601b0af&name=OPENWEB_VIDEO
date
Thu, 25 Aug 2022 05:13:59 GMT
content-length
174
content-type
text/html; charset=utf-8
activeview
pagead2.googlesyndication.com/pcs/ Frame 5897 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstESLoGRe09DxHNXfv4uDy44GLvKUFl79NVXQFcU9gRLEedxO009fwGsDdBXV39-EbUQAR2o5079mlR2ZcWGe_bFpqLoBrLQ0_t14VmESvTIGXmzB1s&sig=Cg0ArKJSzEAv0L7kNu_xEAE&id=lidar2&mcvt=1082&p=773,892,1023,1192&mtos=1082,1082,1082,1082,1082&tos=1082,0,0,0,0&v=20220824&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3576296953&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661404437074&rpt=893&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 046C 		49 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=9276a8c8d010b77af50144c60047b781&visitor=1526083351859992907&name=SMARTADSERVER&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-type
image/gif
content-length
49
expires
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 046C
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fdcm%3Fpid%3Df7a5db36-1d5c-4c26-81b6-b4d0807faffb%26id%3D...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=1526083351859992907&gdpr=0&gdpr_consent=
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=1526083351859992907&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:59 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
EATAB5YR6GZ91RBFDPT4
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=1526083351859992907&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame 046C
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MTUyNjA4MzM1MTg1OTk5MjkwNw==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEHtnxbRFVyOM6Nn2N7ZkwhA&gdpr=0&gdpr_consent=&google_cver=1
43 B
503 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEHtnxbRFVyOM6Nn2N7ZkwhA&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.199 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEHtnxbRFVyOM6Nn2N7ZkwhA&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 046C
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=7412760816595641933&gdpr=0&gdpr_consent=
43 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=7412760816595641933&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.199 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:59 GMT
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
4f3ce520-5095-4cd2-aa23-80ed200f3e30
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=7412760816595641933&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 046C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=b9936307-0516-4500-b3ae-7b63940e6617&gdpr=0&gdpr_consent=
43 B
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=b9936307-0516-4500-b3ae-7b63940e6617&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.199 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Thu, 25 Aug 2022 05:13:59 GMT
Server
MT3 4494 7cf1da7 master nrt-pixel-x16 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=b9936307-0516-4500-b3ae-7b63940e6617&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 25 Aug 2022 05:13:58 GMT
/
sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/ Frame B948
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fuid%3D[sas_uid]&gdpr_consent=&nwid=2441/
  • https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=1526083351859992907
95 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=1526083351859992907
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1661404438252&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Server
157.90.211.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.211.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=1526083351859992907
date
Thu, 25 Aug 2022 05:13:58 GMT
content-length
0
/
sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/ Frame B948
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.richaudience.com%2Fa939d25b950298d0a5d324cea4fcd3d1%2F%3Fuid%3D$UID
  • https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=7412760816595641933
95 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=7412760816595641933
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1661404438252&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Server
157.90.211.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.211.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:59 GMT
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
fa74d20e-124d-4207-b626-b7cf24fd7caa
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=7412760816595641933
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
155.gif
id5-sync.com/k/ Frame B948
Redirect Chain
  • https://id5-sync.com/s/286/9.gif?puid=05f21773-f47a-411e-9835-1zz1661404438&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.richaudience.com%2Fa6c163b098d05a413cd1682e26fae172%2F%3Fuid%3D%7BID5UID%7D
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAD9KU7GDgoAABMQ-KCgjw
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAD9KU7GDgoAABMQ-KCgjw
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1661404438252&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
HTTP/1.1
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/html;charset=utf-8

Redirect headers

location
https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAD9KU7GDgoAABMQ-KCgjw
Date
Thu, 25 Aug 2022 05:13:59 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 25 Aug 2022 05:13:59 GMT
server
nginx
t
t.lkqd.net/ Frame FC9A 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Thu, 25 Aug 2022 05:13:59 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 7072 		342 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:13:59 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1661404439.dop185.ch4.t,1661404439.cds206.ch4.shn,1661404439.cds206.ch4.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
117960
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame D579
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&khaos=L78LAY60-1Y-88US
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=L78LAY60-1Y-88US&name=RUBICON
49 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=L78LAY60-1Y-88US&name=RUBICON
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=L78LAY60-1Y-88US&name=RUBICON
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
49049ff336235ad60cb44abcb1cec1d6
Expires
0
ecm3
s.amazon-adsystem.com/ Frame C469
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=b4a6277b
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=b4a6277b
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:59 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
3QSRQCVENFRJW7BQM5JR
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 25 Aug 2022 05:13:59 GMT
via
1.1 94452e9f76299393d245c2536c80f67e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=b4a6277b
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
DGN-96ceSVnorHLxM6-U7gxYwN1R671DClaFmzK2MwSknAWiVFCfug==
ecm3
s.amazon-adsystem.com/ Frame C469
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=3E9CCFB3269E467B9622CCC5F9172B9A&ex=simpli.fi&status=ok
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=3E9CCFB3269E467B9622CCC5F9172B9A&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:59 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
E77ESAPQG07QBFN1G9K4
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 25 Aug 2022 05:13:59 GMT
x-content-type-options
nosniff
server
openresty
location
https://s.amazon-adsystem.com/ecm3?id=3E9CCFB3269E467B9622CCC5F9172B9A&ex=simpli.fi&status=ok
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 24 Aug 2022 05:13:59 GMT
ecm3
s.amazon-adsystem.com/ Frame C469
Redirect Chain
  • https://jadserve.postrelease.com/suid/101959?ntv_r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dnativo.com%26id%3DNTV_USER_ID
  • https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=9adff691-ed5d-479d-b514-d1110f5a2550
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=9adff691-ed5d-479d-b514-d1110f5a2550
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:59 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
MDYTMWKNW0RER2T2035H
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
server
nginx/1.12.1
location
https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=9adff691-ed5d-479d-b514-d1110f5a2550
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
match
events-ssc.33across.com/ Frame 395A
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=L78LAY60-1Y-88US
  • https://ssc-cms.33across.com/ps/?xi=1&xu=L78LAY60-1Y-88US
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L78LAY60-1Y-88US&ts=1661404439&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L78LAY60-1Y-88US&ts=1661404439&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L78LAY60-1Y-88US&ts=1661404439&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
/
www.facebook.com/tr/ Frame DB9F 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://glamour.globo.com
Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://glamour.globo.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 05:13:59 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
amzns2s
rtb.gumgum.com/usync/ Frame 1A8A 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.69.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-69-179.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b0ca902c44b9c455950e0db8e9bfed5d88031b0154ac706308126ed5f0dbf32c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 25 Aug 2022 05:13:59 GMT
etag
W/"0a05cec075fe5949612d675283df0ca16"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame ABA5 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86f20e359c4ba7d6ba69f7d87a037fef0b2643cc3d155815cc1605805b4ece31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7401d7718ed2633c-ORD
content-encoding
br
content-type
text/html
date
Thu, 25 Aug 2022 05:13:59 GMT
dropped-udsids
39|45|241|230|17|11|206|40
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDOzvreArLkC3t5nYzEbkvQfsLTshhJe9OCw8EVlh3epQO9KFrAiSZK8E%2Fzqow56H3KHVR%2F3sNowGQpqJBzFghf%2BsdnkpbUyudyNYqHz66QgQHjKJ61Zb375r180deG0ShWm0j3yPfOBUg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
/
match.sharethrough.com/jwumXNuB/v1/ Frame 0FE6 		427 B
612 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.87.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-87-113.compute-1.amazonaws.com
Software
/
Resource Hash
46ae652f994d656ab54365625c687e0d76e9dd8f486246a5f5ce66b1ee49264a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
427
date
Thu, 25 Aug 2022 05:13:59 GMT
visitormatch
bh.contextweb.com/ Frame CBD3 		828 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
9a4370d6bf5026903a0d9f02c5b594c552a66e7568317edb204858a107150567
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
content-length
828
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-6d7578d788-x8mpp
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
ecm3
s.amazon-adsystem.com/ Frame E215
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=6787ac86c57e0c8f&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAEdjib_cKtugMRVkoTAAAAAAA&expiration=1661490839&is_secure=true
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAEdjib_cKtugMRVkoTAAAAAAA&expiration=1661490839&is_secure=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 25 Aug 2022 05:13:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
CTT8QM05VX1J6Z0SGS5S

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Thu, 25 Aug 2022 05:13:59 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAEdjib_cKtugMRVkoTAAAAAAA&expiration=1661490839&is_secure=true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
ecm3
s.amazon-adsystem.com/ Frame 043A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=7412760816595641933&ex=appnexus.com
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=7412760816595641933&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 25 Aug 2022 05:13:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
1WM2EBERF19GY0WFQK27

Redirect headers

AN-X-Request-Uuid
5c96ec86-505a-435a-bb3f-b0eb8f3cb1a7
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Thu, 25 Aug 2022 05:13:59 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=7412760816595641933&ex=appnexus.com
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
ecm3
s.amazon-adsystem.com/ Frame 61FE
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2850636057255575426400
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2850636057255575426400
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-simpli.fi_ppt_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 25 Aug 2022 05:13:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
GBQRGY17YR2S90SRZ7FF

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 25 Aug 2022 05:13:59 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2850636057255575426400
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 887C 		624 B
733 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEJvK6wEYv43-zwEwAQ&v=APEucNWxJ5CX9m3RSWI3M5jFZtisr7goeH1Hj20bduRzK40I2gL3YzdvdWhQFD0WTj0FbUZ7eS9Or1wJlw6fTBzjxGma6aUkMg
Requested by
Host: 9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com
URL: https://9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 05:13:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 4BB2 		49 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWrecHM4KXw0RYSoZJZ-XRql5t5QfjZngzAExTJAthGohIWxZqaKk7m0RPPCrIZQYrn7sxwpAX8v957jRGW45rjsto1id6LeV3z8-i28hDreo6hOA3GxUCTq9mG9LmZQEsOOa85ZgSNnQpzRNcCc_vwgelJQ&dbm_d=AKAmf-CNMEGfe_wChdtkFLgintQ2qGPXIq8N9ExM6TytY8zjLTlhi_mEVNU0mB0cITYGGEgubLfHkZiReNCmEjZzvCLVhB4kKQ3AGDZrvNoBieKeyOH7t30-posGq7jFdJxzGeP_oeqK8gGHmKhj4WlrLgLwcQiSC3D6CePkZwg_3ecRDDp3z6f0tdDMtNtAWkZd72-VnqJCUpE0fem5yyWH8pNAzVMY7AhZlWQ55w0NUmG1vQWrLnlafOkDWZWYXETJqIsywvpeQ7YD9cBwjeR3rV5lUlAE_Q9ioeDAExV6wekomiyJkEln-7XSsNdEV7ds0DdxMHcfOCAYnkECS_vtFzBe9fxn0QLJvjwTq5__wgAcHyMzB-trLJ5BpLtbEbz6CdbYAHypNsWKSmA0qrcbUcWksaoZffijqVJPbB1JSjhZF5O4Zob8HS73NLepAM92Xw1mnQdOIPzTscTsbIqAdSGfSKjB_4YcBvL2gSykkhBzQxOhoRjKyt0xY41UIoPhdnw3A5bqNDDeEnH0836bH5G36aueuej4hJI8XE6qpqjHEPHqYV-sWCEomc8izVlRO8U-T_MsiMoSuE8NECRgL5xWyeWeNZ-7WEY41V1-X7kKs0Msy2gzY33MJ3O3qf-BVPpiqiyr_BFWeneb4CHAqdsD1iqTgaJ-4Gxm-8ZX7H4HzGl68Xf3con20e3ih4BvSkwfcOF2jdntnXWvTAnM3PDC2xHjTlDRvVd3lXT0QuTD1jNSJLSHc7WQUeEhHzqTvOWBwnsnxAZ3HHfe2tfq0pGlzOOGUl3Nlunq6VzAlrPyQ5nnBwKnEJj5BJJBp8_kIx04842Kp1c5BlIgJ6J3d_CkpeijejFs52dMhi7SIXXnXizg91Ofh4FKzobLD2uCnRc6lhseBtYZXqozb6Daqpa7QyQP01ga-x8Xm5eZPtl5nWR1WFPMvz2KkEETNf8-jtsLVy88f6zZKmO7tAhnGnbqy1-R6LzXMAGkjcXkY5EEvnRfOplDj4cyBdy8g1LUORkNCbjMRXeaSkMFMKWmqrz2wmhuoQXS8zVF70niOycfjQ-QnR5LrrWVNygZYci-BmtugZxwrACTcciCxzsrHGBi7FQyo2ZuZtVCpg4f9nf4pI6H1QiA4A1_lIytARm8XvQgWepEcHLpN9RuqQ-vrGZmNQ26VMW4SexcNB9yDgHaTnu2FB-wgai4I9IK7vMPbsgjFAxmNt46cAQCT6lZ4ufQ69X_F8XeIYhnOzGDfH4z-xAfYdJS4AH1K7QgIhy6087NyXDVTLo5V8x5nr0P6qwt9J7yCA0ivmQvBeySJ8SRmwRW54uDZ-0UktkZfmQ5XwrJMKNIwwuQDPTYXFkRc3dR5cwqYvfNliFgGNseN5KVx9kfh0Rl1a2W6NmJ_jyQQ2kz-aoZ9DQbOjwcmls9T1mG1K6uPZM--laoXcvBLxTiF7ICX8Del8EBDecoquGb5YfrLeuRg3WnHPiwHOyxfUrQXZMgzaePKfKdE0kIsl2uc31_uFDrlcBEDiTw6b7BUnzGwFYapakZIrMkJm0IxaaglP_J0NG1u5_BOE6zTUmTjWUeqcokxQehTRq9PvOiE75ZpmMANUHNavWe-rQZCq7sKYPPnVNus84S5BAbesN3a7W3t764v7fbNl1yQto2kvprakFzJjVAX6APAkxG5jYFyd7dGvIPdBx8uEB3SpwT7lqkYIEVC2d-zUmt1kXFPZMG8BMYGR0OZzgpTO3QWrNa9m1z3_d3J3KCYo7mQk8CMn70NWx3IoVX4S3wLkqAGtF7o5_f9WcKOKTb1_LUauBbM6ACzwEzkAfYQe5v9yEwHytd4H59HskajwPHYcYytIULH_hIo54kDmhx-PV7xTS9naGFN9uYbgH6LCqQdwfcj27lY2WqW1bDhZq2QQbu9qnQedMzVAplyH6vxh9UDMNAsILzTaRv1lk13cdqPGau0tQfUCvVA85_UBh7NeIztJ1PWb-BOrAnyFl43lHzpXMXsXPqOgdoBeMoHZxdcJ10Ecib9TPwmBw6Awu7T92kq0Pc3BWQimbwBJ3fk7_MfT_tqUPdi_s-fZZy-Ql4dtVjLLHnRmf_XcI0OcID05KgZ-CWM1k-Akha5sLN1mn9zg8HpiT0qtJW6sLp_4qD9ByGSeHA8yjtFMNcSrvr-bPMECCD4jwjIOEb4uqXL0CgRAmo5Wrxe5crPi6ptKTtMlyT-vbDrTVWRUFlET6r240pIlV0WBhxjp_wqkoOxsi5djUBEGgV0K6dGGOoJDKnFVafDUGXiR2vLRvwG6rTopub4atmYIqZOxwU5_vawCm-voNU14v39wXBBlZvZKEqs6m1QpS2C3dj5a49DwB7XIkf3rwiLwhi0as-d3tbqz9A9B0f8ZVKMxOQ2840zZjJt9u96zTu2H5Sz9eFiCYz4Zpy6nbIZfI0xgTb-wKnD-gfOBPgUpJrywsRfDEAmv1LlXY7ji3sCWgtLHXj_nTnh3XWTONelvZ4EPXIS0etVNbrPIo_Q4jawhiWPG90bB-Up7kRJwOMF_3n9d8RPow17xLw3UHo2797UjK8NiVZooQ-RYv04YPH3cJs9_y-8K9usRrA5fl-D5-H-gQw6-QqYhsgS99Eh-jbXKSCH93b63uu-CzCDz0poVFqizoJ-dU6-2uwE43Hpb6VOuUyeyFG6wLjQ6breKgeQk1V0Z3vGAfgnSdIHLb6eahcHAG6qo-ysawRHejHH0RJrUF_jIeZlNa4xZyo_Cjtk2is84ABvEcTyqz37uHaHTYLcZyEsmChuGcq_-Fpy0MEC6W7hirWhwfbjMeNJwb8Fnl-mOGUxCz-LyQgWNvhNvLWOEx72By7pF4jPZCxy1Js4Fxz7o6XLKM92Wg3OreTgH-04xPK6UUE_Ydet-19HhjNYK95gJ8he3QkgMh9WUfz2LXSfubT9lXrbFMo9t2b0yYfhimzTDZHKJR9nb8pojSRc3P9PVwufBITXZT0SoB-6wXd2Fni_WUNijoqGucLLuusAnIejF0eGSItUQYBEL8SXDDBs6ZVJCKPBI37KcYG1RTsEUcHobttXGHNX3TSshjLN3tgiKzQJZJ8rdTyG_Vjj0y4ctzM5MJ-1oauJNUYPbhQdMNmAkFHr53kHW7G2IWH0rauRMGtCfXt9W3KoVWFRX0Fx2oPpWtXKs5uS1y9k04Yk78QhvwzdlmWnrIg0vNeMhqTuwqt3-Ig8wcZwn0DSsaRZ6N9XvZ8nOMOV1wD82rHqd-k2_YEJkZdVDcONYzEGUzWymB63_8UWPQAV7aRUW-2FwRD1aBW_0_fxJP__k9cdGUeLACmHmBy1_afqUq9gUdikaUPSyKnALvWxO09Epwf50yiv8vjiqzt_IbSZmeNcFpsQuj5D7WXtCAcoFW-qtejFfkZxI98i_i7jrWoAnzXC6HVhukKebMzDkOWM8qrh34GFQ2yGbtcbJ2avdiJHhYV8cScsPyZjMOz7mu3kkOOeTkYuYsea6aBHA19j-98pXIOieJJWBYVzCpcvBLgr1v3SHsuGqe78Ek1TjQo4b4_cDomAbfvhFj1TSdn5riUu9CLRS1pRD3w088u-tvY9AjIqfRVqosxiGYCClVU7GdQdZQovMPCFwE2rJ6gU4N029gi5LzIECProVJFsopnBkWAZ_JaE_TYmTpyYnU0lsYUEDyO-uStSCnGHMeGXv-ZksEY_VwLkVicrWv8ldH6Syk9Pnn7Vn4HaSHiA5f2futfaFzD-qUQ_wjbE3ErysxgLlvq5J8dsyyIrzy6MfIDk7AEs2KG01Bg6aF-W6ysml1ZA7knAyyq97AWYVFzu6rxWFT0ULXPYr342RralhexKoFgaJljAWurso7PdUI0BmM4Sio9GcG0k5_vSSVW8EV4xOXEK8kbQcTeMxJcwajGT9OsUiyxuCZ95DvIUVl53Cl06s5kFtzjkefVFyybpkjv5BrwEuyXjGFn0IcsH-rgiHes2h0EGcfbtkKJYY82e4-40KyyiPxwjFRm5gL6BzHW_pBHWehz-YrQGFm3y4tRT0Ao8IAEJxbBYUVETo7VDm6qpW20_7wWgRlzc_BrQeauHI2knZ_T-PdIsSj_KEdrAFA1XRBbjMZRke-5Q1_jSBdVPfLICMPVveEZ8wqmME6irRnO-df38UAxyZd-_eEMATwLt9SxUJbhZtWJCiTsEcd58tAbWVwh0ntl30RwMwwiwyoyRJranyemNPXlQ6YOk3oVjtzRZL-oyz4YmFdNthd_CjTat25AC_rzqUFL2XT4dCbkCCt2Li4whcTf00iJiMaMYhIzB1jeRk9Sl9Ja-tbJTYOCjtIfUTO9vt-Qz2eBpRUM-ySn9MJ1iRzzuzGlGNlew7_sxOhThyeTiSs7R78lcTR8R8zXEi1DA8FysfgjkXsGmeRT49R0MZt4nKQjdlZAkmZdZQZrZ5-bqwzsbgqoLsL5trcxtj6CsvPi1cMDm_uHIj8ixZvGwD0ZinB3JY9MpWXPM_45ZBHxHYq_PyYc6FE5cwBtu1eicQKLyPcMmGdWvn5whhT56EfXy96E3jZX3O1B9XfsxNX9DCdorYBU0Neh66tkmpbbvIJXJ6QY_w6rT3kUPQYt7sAWsmw34tn2L89kpm06V71iWdRAH7Lkiw8pDCcMOgqa7Ag-fTFqB2ong5zt1hyOXitZTBVTLOaOuSk5RnnMawC55IvPF6tVHkIQIQ09PVKilQP8Rh7BJ_GzMx5ZHgTRrh-J4txdUF3iWTUGTvZdYbqdYV60_Gf8mMRQu9cOutZ4DTA40waUr2jdJDD9sZr37Tj_rT73VguyT_etEn5y0a0dBhuuh0zxW7r-uOOPdlOQzFiF-jKPGMvlepOVxo-AE2ymHtotBOFSi0u1wxyr1SbJSeoncgGpko0_KsKtdBfOkcUYcQb6BoZBLp0upoORKAyzlEygeA17sFtubfVoLSlDlQ&cid=CAASJORoQNWxl17Ol2rND_0Yr55f4JrhTHCobUna9aJyM7QTdZK-Xg&xfc=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuQA3hml1_NgeOvqK-6-GUmgMBUjNls_d4EWCRFOOsNzHyYxJejx9NIMRa-z5EfTH23wk0HKWE5w1Eext-BosclYvxc1P_l-7PCbOiGnQmkFreM_hIN5wPNBINEhGls_x485VkvL6X4aCztMfU5FJu2tkCOPCKzqYmo0qBZyAp7wU6WilC4fpDHxcb2tWE4N5uq-T4hADSLYYo2ocVaDX95ycZNt5FAjWzMzwR7SrpaYY7sCis4-PnRBCqYX9hqQL3gp8ihklkAVQ3o2J9SysBr6TWhWewGFoCoMSl6C3-Dvq3jlPdG1OWiqAoJhCMATI7rIrVUbwo6dau5MiO5Fx37-DUcmi8MHzjohyoTNC8%26sai%3DAMfl-YRvgsPwERRJfoJ0y-UI6Tw_x_bn8MxBo2fa5BGoul8M0GDB5Yne1aJAce7sP-cKOUFRMpoh5aE3FVKkVdE3NyyisdEussvg8JWyOlRJx-k0aioya5oNcFsukd6WRg%26sig%3DCg0ArKJSzOnmkYQ4X6kDEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&rfl=2%2Chttps%253A%252F%252Fglamour.globo.com%242%2Chttps%253A%252F%252Fglamour.globo.com%252F%240
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
245c9cdc3b97ed8b81b2538a182e47679f5a6fe7f031df27834e982be04f383d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21154
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4BB2 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DimkrfMj5I_ibk0aZwXgwRbkf8eCKW8qnksK5pqzwEKawLxiAO9-ntG6v0ibV5ouCLmL8LwnRJGpcmAj5LVBDF8Es2FdxOj3nZAeyb8d_VIuxoeSE
Requested by
Host: 9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com
URL: https://9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 4BB2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js
Requested by
Host: 9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com
URL: https://9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:11:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
148
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Sep 2022 05:11:31 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 4BB2 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com
URL: https://9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
400
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Sep 2022 05:07:19 GMT
l
www.google.com/ads/measurement/ Frame 4BB2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQHSKTaegxpUIVUMXm407xrWrtGaHGiWsnitfQ41MCliT0vc2WygPEliUwk0nwF3q-IbDO_iZHiOXIQQrp1yyWHXU-kpg
Requested by
Host: 9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com
URL: https://9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4BB2 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com
URL: https://9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44079
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661341966742178"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 25 Aug 2022 05:13:59 GMT
t
t.lkqd.net/ Frame FC9A 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Thu, 25 Aug 2022 05:13:59 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 25 Aug 2022 05:13:59 GMT
server
nginx
adview
securepubads.g.doubleclick.net/pagead/ Frame 78E4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CvOLRFgUHY4mFGrSMoPMPsM6AuAecge-wXNqkqap0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN6ABrN3-6APIAQngAgCoAwGqBNECT9DBe3BZCAmn095o1iZouRKGQHDII5v-6LFV0nXaKTdGgkpaKzANBAqC5gW_mk3z7OXElD4oa-YJ4kAMQMRerD2-_XB52qxxOfsLXCsJT8BaFEmWq3WE0JKS_jgO8WM1wCJRDc7rXco8ACI66A4Y-E4Ade9Fqbg24omZB7vHKkQ14Qvpyn6PkoIfi_Kj5dKUoyuX_O8V-4jFqjJxaWdz1eZ7jZ29K2rqOBvCQcPLXW_3RT_qtEmNLkS0LfmikJe0lJOdPFjmR2lDGN2dlyOsT3XGggo6FntlmBPAEH8q8IIu4RBn2gPpBGXWW47nZMqdEB0p-Gk2u16ro0T9lzyza6zdWOY2QeAUSt5LoG80ZKFlx1mb_EHkmYjuD7g3PGE8Xow-dROFmlJXWaCa0WorcoHBTvygU3EmXNAV6p2rW9i3WVAAuHzMysMOoZvTV4XPVuAEAYAG8svvvtjL7-1JoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODgyODU4NzE0OTQ3MzQzNxjh8yA&sigh=bFr7nweyw2U&uach_m=[UACH]&cid=CAQSOwCsnQUxYkh1T_22hP0RnFvkWfeQWOGEZSIF6BtBD3jFwwMjOBLVr50pLSf_x30mZpjyGtmmQT4tjz65GAE
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
notify
rtb.va.us.criteo.com/google/auction/ Frame 78E4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=k9rBD67rDoAF4APiIp0XAgAAAEv2DEX3AEGzPQQyHoGxGYkQFQUHY1efqAJdqaY7AzfhABIAAA&wp=YwcFFgAGgokIaAY0AAAnMNxKp9bCD7dQ1Ixnqw
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:58 GMT
server
Kestrel
server-processing-duration-in-ticks
305540
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.us.criteo.com/delivery/r/ Frame 3F1E 		184 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=YwcFFgAGgokIaAY0AAAnMNxKp9bCD7dQ1Ixnqw&u=%7CdPGRhl%2B7%2BMWgpPFIpCJqMtCJIuSB7aEzylITgSDLOdw%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MTceYYGR9Jp5gwJSFuY1ZhN1_Ei2GJq8gd_G0tw1r14hnbYpVmvZEeZ3grlLUx-z4YYgXcAXP-xm45dOpRMTQ2S5iczFkxYc4DVGYC46ATP-k6EYWtuYZ03Fn2IUxSqnA_ihx5X8BFdchR5NyXI4oYxBTP2vLFJ5UMkfKCLc84eaNK2weWxmJ71gTfmFr8odm5bxqiOQJ--htYWPUtQ7RKgLoSbTX6T59wBkzS5n5CjsxYsz6Cs9dCgWg904mlqCZzn9F_BGivAe1umNo23lypsKXgoF0-WcHUiCJBaJJm13slpbs8eEc1FyD8sMMR46ul6bAZOhIsMZyQwgNT9Rc1vQ9KulDUKYGLE_O4T_q71i1dk-CTLivbkQd8NiriMGMz4oD1Uj0l3d6g9UZ3wHDOqD9RBRmTkxUKli2P7duAyr0zhZFthEV5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTXExFgUHY4mFGrSMoPMPsM6AuAecge-wXNqkqap0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN6ABrN3-6APIAQngAgCoAwGqBNQCT9DBe3BZCAmn095o1iZouRKGQHDII5v-6LFV0nXaKTdGgkpaKzANBAqC5gW_mk3z7OXElD4oa-YJ4kAMQMRerD2-_XB52qxxOfsLXCsJT8BaFEmWq3WE0JKS_jgO8WM1wCJRDc7rXco8ACI66A4Y-E4Ade9Fqbg24omZB7vHKkQ14Qvpyn6PkoIfi_Kj5dKUoyuX_O8V-4jFqjJxaWdz1eZ7jZ29K2rqOBvCQcPLXW_3RT_qtEmNLkS0LfmikJe0lJOdPFjmR2lDGN2dlyOsT3XGggo6FntlmBPAEH8q8IIu4RBn2gPpBGXWW47nZMqdEB0p-Gk2u16ro0T9lzyza6zdWOY2QeAUSt5LoG80ZKFlx1mb_EHkmYjuD7g3PGE8Xow-dROFmlJXWaCak2gL4Cozx_xj2hyqt6qcKSqXc9GZQZSbSwZFA30QjYN6gRTPlZXkvOAEAYAG8svvvtjL7-1JoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1BBFSwNw0F-QD9vVwmK83CozIVhQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Requested by
Host: 3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com
URL: https://3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f6fa000bd9d8ab859482009f777a3f8df1e96c0a19289f6f41baf53d84e6e0fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 05:13:59 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=_13HViSUVsDCZkZ8N7ah-wpkNFKKCAsWemyjyPH3mX98ATKXb21o2E_ozo4a8sx6n3WMhvINfietu6WgYKIRlfAQVABeAvdfhhvzShCjY008R34fbdpv3Hy3sMYaRFT6e_r544OswK2fs0RQlclE-_X4QFlqMtC-ImKaP8IMFkK3IGOcEwek-PvAVVHa9n0sY3Jm21rPpJZOgJ58nFtLciEd8UgiBA_U-9ce46JN4I-OQdWuO6nXx86C5OvkSKdHxtP2AQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
94485466
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 78E4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com
URL: https://3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:11:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
148
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Sep 2022 05:11:31 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D843 		1 KB
753 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com
URL: https://3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
39894
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 18:09:05 GMT
etag
48472445140208031
expires
Thu, 25 Aug 2022 18:09:05 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 78E4 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com
URL: https://3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
400
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Sep 2022 05:07:19 GMT
l
www.google.com/ads/measurement/ Frame 78E4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR1dXEUQKaxuMiOi4kj1Z9PefkGaBSWSFKn8hUln8OYuUHxXtXSDHwsABnpm_7SofYO4ZCEUxuQHYcwjVS72BOSEE9gVQ
Requested by
Host: 3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com
URL: https://3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 78E4 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com
URL: https://3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 07:24:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
424180
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 20 Aug 2023 07:24:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 78E4 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com
URL: https://3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44079
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661341966742178"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 25 Aug 2022 05:13:59 GMT
syncframe
gum.criteo.com/ Frame EED5 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=glamour.globo.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
17b6c419a7f65afd0e75266dcace486b79ceae9242177feaa960dda92816c4cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6144
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 05:13:59 GMT
server-processing-duration-in-ticks
2752
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 1B59 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.187 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip187.ip-51-222-39.net
Software
/
Resource Hash
e7974a19e218adde85eab1fe356b809a52d5dba6c7855cfb2aecbc97dbf7a311
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1437
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
csync
sync.spotim.market/ Frame CDD1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58558/occ
  • https://sync.spotim.market/csync?t=a&ep=488792&extuid=y-T4gubExE2uHl11yJqiA0EIqbv8Nl_EL6mCu_FFk-~A
0
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=488792&extuid=y-T4gubExE2uHl11yJqiA0EIqbv8Nl_EL6mCu_FFk-~A
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
0
Date
Thu, 25 Aug 2022 05:13:59 GMT
Etag
26228ea582814d32
Server
Adtelligent

Redirect headers

age
0
content-length
0
date
Thu, 25 Aug 2022 05:13:59 GMT
location
https://sync.spotim.market/csync?t=a&ep=488792&extuid=y-T4gubExE2uHl11yJqiA0EIqbv8Nl_EL6mCu_FFk-~A
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 71CE 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.132.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-212.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=71309
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 25 Aug 2022 05:13:59 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 26 Aug 2022 01:02:28 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.spotim.market/ Frame 845D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=7412760816595641933
0
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=271858&extuid=7412760816595641933
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
0
Date
Thu, 25 Aug 2022 05:13:59 GMT
Etag
26228ea582814d32
Server
Adtelligent

Redirect headers

AN-X-Request-Uuid
9df2ebdf-9a66-46ad-a58f-8f727ba541a9
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Thu, 25 Aug 2022 05:13:59 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.spotim.market/csync?t=a&ep=271858&extuid=7412760816595641933
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
usersync
usersync.gumgum.com/ Frame 0723
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005&rndcb=3848292515
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=ce95d937-04dc-4d9f-a5f7-40c522420de0&google_hm=Y2U5NWQ5MzctMDRkYy00ZDlmLWE1ZjctNDBjNTIyNDIw...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEIDBcEaPwoKFCl6lH1849VY&google_cver=1&ssp=adconductor&bsw_param=ce95d937-04dc-4d9f-a5f7-40c522420de0
  • https://sync.1rx.io/usersync/bidswitch/ce95d937-04dc-4d9f-a5f7-40c522420de0?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Date
Thu, 25 Aug 2022 05:14:00 GMT
Server
Tengine
ETag
RX7c4996e8b3c449d8811965a3c89fecf6005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005
Connection
keep-alive
Content-Type
text/html
csync
sync.spotim.market/ Frame 0723
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D%24%7BUID%7D
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=bbe78f5c-cbd0-47ef-b8be-a7cffd6cd09d
0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=482928&extuid=bbe78f5c-cbd0-47ef-b8be-a7cffd6cd09d
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:13:59 GMT
Server
Adtelligent
Etag
26228ea582814d32
Content-Length
0

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:58 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.spotim.market/csync?t=a&ep=482928&extuid=bbe78f5c-cbd0-47ef-b8be-a7cffd6cd09d
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
6tqrdfb1r9b2i40eqh7qmh5ba7ccpfqv
csync
sync.spotim.market/ Frame 0723 		0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=309017&extuid=${USER_ID}
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:13:59 GMT
Server
Adtelligent
Etag
26228ea582814d32
Content-Length
0
sync
visitor.omnitagjs.com/visitor/ Frame 0723
Redirect Chain
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Fredir%3Dhttps%253A%252F%252Fvisitor.omnitagjs.com%252Fvisitor%252Fsync%253Fuid%253D9f93135e824096b627ff609f5cdee636...
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D9f93135e824096b627ff609f5cdee636%26visitor%3D%7Buid%7D%26name%3DOPENWEB
  • https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=26228ea582814d32&name=OPENWEB
49 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=26228ea582814d32&name=OPENWEB
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-type
image/gif
content-length
49
expires
0

Redirect headers

Location
https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=26228ea582814d32&name=OPENWEB
Date
Thu, 25 Aug 2022 05:13:59 GMT
Server
Adtelligent
Etag
26228ea582814d32
Content-Length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 1DF9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081701&jk=1651489435537402&rc=
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 73BE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081701&jk=3572886188714534&rc=
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
cookiesyncendpoint
sync.aniview.com/ Frame A26F
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D57064f8d-a433-4deb-abfa-d29f4601b0af%26biddername%3D55%26key%3D%24UID
  • https://sync.aniview.com/cookiesyncendpoint?auid=57064f8d-a433-4deb-abfa-d29f4601b0af&biddername=55&key=7412760816595641933
0
215 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=57064f8d-a433-4deb-abfa-d29f4601b0af&biddername=55&key=7412760816595641933
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/ssync/5e0e296628a061270b21ccab/ssync.html?pid=5e0e296628a061270b21ccab&r=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3De8ecb87ff2ef3a3b16ba16c51e7986ac%26visitor%3D%5BAV_UID%5D%26name%3DOPENWEB_VIDEO&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.23.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-23-128.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.aniview.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Thu, 25 Aug 2022 05:13:59 GMT

Redirect headers

AN-X-Request-Uuid
12684cc8-290e-4c9a-af3f-9ccc0cd60d6e
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Thu, 25 Aug 2022 05:13:59 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?auid=57064f8d-a433-4deb-abfa-d29f4601b0af&biddername=55&key=7412760816595641933
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
usync.html
eus.rubiconproject.com/ Frame 3720
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/ssync/5e0e296628a061270b21ccab/ssync.html?pid=5e0e296628a061270b21ccab&r=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3De8ecb87ff2ef3a3b16ba16c51e7986ac%26visitor%3D%5BAV_UID%5D%26name%3DOPENWEB_VIDEO&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://player.aniview.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 25 Aug 2022 05:13:59 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 25 Aug 2022 05:13:59 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
server
AkamaiGHost
cookiesyncendpoint
sync.aniview.com/ Frame 02D6
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D57064f8d-a433-4deb-abfa-d29f4601b0af%26biddername%3D2%26key%3D%24SPOTX_USE...
  • https://sync.aniview.com/cookiesyncendpoint?auid=57064f8d-a433-4deb-abfa-d29f4601b0af&biddername=2&key=b7a4120e-2434-11ed-a1bf-1184b4c80503
0
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=57064f8d-a433-4deb-abfa-d29f4601b0af&biddername=2&key=b7a4120e-2434-11ed-a1bf-1184b4c80503
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/ssync/5e0e296628a061270b21ccab/ssync.html?pid=5e0e296628a061270b21ccab&r=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3De8ecb87ff2ef3a3b16ba16c51e7986ac%26visitor%3D%5BAV_UID%5D%26name%3DOPENWEB_VIDEO&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.23.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-23-128.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.aniview.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Thu, 25 Aug 2022 05:13:59 GMT

Redirect headers

access-control-allow-credentials
false
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/plain
date
Thu, 25 Aug 2022 05:13:59 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=57064f8d-a433-4deb-abfa-d29f4601b0af&biddername=2&key=b7a4120e-2434-11ed-a1bf-1184b4c80503
x-fe
396
cookiesyncendpoint
sync.aniview.com/ Frame 972D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D57064f8d-a433-4deb-abfa-d29f4601b0af%26biddername%3D72%26pid%3D5e0e296628a0...
  • https://tags.bluekai.com/site/17724?id=ac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D57064f8d-a433-4deb-abfa-d29f4601b0af%26b...
  • https://sync.aniview.com/cookiesyncendpoint?auid=57064f8d-a433-4deb-abfa-d29f4601b0af&biddername=72&pid=5e0e296628a061270b21ccab&key=ac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553
0
258 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=57064f8d-a433-4deb-abfa-d29f4601b0af&biddername=72&pid=5e0e296628a061270b21ccab&key=ac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/ssync/5e0e296628a061270b21ccab/ssync.html?pid=5e0e296628a061270b21ccab&r=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3De8ecb87ff2ef3a3b16ba16c51e7986ac%26visitor%3D%5BAV_UID%5D%26name%3DOPENWEB_VIDEO&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.23.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-23-128.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.aniview.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Thu, 25 Aug 2022 05:13:59 GMT

Redirect headers

content-length
0
date
Thu, 25 Aug 2022 05:13:59 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=57064f8d-a433-4deb-abfa-d29f4601b0af&biddername=72&pid=5e0e296628a061270b21ccab&key=ac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
index.v1.html
config.seedtag.com/standard-iframe/ Frame 2880 		215 B
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://config.seedtag.com/standard-iframe/index.v1.html
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.133.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1298edbdd61716cdfd4e5b6ae4d6bbc598282a86c23c5eee134965e052f5d878

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
*
age
2961
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=86400, public
cf-cache-status
DYNAMIC
cf-ray
7401d7739f132ad2-ORD
content-encoding
br
content-type
text/html
date
Thu, 25 Aug 2022 05:13:59 GMT
etag
W/"0759a5dea81fe23c38bb84d4453f6ac5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Fri, 26 Aug 2022 04:24:38 GMT
last-modified
Tue, 25 Jun 2019 10:34:38 GMT
server
cloudflare
vary
Accept-Encoding
rtset
bh.contextweb.com/bh/ Frame CBD3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=dVd1TlMzeWU1NzFhWmRsM3hWSDg5Zw&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESELlVgrr-X_DkIcRpsEM6dd0&google_cver=1
49 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESELlVgrr-X_DkIcRpsEM6dd0&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-6d7578d788-x8mpp
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESELlVgrr-X_DkIcRpsEM6dd0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame CBD3
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=31c5401296010cb7&is_secure=true&networkId=14200&version=1&nuid=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAEzq8HA9WfRQNXsbifAAAAAAA&expiration=1661490839&nuid=&is_secure=true
49 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAEzq8HA9WfRQNXsbifAAAAAAA&expiration=1661490839&nuid=&is_secure=true
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-6d7578d788-x8mpp
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAEzq8HA9WfRQNXsbifAAAAAAA&expiration=1661490839&nuid=&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame CBD3 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=Q6k5Ho6QyMMh&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:59 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
AJBQREMVJWCQ118HMJS0
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame ABA5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f392b494-04f1-4190-8b81-965c828ca97a&expiration=1663996439&gdpr=0&gdpr_consent=
43 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f392b494-04f1-4190-8b81-965c828ca97a&expiration=1663996439&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
7401d775cc872c44-ORD
pragma
no-cache
date
Thu, 25 Aug 2022 05:14:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=znwVMmDuHPoulGUzRfIg7muzniy2lJkcqCiDO231yykyU6Qzdane7HkAzdUDmP7rJZinVC3YoPWAAiffvsY%2BGz5bCwjrbTS6BuM2KVn%2B6OZYeQ%2Bs7sm0TSA6BUsl%2BN4XqbO%2BJzpFgvt6cw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f392b494-04f1-4190-8b81-965c828ca97a&expiration=1663996439&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
crum
dsum-sec.casalemedia.com/ Frame ABA5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YwcFFiEqvqgxgytikig15QAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJ-fnXC2YIyqIitxXHLpWW4&google_cver=1
43 B
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJ-fnXC2YIyqIitxXHLpWW4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
7401d7773e392c44-ORD
pragma
no-cache
date
Thu, 25 Aug 2022 05:14:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U7bIca8J1vzyeIBLtGWU6f3J8Jz3bTILq4KMUVlY2jt22rUb3Yl2c6n7xImjZDKQ6%2FY1U0Ou14Sde63JYHffXafHUDRiJhmL8ZN1iwD0YP1BIwVf1O2QJDf%2F%2FyOSXymHaPti0PEbe%2FW6VA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJ-fnXC2YIyqIitxXHLpWW4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame ABA5 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwcFFiEqvqgxgytikig15QAAAdQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:59 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
7D31YJWRF0PEGP4MBAY2
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame ABA5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YwcFFiEqvqgxgytikig15QAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAlLal_DCrqs217s0xqcj_c&google_cver=1
43 B
902 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAlLal_DCrqs217s0xqcj_c&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
7401d775eba1633c-ORD
pragma
no-cache
date
Thu, 25 Aug 2022 05:14:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WPjalsfGry9MUEVjv7CUANeacglCEBll6xKUkDmuFzYfLHiww4d1gKYRHQNlX8ppoNMx2urNsqXr5BTrtxP5uRaQVBO3v4G9rbkhzuceh27hGjtZx4K5WlVbz3HFovzfdj5ayj69F8dSdg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAlLal_DCrqs217s0xqcj_c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame ABA5
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=4BFK5PS6DwFZltdDeQ6H&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2NCCIZFTK...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=4BFK5PS6DwFZltdDeQ6H
43 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=4BFK5PS6DwFZltdDeQ6H
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
7401d77999532c44-ORD
pragma
no-cache
date
Thu, 25 Aug 2022 05:14:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tVG7Yv6g6hL4ncU3g3cJgE4F2XqGsxkRGu3JOIYMRJstF%2FHzdgTuerSVq%2BUAX9VMavNhvlUxopTV89S2NcJ8lLS9k59Qg%2FBmhCbh0WqCj0kCOknBQmEqTQ3eZ9B5Ew2p8EonPQQ5awGmuw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:00 GMT
P3p
CP="We do not support P3P header."
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=4BFK5PS6DwFZltdDeQ6H
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame ABA5
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=93113cb9-e328-4c2e-b34a-9991d55dc977
43 B
912 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=93113cb9-e328-4c2e-b34a-9991d55dc977
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
7401d776ddc32c44-ORD
pragma
no-cache
date
Thu, 25 Aug 2022 05:14:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vYbovKOgE%2Baxo%2Fx3phcCEghgOm3ACmTfj8dRE9Ywy9P3COJcwDMbwzGJ%2FLZsog%2BUgidf3oHmwcMNMXzbnj3Nv%2FlNvHnk50UXPQyeZhRclJfaaTptOdk%2F9t9%2F6Kt4lUUrDBSrLvs8dbjHuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=93113cb9-e328-4c2e-b34a-9991d55dc977
date
Thu, 25 Aug 2022 05:13:59 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
YwcFFiEqvqgxgytikig15QAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame ABA5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YwcFFiEqvqgxgytikig15QAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YwcFFiEqvqgxgytikig15QAAAdQAAAIB
43 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YwcFFiEqvqgxgytikig15QAAAdQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Server
2600:1f18:4e9:5a05:453e:66f9:9eff:3281 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YwcFFiEqvqgxgytikig15QAAAdQAAAIB
date
Thu, 25 Aug 2022 05:13:59 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ecm3
s.amazon-adsystem.com/ Frame ABA5 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=YwcFFiEqvqgxgytikig15QAAAdQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:59 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
SQMFNH8W9Q65D6FBK5X1
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
pagead2.googlesyndication.com/bg/ Frame C2C0 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
sffe /
Resource Hash
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 17:45:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
41316
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14190
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Aug 2023 17:45:23 GMT
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 7072 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1661404439682
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:13:59 GMT
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1661404439.dop206.ch4.t,1661404439.cds195.ch4.shn,1661404439.cds195.ch4.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=fe54cc25c25d36983adbdcfa7f1e5df&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=eb2a1_7135677735229362965&gdpr=0&gdpr_consent=null
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZmU1NGNjMjVjMjVkMzY5ODNhZGJkY2ZhN2YxZTVkZg==&gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEG0Wq4BRZBhjS2gABp9kSa0&google_cver=1&gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=f392b494-04f1-4190-8b81-965c828ca97a
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/fe54cc25c25d36983adbdcfa7f1e5df?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-ItZDHJdE2oOnPKGc.qGRG.LCS3ggetcoEc1ftiqu~A
  • https://usersync.octillion.tv/fw?
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1554userId=cd078586-9b7a-4fab-9889-34e181b61ebd
43 B
558 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1554userId=cd078586-9b7a-4fab-9889-34e181b61ebd
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Server
63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:01 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1661404441371035-255

Redirect headers

date
Thu, 25 Aug 2022 00:07:43 GMT
via
1.1 2ead2a81ff8cd9f180f8ec7fa0607b6e.cloudfront.net (CloudFront)
server
CloudFront
age
18378
x-cache
Hit from cloudfront
location
https://ads.stickyadstv.com/user-registering?dataProviderId=1554userId=cd078586-9b7a-4fab-9889-34e181b61ebd
x-amz-cf-pop
EWR53-C1
content-length
0
x-amz-cf-id
-oo58Mm9KruEdLS0aUVRRpdnXTPsA7bqlA2s3Zpooc74lxEvguBcwg==
/
ads.stickyadstv.com/additional-scripts/ Frame 7072 		301 B
816 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:59 GMT
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1661404439834012-279
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 7072 		67 B
680 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&schain=1.0%2C1!vidoomy.com%2C61323%2C1%2C7518571304519561346104295334%2C%2C&vav=560fb99b9a1bd25602c81c5f7d765c84&vaviv=47a1f38dc27c18c13a2f6a1525cdaa0c&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:59 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1661404439819039-275
ecm3
s.amazon-adsystem.com/ Frame 0FE6 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=377b48f0-670c-49fd-a073-96b607aa17f0
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:59 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
NE8SGD2ZW648FEEFCJPX
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 0FE6
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=f392b494-04f1-4190-8b81-965c828ca97a&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=f392b494-04f1-4190-8b81-965c828ca97a&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.209.87.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-87-113.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=f392b494-04f1-4190-8b81-965c828ca97a&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame 0FE6
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1
  • https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=61ce30ab-3031-4665-ab46-6176ea45d255&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=61ce30ab-3031-4665-ab46-6176ea45d255&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.209.87.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-87-113.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

x-servername
Track004-iad
pragma
no-cache
date
Thu, 25 Aug 2022 05:13:18 GMT
x-aspnetmvc-version
5.2
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
p3p
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
location
https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=61ce30ab-3031-4665-ab46-6176ea45d255&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
cache-control
private,no-cache
content-type
text/html; charset=utf-8
content-length
296
expires
-1
v1
match.sharethrough.com/sync/ Frame 0FE6
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=7412760816595641933
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=7412760816595641933
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.209.87.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-87-113.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:00 GMT
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
ecc6eacb-e54d-4791-aedc-4f4242c37cc5
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=7412760816595641933
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 0FE6
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=7412760816595641933
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=7412760816595641933
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.209.87.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-87-113.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:00 GMT
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
824d7329-8edb-4f50-9429-e089ae0f6020
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=7412760816595641933
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 887C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-fnXC2YIyqIitxXHLpWW4&google_cver=1
43 B
916 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-fnXC2YIyqIitxXHLpWW4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEJvK6wEYv43-zwEwAQ&v=APEucNWxJ5CX9m3RSWI3M5jFZtisr7goeH1Hj20bduRzK40I2gL3YzdvdWhQFD0WTj0FbUZ7eS9Or1wJlw6fTBzjxGma6aUkMg
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
7401d775eca92c44-ORD
pragma
no-cache
date
Thu, 25 Aug 2022 05:14:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TY0o%2FkP9oe%2Fjf%2F7OnGkiAx8Yz3zpoJ%2BSg7xqq8MzlzTlfGB5YUAPOCH6M%2Fgq7jXk3iNY0MWHAR9VcXVoludgwIH5u7wx7fpNeRY2g5NY1%2FDLdhgPM7Jup%2FLD3%2FAdfIw5znkKZRD6Z1OAeA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-fnXC2YIyqIitxXHLpWW4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 887C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwcFFiEqvqgxgytikig15QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-fnXC2YIyqIitxXHLpWW4&google_cver=1
43 B
912 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-fnXC2YIyqIitxXHLpWW4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEJvK6wEYv43-zwEwAQ&v=APEucNWxJ5CX9m3RSWI3M5jFZtisr7goeH1Hj20bduRzK40I2gL3YzdvdWhQFD0WTj0FbUZ7eS9Or1wJlw6fTBzjxGma6aUkMg
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
7401d7775e4d2c44-ORD
pragma
no-cache
date
Thu, 25 Aug 2022 05:14:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qbI%2B8DECBHOMBx%2FKaHDlBrfSfnBxrWen5cIoNeMzDbpu5NwM37M44dgtbNNN3%2BEVZwdofMMbKObTp13CPrZ27ABGBubjupYRk8SBC%2FEtTqkjX%2BOd4TV2TiaSGfbVa1EQ0W%2FEL9iBEvzkEg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-fnXC2YIyqIitxXHLpWW4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 887C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPSJN6PSOWssHdkcds62kHQ&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPSJN6PSOWssHdkcds62kHQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEJvK6wEYv43-zwEwAQ&v=APEucNWxJ5CX9m3RSWI3M5jFZtisr7goeH1Hj20bduRzK40I2gL3YzdvdWhQFD0WTj0FbUZ7eS9Or1wJlw6fTBzjxGma6aUkMg
Protocol
HTTP/1.1
Server
68.67.179.164 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:00 GMT
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
6bf4545c-c17c-4752-bf8a-faced6d8e544
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPSJN6PSOWssHdkcds62kHQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 887C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQxMjc2MDgxNjU5NTY0MTkzMw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQxMjc2MDgxNjU5NTY0MTkzMw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEJvK6wEYv43-zwEwAQ&v=APEucNWxJ5CX9m3RSWI3M5jFZtisr7goeH1Hj20bduRzK40I2gL3YzdvdWhQFD0WTj0FbUZ7eS9Or1wJlw6fTBzjxGma6aUkMg
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:59 GMT
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
62e1747d-8f33-4087-96b9-3ede2d0dcdd4
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQxMjc2MDgxNjU5NTY0MTkzMw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 1A8A
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=7412760816595641933
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=7412760816595641933
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:59 GMT
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
92049e5d-2426-4e90-8c4d-3d8c3f4661b4
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usersync.gumgum.com/usersync?b=apn&i=7412760816595641933
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 1A8A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_5349e29e-e573-463a-8042-728d103ee39b&gdpr=&gdpr_consent=&us_privacy=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=d666fe2e-869f-4d4b-87b8-12e8f1df79be&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=ce95d937-04dc-4d9f-a5f7-40c522420de0
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=ce95d937-04dc-4d9f-a5f7-40c522420de0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=ce95d937-04dc-4d9f-a5f7-40c522420de0
Date
Thu, 25 Aug 2022 05:14:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame 1A8A
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28VA0xnkEo53AA9mHXGnnXuSoYAJ-ZE7Rp7annoNiYD60TqT1euGUpHrMKqAJUGotx%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_5349e29e-e573-463a-8042-728d103ee39b&obuid=ENC(VA0xnkEo53AA9mHXGnnXuSoYAJ-ZE7Rp7annoNiYD60TqT1euGUpHrMKqAJUGotx)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://dsp.adfarm1.adition.com/cookie/?ssp=25
  • https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7135677739533858959
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7135677739533858959
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:14:01 GMT
Cache-Control
no-cache
X-TraceId
c8af103ce5a6142ae73abba1c3b7f1e9
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7135677739533858959
Date
Thu, 25 Aug 2022 05:14:01 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
usersync
usersync.gumgum.com/ Frame 1A8A
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=7504a4e3-5a5a-4c50-b449-7737b4671356
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=7504a4e3-5a5a-4c50-b449-7737b4671356
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Thu, 25 Aug 2022 05:13:59 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usersync.gumgum.com/usersync?b=opx&i=7504a4e3-5a5a-4c50-b449-7737b4671356
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
usersync.gumgum.com/ Frame 1A8A
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-0d2b4646-3d15-49a0-4f06-5fd873817560$ip$167.88.7.162
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-0d2b4646-3d15-49a0-4f06-5fd873817560$ip$167.88.7.162
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-0d2b4646-3d15-49a0-4f06-5fd873817560$ip$167.88.7.162
Date
Thu, 25 Aug 2022 05:13:59 GMT
Connection
keep-alive
Content-Length
126
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 1A8A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-F7AlrO1E2peDWrw_jNbbaAkfRJInYusxzsAj~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-F7AlrO1E2peDWrw_jNbbaAkfRJInYusxzsAj~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Thu, 25 Aug 2022 05:13:59 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://usersync.gumgum.com/usersync?b=oth&i=y-F7AlrO1E2peDWrw_jNbbaAkfRJInYusxzsAj~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
usersync
usersync.gumgum.com/ Frame 1A8A
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=4c12d306-7bd7-45ec-a97a-8304a6a92f40
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=4c12d306-7bd7-45ec-a97a-8304a6a92f40
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=4c12d306-7bd7-45ec-a97a-8304a6a92f40
Date
Thu, 25 Aug 2022 05:13:59 GMT
X-CI-RTID
da3baaaa-ca4d-4c8a-925e-19165c144114
Connection
keep-alive
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 1A8A
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=34D0F340BBB6452EA27D42C1AC0AC8BC
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=34D0F340BBB6452EA27D42C1AC0AC8BC
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Thu, 25 Aug 2022 05:13:59 GMT
via
1.1 varnish
server
nginx
age
0
location
https://usersync.gumgum.com/usersync?b=snc&i=34D0F340BBB6452EA27D42C1AC0AC8BC
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
338026959
access-control-allow-origin
*
content-type
text/plain
content-length
0
usersync
usersync.gumgum.com/ Frame 1A8A
Redirect Chain
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=dit&i=di_aabd891a9a2b4d83a138e
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=dit&i=di_aabd891a9a2b4d83a138e
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=dit&i=di_aabd891a9a2b4d83a138e
date
Thu, 25 Aug 2022 05:13:59 GMT
server
c
content-type
image/gif
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 1A8A
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_5349e29e-e573-463a-8042-728d103ee39b&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=4BFK5PS6DwFZltdDeQ6H&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHU2EERSLGVIFGNSEO5DFU3DUMRCGKUJWJA
  • https://usersync.gumgum.com/usersync?b=zem&i=4BFK5PS6DwFZltdDeQ6H
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=4BFK5PS6DwFZltdDeQ6H
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:00 GMT
P3p
CP="We do not support P3P header."
Location
https://usersync.gumgum.com/usersync?b=zem&i=4BFK5PS6DwFZltdDeQ6H
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 1A8A
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=7a6a2a8e-bcf4-4ed3-9df8-974d3b475beb
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=7a6a2a8e-bcf4-4ed3-9df8-974d3b475beb
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=7a6a2a8e-bcf4-4ed3-9df8-974d3b475beb
date
Thu, 25 Aug 2022 05:13:59 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 1A8A
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F1506%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=5112774868
  • https://sync.1rx.io/usersync3/centro/1506/ac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553?zcc=0&sspret=1&rndcb=5112774868
  • https://sync.targeting.unrulymedia.com/csync/RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Date
Thu, 25 Aug 2022 05:14:00 GMT
Server
Tengine
ETag
RX7c4996e8b3c449d8811965a3c89fecf6005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005
Connection
keep-alive
Content-Type
text/html
usersync
usersync.gumgum.com/ Frame 1A8A
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=Q6k5Ho6QyMMh&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=Q6k5Ho6QyMMh&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://usersync.gumgum.com/usersync?b=pln&i=Q6k5Ho6QyMMh&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d7578d788-x8mpp
expires
-1
usersync
usersync.gumgum.com/ Frame 1A8A
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=1526083351859992907
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=1526083351859992907
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=1526083351859992907
date
Thu, 25 Aug 2022 05:13:59 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 1A8A 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_5349e29e-e573-463a-8042-728d103ee39b
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:59 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
KTJCMPPCRYA4ZX4BJ5FX
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ev
s.seedtag.com/e/ 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/e/ev
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.335008b7b27c404c8cd9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
pagead2.googlesyndication.com/bg/ Frame 31DC 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
sffe /
Resource Hash
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 17:45:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
41316
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14190
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Aug 2023 17:45:23 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame 20D4
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.133.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-133-218.compute-1.amazonaws.com
Software
/
Resource Hash
f0d544e1b0570c46ab87f5970af498c10bba6e880e8d3e36713c663b1f2fbaca

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, must-revalidate
content-length
186
content-type
text/html; charset=utf-8
date
Thu, 25 Aug 2022 05:14:00 GMT
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Thu, 25 Aug 2022 05:14:00 GMT
pragma
no-cache

Redirect headers

content-length
41
content-type
text/html; charset=utf-8
date
Thu, 25 Aug 2022 05:13:59 GMT
location
/um/cs&eq_cc=1
index.v1.html
config.seedtag.com/standard-iframe/ Frame F062 		215 B
474 B 		Document
General
Check archive.org
Download Go to
Full URL
https://config.seedtag.com/standard-iframe/index.v1.html
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.133.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1298edbdd61716cdfd4e5b6ae4d6bbc598282a86c23c5eee134965e052f5d878

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
*
age
2961
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=86400, public
cf-cache-status
DYNAMIC
cf-ray
7401d774fc722988-ORD
content-encoding
br
content-type
text/html
date
Thu, 25 Aug 2022 05:13:59 GMT
etag
W/"0759a5dea81fe23c38bb84d4453f6ac5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Fri, 26 Aug 2022 04:24:38 GMT
last-modified
Tue, 25 Jun 2019 10:34:38 GMT
server
cloudflare
vary
Accept-Encoding
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 4BB2 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWrecHM4KXw0RYSoZJZ-XRql5t5QfjZngzAExTJAthGohIWxZqaKk7m0RPPCrIZQYrn7sxwpAX8v957jRGW45rjsto1id6LeV3z8-i28hDreo6hOA3GxUCTq9mG9LmZQEsOOa85ZgSNnQpzRNcCc_vwgelJQ&dbm_d=AKAmf-CNMEGfe_wChdtkFLgintQ2qGPXIq8N9ExM6TytY8zjLTlhi_mEVNU0mB0cITYGGEgubLfHkZiReNCmEjZzvCLVhB4kKQ3AGDZrvNoBieKeyOH7t30-posGq7jFdJxzGeP_oeqK8gGHmKhj4WlrLgLwcQiSC3D6CePkZwg_3ecRDDp3z6f0tdDMtNtAWkZd72-VnqJCUpE0fem5yyWH8pNAzVMY7AhZlWQ55w0NUmG1vQWrLnlafOkDWZWYXETJqIsywvpeQ7YD9cBwjeR3rV5lUlAE_Q9ioeDAExV6wekomiyJkEln-7XSsNdEV7ds0DdxMHcfOCAYnkECS_vtFzBe9fxn0QLJvjwTq5__wgAcHyMzB-trLJ5BpLtbEbz6CdbYAHypNsWKSmA0qrcbUcWksaoZffijqVJPbB1JSjhZF5O4Zob8HS73NLepAM92Xw1mnQdOIPzTscTsbIqAdSGfSKjB_4YcBvL2gSykkhBzQxOhoRjKyt0xY41UIoPhdnw3A5bqNDDeEnH0836bH5G36aueuej4hJI8XE6qpqjHEPHqYV-sWCEomc8izVlRO8U-T_MsiMoSuE8NECRgL5xWyeWeNZ-7WEY41V1-X7kKs0Msy2gzY33MJ3O3qf-BVPpiqiyr_BFWeneb4CHAqdsD1iqTgaJ-4Gxm-8ZX7H4HzGl68Xf3con20e3ih4BvSkwfcOF2jdntnXWvTAnM3PDC2xHjTlDRvVd3lXT0QuTD1jNSJLSHc7WQUeEhHzqTvOWBwnsnxAZ3HHfe2tfq0pGlzOOGUl3Nlunq6VzAlrPyQ5nnBwKnEJj5BJJBp8_kIx04842Kp1c5BlIgJ6J3d_CkpeijejFs52dMhi7SIXXnXizg91Ofh4FKzobLD2uCnRc6lhseBtYZXqozb6Daqpa7QyQP01ga-x8Xm5eZPtl5nWR1WFPMvz2KkEETNf8-jtsLVy88f6zZKmO7tAhnGnbqy1-R6LzXMAGkjcXkY5EEvnRfOplDj4cyBdy8g1LUORkNCbjMRXeaSkMFMKWmqrz2wmhuoQXS8zVF70niOycfjQ-QnR5LrrWVNygZYci-BmtugZxwrACTcciCxzsrHGBi7FQyo2ZuZtVCpg4f9nf4pI6H1QiA4A1_lIytARm8XvQgWepEcHLpN9RuqQ-vrGZmNQ26VMW4SexcNB9yDgHaTnu2FB-wgai4I9IK7vMPbsgjFAxmNt46cAQCT6lZ4ufQ69X_F8XeIYhnOzGDfH4z-xAfYdJS4AH1K7QgIhy6087NyXDVTLo5V8x5nr0P6qwt9J7yCA0ivmQvBeySJ8SRmwRW54uDZ-0UktkZfmQ5XwrJMKNIwwuQDPTYXFkRc3dR5cwqYvfNliFgGNseN5KVx9kfh0Rl1a2W6NmJ_jyQQ2kz-aoZ9DQbOjwcmls9T1mG1K6uPZM--laoXcvBLxTiF7ICX8Del8EBDecoquGb5YfrLeuRg3WnHPiwHOyxfUrQXZMgzaePKfKdE0kIsl2uc31_uFDrlcBEDiTw6b7BUnzGwFYapakZIrMkJm0IxaaglP_J0NG1u5_BOE6zTUmTjWUeqcokxQehTRq9PvOiE75ZpmMANUHNavWe-rQZCq7sKYPPnVNus84S5BAbesN3a7W3t764v7fbNl1yQto2kvprakFzJjVAX6APAkxG5jYFyd7dGvIPdBx8uEB3SpwT7lqkYIEVC2d-zUmt1kXFPZMG8BMYGR0OZzgpTO3QWrNa9m1z3_d3J3KCYo7mQk8CMn70NWx3IoVX4S3wLkqAGtF7o5_f9WcKOKTb1_LUauBbM6ACzwEzkAfYQe5v9yEwHytd4H59HskajwPHYcYytIULH_hIo54kDmhx-PV7xTS9naGFN9uYbgH6LCqQdwfcj27lY2WqW1bDhZq2QQbu9qnQedMzVAplyH6vxh9UDMNAsILzTaRv1lk13cdqPGau0tQfUCvVA85_UBh7NeIztJ1PWb-BOrAnyFl43lHzpXMXsXPqOgdoBeMoHZxdcJ10Ecib9TPwmBw6Awu7T92kq0Pc3BWQimbwBJ3fk7_MfT_tqUPdi_s-fZZy-Ql4dtVjLLHnRmf_XcI0OcID05KgZ-CWM1k-Akha5sLN1mn9zg8HpiT0qtJW6sLp_4qD9ByGSeHA8yjtFMNcSrvr-bPMECCD4jwjIOEb4uqXL0CgRAmo5Wrxe5crPi6ptKTtMlyT-vbDrTVWRUFlET6r240pIlV0WBhxjp_wqkoOxsi5djUBEGgV0K6dGGOoJDKnFVafDUGXiR2vLRvwG6rTopub4atmYIqZOxwU5_vawCm-voNU14v39wXBBlZvZKEqs6m1QpS2C3dj5a49DwB7XIkf3rwiLwhi0as-d3tbqz9A9B0f8ZVKMxOQ2840zZjJt9u96zTu2H5Sz9eFiCYz4Zpy6nbIZfI0xgTb-wKnD-gfOBPgUpJrywsRfDEAmv1LlXY7ji3sCWgtLHXj_nTnh3XWTONelvZ4EPXIS0etVNbrPIo_Q4jawhiWPG90bB-Up7kRJwOMF_3n9d8RPow17xLw3UHo2797UjK8NiVZooQ-RYv04YPH3cJs9_y-8K9usRrA5fl-D5-H-gQw6-QqYhsgS99Eh-jbXKSCH93b63uu-CzCDz0poVFqizoJ-dU6-2uwE43Hpb6VOuUyeyFG6wLjQ6breKgeQk1V0Z3vGAfgnSdIHLb6eahcHAG6qo-ysawRHejHH0RJrUF_jIeZlNa4xZyo_Cjtk2is84ABvEcTyqz37uHaHTYLcZyEsmChuGcq_-Fpy0MEC6W7hirWhwfbjMeNJwb8Fnl-mOGUxCz-LyQgWNvhNvLWOEx72By7pF4jPZCxy1Js4Fxz7o6XLKM92Wg3OreTgH-04xPK6UUE_Ydet-19HhjNYK95gJ8he3QkgMh9WUfz2LXSfubT9lXrbFMo9t2b0yYfhimzTDZHKJR9nb8pojSRc3P9PVwufBITXZT0SoB-6wXd2Fni_WUNijoqGucLLuusAnIejF0eGSItUQYBEL8SXDDBs6ZVJCKPBI37KcYG1RTsEUcHobttXGHNX3TSshjLN3tgiKzQJZJ8rdTyG_Vjj0y4ctzM5MJ-1oauJNUYPbhQdMNmAkFHr53kHW7G2IWH0rauRMGtCfXt9W3KoVWFRX0Fx2oPpWtXKs5uS1y9k04Yk78QhvwzdlmWnrIg0vNeMhqTuwqt3-Ig8wcZwn0DSsaRZ6N9XvZ8nOMOV1wD82rHqd-k2_YEJkZdVDcONYzEGUzWymB63_8UWPQAV7aRUW-2FwRD1aBW_0_fxJP__k9cdGUeLACmHmBy1_afqUq9gUdikaUPSyKnALvWxO09Epwf50yiv8vjiqzt_IbSZmeNcFpsQuj5D7WXtCAcoFW-qtejFfkZxI98i_i7jrWoAnzXC6HVhukKebMzDkOWM8qrh34GFQ2yGbtcbJ2avdiJHhYV8cScsPyZjMOz7mu3kkOOeTkYuYsea6aBHA19j-98pXIOieJJWBYVzCpcvBLgr1v3SHsuGqe78Ek1TjQo4b4_cDomAbfvhFj1TSdn5riUu9CLRS1pRD3w088u-tvY9AjIqfRVqosxiGYCClVU7GdQdZQovMPCFwE2rJ6gU4N029gi5LzIECProVJFsopnBkWAZ_JaE_TYmTpyYnU0lsYUEDyO-uStSCnGHMeGXv-ZksEY_VwLkVicrWv8ldH6Syk9Pnn7Vn4HaSHiA5f2futfaFzD-qUQ_wjbE3ErysxgLlvq5J8dsyyIrzy6MfIDk7AEs2KG01Bg6aF-W6ysml1ZA7knAyyq97AWYVFzu6rxWFT0ULXPYr342RralhexKoFgaJljAWurso7PdUI0BmM4Sio9GcG0k5_vSSVW8EV4xOXEK8kbQcTeMxJcwajGT9OsUiyxuCZ95DvIUVl53Cl06s5kFtzjkefVFyybpkjv5BrwEuyXjGFn0IcsH-rgiHes2h0EGcfbtkKJYY82e4-40KyyiPxwjFRm5gL6BzHW_pBHWehz-YrQGFm3y4tRT0Ao8IAEJxbBYUVETo7VDm6qpW20_7wWgRlzc_BrQeauHI2knZ_T-PdIsSj_KEdrAFA1XRBbjMZRke-5Q1_jSBdVPfLICMPVveEZ8wqmME6irRnO-df38UAxyZd-_eEMATwLt9SxUJbhZtWJCiTsEcd58tAbWVwh0ntl30RwMwwiwyoyRJranyemNPXlQ6YOk3oVjtzRZL-oyz4YmFdNthd_CjTat25AC_rzqUFL2XT4dCbkCCt2Li4whcTf00iJiMaMYhIzB1jeRk9Sl9Ja-tbJTYOCjtIfUTO9vt-Qz2eBpRUM-ySn9MJ1iRzzuzGlGNlew7_sxOhThyeTiSs7R78lcTR8R8zXEi1DA8FysfgjkXsGmeRT49R0MZt4nKQjdlZAkmZdZQZrZ5-bqwzsbgqoLsL5trcxtj6CsvPi1cMDm_uHIj8ixZvGwD0ZinB3JY9MpWXPM_45ZBHxHYq_PyYc6FE5cwBtu1eicQKLyPcMmGdWvn5whhT56EfXy96E3jZX3O1B9XfsxNX9DCdorYBU0Neh66tkmpbbvIJXJ6QY_w6rT3kUPQYt7sAWsmw34tn2L89kpm06V71iWdRAH7Lkiw8pDCcMOgqa7Ag-fTFqB2ong5zt1hyOXitZTBVTLOaOuSk5RnnMawC55IvPF6tVHkIQIQ09PVKilQP8Rh7BJ_GzMx5ZHgTRrh-J4txdUF3iWTUGTvZdYbqdYV60_Gf8mMRQu9cOutZ4DTA40waUr2jdJDD9sZr37Tj_rT73VguyT_etEn5y0a0dBhuuh0zxW7r-uOOPdlOQzFiF-jKPGMvlepOVxo-AE2ymHtotBOFSi0u1wxyr1SbJSeoncgGpko0_KsKtdBfOkcUYcQb6BoZBLp0upoORKAyzlEygeA17sFtubfVoLSlDlQ&cid=CAASJORoQNWxl17Ol2rND_0Yr55f4JrhTHCobUna9aJyM7QTdZK-Xg&xfc=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuQA3hml1_NgeOvqK-6-GUmgMBUjNls_d4EWCRFOOsNzHyYxJejx9NIMRa-z5EfTH23wk0HKWE5w1Eext-BosclYvxc1P_l-7PCbOiGnQmkFreM_hIN5wPNBINEhGls_x485VkvL6X4aCztMfU5FJu2tkCOPCKzqYmo0qBZyAp7wU6WilC4fpDHxcb2tWE4N5uq-T4hADSLYYo2ocVaDX95ycZNt5FAjWzMzwR7SrpaYY7sCis4-PnRBCqYX9hqQL3gp8ihklkAVQ3o2J9SysBr6TWhWewGFoCoMSl6C3-Dvq3jlPdG1OWiqAoJhCMATI7rIrVUbwo6dau5MiO5Fx37-DUcmi8MHzjohyoTNC8%26sai%3DAMfl-YRvgsPwERRJfoJ0y-UI6Tw_x_bn8MxBo2fa5BGoul8M0GDB5Yne1aJAce7sP-cKOUFRMpoh5aE3FVKkVdE3NyyisdEussvg8JWyOlRJx-k0aioya5oNcFsukd6WRg%26sig%3DCg0ArKJSzOnmkYQ4X6kDEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&rfl=2%2Chttps%253A%252F%252Fglamour.globo.com%242%2Chttps%253A%252F%252Fglamour.globo.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:04:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
571
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
server
cafe
etag
10563440404697844360
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Sep 2022 05:04:28 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame 4BB2 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWrecHM4KXw0RYSoZJZ-XRql5t5QfjZngzAExTJAthGohIWxZqaKk7m0RPPCrIZQYrn7sxwpAX8v957jRGW45rjsto1id6LeV3z8-i28hDreo6hOA3GxUCTq9mG9LmZQEsOOa85ZgSNnQpzRNcCc_vwgelJQ&dbm_d=AKAmf-CNMEGfe_wChdtkFLgintQ2qGPXIq8N9ExM6TytY8zjLTlhi_mEVNU0mB0cITYGGEgubLfHkZiReNCmEjZzvCLVhB4kKQ3AGDZrvNoBieKeyOH7t30-posGq7jFdJxzGeP_oeqK8gGHmKhj4WlrLgLwcQiSC3D6CePkZwg_3ecRDDp3z6f0tdDMtNtAWkZd72-VnqJCUpE0fem5yyWH8pNAzVMY7AhZlWQ55w0NUmG1vQWrLnlafOkDWZWYXETJqIsywvpeQ7YD9cBwjeR3rV5lUlAE_Q9ioeDAExV6wekomiyJkEln-7XSsNdEV7ds0DdxMHcfOCAYnkECS_vtFzBe9fxn0QLJvjwTq5__wgAcHyMzB-trLJ5BpLtbEbz6CdbYAHypNsWKSmA0qrcbUcWksaoZffijqVJPbB1JSjhZF5O4Zob8HS73NLepAM92Xw1mnQdOIPzTscTsbIqAdSGfSKjB_4YcBvL2gSykkhBzQxOhoRjKyt0xY41UIoPhdnw3A5bqNDDeEnH0836bH5G36aueuej4hJI8XE6qpqjHEPHqYV-sWCEomc8izVlRO8U-T_MsiMoSuE8NECRgL5xWyeWeNZ-7WEY41V1-X7kKs0Msy2gzY33MJ3O3qf-BVPpiqiyr_BFWeneb4CHAqdsD1iqTgaJ-4Gxm-8ZX7H4HzGl68Xf3con20e3ih4BvSkwfcOF2jdntnXWvTAnM3PDC2xHjTlDRvVd3lXT0QuTD1jNSJLSHc7WQUeEhHzqTvOWBwnsnxAZ3HHfe2tfq0pGlzOOGUl3Nlunq6VzAlrPyQ5nnBwKnEJj5BJJBp8_kIx04842Kp1c5BlIgJ6J3d_CkpeijejFs52dMhi7SIXXnXizg91Ofh4FKzobLD2uCnRc6lhseBtYZXqozb6Daqpa7QyQP01ga-x8Xm5eZPtl5nWR1WFPMvz2KkEETNf8-jtsLVy88f6zZKmO7tAhnGnbqy1-R6LzXMAGkjcXkY5EEvnRfOplDj4cyBdy8g1LUORkNCbjMRXeaSkMFMKWmqrz2wmhuoQXS8zVF70niOycfjQ-QnR5LrrWVNygZYci-BmtugZxwrACTcciCxzsrHGBi7FQyo2ZuZtVCpg4f9nf4pI6H1QiA4A1_lIytARm8XvQgWepEcHLpN9RuqQ-vrGZmNQ26VMW4SexcNB9yDgHaTnu2FB-wgai4I9IK7vMPbsgjFAxmNt46cAQCT6lZ4ufQ69X_F8XeIYhnOzGDfH4z-xAfYdJS4AH1K7QgIhy6087NyXDVTLo5V8x5nr0P6qwt9J7yCA0ivmQvBeySJ8SRmwRW54uDZ-0UktkZfmQ5XwrJMKNIwwuQDPTYXFkRc3dR5cwqYvfNliFgGNseN5KVx9kfh0Rl1a2W6NmJ_jyQQ2kz-aoZ9DQbOjwcmls9T1mG1K6uPZM--laoXcvBLxTiF7ICX8Del8EBDecoquGb5YfrLeuRg3WnHPiwHOyxfUrQXZMgzaePKfKdE0kIsl2uc31_uFDrlcBEDiTw6b7BUnzGwFYapakZIrMkJm0IxaaglP_J0NG1u5_BOE6zTUmTjWUeqcokxQehTRq9PvOiE75ZpmMANUHNavWe-rQZCq7sKYPPnVNus84S5BAbesN3a7W3t764v7fbNl1yQto2kvprakFzJjVAX6APAkxG5jYFyd7dGvIPdBx8uEB3SpwT7lqkYIEVC2d-zUmt1kXFPZMG8BMYGR0OZzgpTO3QWrNa9m1z3_d3J3KCYo7mQk8CMn70NWx3IoVX4S3wLkqAGtF7o5_f9WcKOKTb1_LUauBbM6ACzwEzkAfYQe5v9yEwHytd4H59HskajwPHYcYytIULH_hIo54kDmhx-PV7xTS9naGFN9uYbgH6LCqQdwfcj27lY2WqW1bDhZq2QQbu9qnQedMzVAplyH6vxh9UDMNAsILzTaRv1lk13cdqPGau0tQfUCvVA85_UBh7NeIztJ1PWb-BOrAnyFl43lHzpXMXsXPqOgdoBeMoHZxdcJ10Ecib9TPwmBw6Awu7T92kq0Pc3BWQimbwBJ3fk7_MfT_tqUPdi_s-fZZy-Ql4dtVjLLHnRmf_XcI0OcID05KgZ-CWM1k-Akha5sLN1mn9zg8HpiT0qtJW6sLp_4qD9ByGSeHA8yjtFMNcSrvr-bPMECCD4jwjIOEb4uqXL0CgRAmo5Wrxe5crPi6ptKTtMlyT-vbDrTVWRUFlET6r240pIlV0WBhxjp_wqkoOxsi5djUBEGgV0K6dGGOoJDKnFVafDUGXiR2vLRvwG6rTopub4atmYIqZOxwU5_vawCm-voNU14v39wXBBlZvZKEqs6m1QpS2C3dj5a49DwB7XIkf3rwiLwhi0as-d3tbqz9A9B0f8ZVKMxOQ2840zZjJt9u96zTu2H5Sz9eFiCYz4Zpy6nbIZfI0xgTb-wKnD-gfOBPgUpJrywsRfDEAmv1LlXY7ji3sCWgtLHXj_nTnh3XWTONelvZ4EPXIS0etVNbrPIo_Q4jawhiWPG90bB-Up7kRJwOMF_3n9d8RPow17xLw3UHo2797UjK8NiVZooQ-RYv04YPH3cJs9_y-8K9usRrA5fl-D5-H-gQw6-QqYhsgS99Eh-jbXKSCH93b63uu-CzCDz0poVFqizoJ-dU6-2uwE43Hpb6VOuUyeyFG6wLjQ6breKgeQk1V0Z3vGAfgnSdIHLb6eahcHAG6qo-ysawRHejHH0RJrUF_jIeZlNa4xZyo_Cjtk2is84ABvEcTyqz37uHaHTYLcZyEsmChuGcq_-Fpy0MEC6W7hirWhwfbjMeNJwb8Fnl-mOGUxCz-LyQgWNvhNvLWOEx72By7pF4jPZCxy1Js4Fxz7o6XLKM92Wg3OreTgH-04xPK6UUE_Ydet-19HhjNYK95gJ8he3QkgMh9WUfz2LXSfubT9lXrbFMo9t2b0yYfhimzTDZHKJR9nb8pojSRc3P9PVwufBITXZT0SoB-6wXd2Fni_WUNijoqGucLLuusAnIejF0eGSItUQYBEL8SXDDBs6ZVJCKPBI37KcYG1RTsEUcHobttXGHNX3TSshjLN3tgiKzQJZJ8rdTyG_Vjj0y4ctzM5MJ-1oauJNUYPbhQdMNmAkFHr53kHW7G2IWH0rauRMGtCfXt9W3KoVWFRX0Fx2oPpWtXKs5uS1y9k04Yk78QhvwzdlmWnrIg0vNeMhqTuwqt3-Ig8wcZwn0DSsaRZ6N9XvZ8nOMOV1wD82rHqd-k2_YEJkZdVDcONYzEGUzWymB63_8UWPQAV7aRUW-2FwRD1aBW_0_fxJP__k9cdGUeLACmHmBy1_afqUq9gUdikaUPSyKnALvWxO09Epwf50yiv8vjiqzt_IbSZmeNcFpsQuj5D7WXtCAcoFW-qtejFfkZxI98i_i7jrWoAnzXC6HVhukKebMzDkOWM8qrh34GFQ2yGbtcbJ2avdiJHhYV8cScsPyZjMOz7mu3kkOOeTkYuYsea6aBHA19j-98pXIOieJJWBYVzCpcvBLgr1v3SHsuGqe78Ek1TjQo4b4_cDomAbfvhFj1TSdn5riUu9CLRS1pRD3w088u-tvY9AjIqfRVqosxiGYCClVU7GdQdZQovMPCFwE2rJ6gU4N029gi5LzIECProVJFsopnBkWAZ_JaE_TYmTpyYnU0lsYUEDyO-uStSCnGHMeGXv-ZksEY_VwLkVicrWv8ldH6Syk9Pnn7Vn4HaSHiA5f2futfaFzD-qUQ_wjbE3ErysxgLlvq5J8dsyyIrzy6MfIDk7AEs2KG01Bg6aF-W6ysml1ZA7knAyyq97AWYVFzu6rxWFT0ULXPYr342RralhexKoFgaJljAWurso7PdUI0BmM4Sio9GcG0k5_vSSVW8EV4xOXEK8kbQcTeMxJcwajGT9OsUiyxuCZ95DvIUVl53Cl06s5kFtzjkefVFyybpkjv5BrwEuyXjGFn0IcsH-rgiHes2h0EGcfbtkKJYY82e4-40KyyiPxwjFRm5gL6BzHW_pBHWehz-YrQGFm3y4tRT0Ao8IAEJxbBYUVETo7VDm6qpW20_7wWgRlzc_BrQeauHI2knZ_T-PdIsSj_KEdrAFA1XRBbjMZRke-5Q1_jSBdVPfLICMPVveEZ8wqmME6irRnO-df38UAxyZd-_eEMATwLt9SxUJbhZtWJCiTsEcd58tAbWVwh0ntl30RwMwwiwyoyRJranyemNPXlQ6YOk3oVjtzRZL-oyz4YmFdNthd_CjTat25AC_rzqUFL2XT4dCbkCCt2Li4whcTf00iJiMaMYhIzB1jeRk9Sl9Ja-tbJTYOCjtIfUTO9vt-Qz2eBpRUM-ySn9MJ1iRzzuzGlGNlew7_sxOhThyeTiSs7R78lcTR8R8zXEi1DA8FysfgjkXsGmeRT49R0MZt4nKQjdlZAkmZdZQZrZ5-bqwzsbgqoLsL5trcxtj6CsvPi1cMDm_uHIj8ixZvGwD0ZinB3JY9MpWXPM_45ZBHxHYq_PyYc6FE5cwBtu1eicQKLyPcMmGdWvn5whhT56EfXy96E3jZX3O1B9XfsxNX9DCdorYBU0Neh66tkmpbbvIJXJ6QY_w6rT3kUPQYt7sAWsmw34tn2L89kpm06V71iWdRAH7Lkiw8pDCcMOgqa7Ag-fTFqB2ong5zt1hyOXitZTBVTLOaOuSk5RnnMawC55IvPF6tVHkIQIQ09PVKilQP8Rh7BJ_GzMx5ZHgTRrh-J4txdUF3iWTUGTvZdYbqdYV60_Gf8mMRQu9cOutZ4DTA40waUr2jdJDD9sZr37Tj_rT73VguyT_etEn5y0a0dBhuuh0zxW7r-uOOPdlOQzFiF-jKPGMvlepOVxo-AE2ymHtotBOFSi0u1wxyr1SbJSeoncgGpko0_KsKtdBfOkcUYcQb6BoZBLp0upoORKAyzlEygeA17sFtubfVoLSlDlQ&cid=CAASJORoQNWxl17Ol2rND_0Yr55f4JrhTHCobUna9aJyM7QTdZK-Xg&xfc=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuQA3hml1_NgeOvqK-6-GUmgMBUjNls_d4EWCRFOOsNzHyYxJejx9NIMRa-z5EfTH23wk0HKWE5w1Eext-BosclYvxc1P_l-7PCbOiGnQmkFreM_hIN5wPNBINEhGls_x485VkvL6X4aCztMfU5FJu2tkCOPCKzqYmo0qBZyAp7wU6WilC4fpDHxcb2tWE4N5uq-T4hADSLYYo2ocVaDX95ycZNt5FAjWzMzwR7SrpaYY7sCis4-PnRBCqYX9hqQL3gp8ihklkAVQ3o2J9SysBr6TWhWewGFoCoMSl6C3-Dvq3jlPdG1OWiqAoJhCMATI7rIrVUbwo6dau5MiO5Fx37-DUcmi8MHzjohyoTNC8%26sai%3DAMfl-YRvgsPwERRJfoJ0y-UI6Tw_x_bn8MxBo2fa5BGoul8M0GDB5Yne1aJAce7sP-cKOUFRMpoh5aE3FVKkVdE3NyyisdEussvg8JWyOlRJx-k0aioya5oNcFsukd6WRg%26sig%3DCg0ArKJSzOnmkYQ4X6kDEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&rfl=2%2Chttps%253A%252F%252Fglamour.globo.com%242%2Chttps%253A%252F%252Fglamour.globo.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:00:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
783
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Sep 2022 05:00:56 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4BB2 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuqXf9XqJ0RvsGLrh0GNOV79tbQKF6vQ78g5RNGSp8d_8Q4dRCqn1t3WxPp9xy0I7-XjRGHrsye8Ftq0XefQuwY8MUu2ErhWKAZURKDYo6fLKPl18x3VLmXpEPQxeTXm8eN6xOaGZCN82Pwf12cnfGVd9IpHluh8lYglBvPCARCuzmbTKcXCltMfezlANBIch0AkNwO9eHgYi30qGG5_PZ4I5VK494hK2QRwSizm-M9Uo-sR2-STmlkU00HADxRVHGfmGW1BJPWFGbOgTZDFASDTxHg7wemDmkwCPGfD76NsFlXVGIvM4ksjRoo4fOcxNlHNpGpaBM3lKzncn74eHTOQ-JhKaSkSKD8SmvJQ4r5QRBvC6oTSNqm09nEV7AjTxR1eNKOO91G-7ZoILI-fWdafH_0xuzsnoQVMW3iI1UPF_I0RLbaWLqYfPAUYi8DqDEQkR_RjuDNmvFw2NBOSaXU-oETysiPyogyiiZ3kEP_iEpDarA0ZlBjKjb_5AHHsXFpS5bWVZKPJPsmwJR5bz2-pF3fn_a8_Dv8AiNskMxL8K9oTh5j419lCRX5Scp-PBoFL9T8cQ7UGMtWpc6bW-LDF8bu_7a8_ZrvGNGYD8SuaVLZIlXiPn_smZLC_ohUcHxqlKnKZtkFdoSx0k-h9sPuHUramZ7OgzmNy9zb0EKwoduD42pzSWZTSe-ccUyvJ265753bMSrbRLDcv_5J4N_1HxkJ2GgibD-lsLH3ckCCunj9oEeg-vVTQ3eJh1-IaxzIW8pC6qp4PqkH6yg0LQQRSF_AnA-vXP56VF_Lv2rKyVcaeFTlvNF20S69TFVaMh3-oL5XGWi5SoMXJruFlpAfefx04ptVU9rncX3lUz4wgSG3mYzxoek4Q_N3sqcR4Xhq1L1RzXD_XFNRPVgzBVG7i4CWC9HU0BtXWWo1qSTDXTKN92KztFkHP2M-dvNIXSxOe58WPvIUrQSLQlu8gqb4CnOuQz3lZEduX04zBTr-7yoH-nmpEHAfUkq_vBmnFHBSgaZH8UOh6AtQ739pJk0LeNw0obvD_aQuJm2ofzTlc0ck4pNu_q3WMlSJTLvzwOZ3Mf7hjw3Mxcsu6OZG1JbUJEDALpzQXRF2Pys20mbjE7Ur8rG9hbO5xltFNG4Dw_7vdQEa4fVlwplFFmp6ekrqgg6z-KEfYKdEY4Z31TbGhNPTstpYSvyz-NcUUUbeBAVqlnh3I4q4BHpzwRkcygKR3qTbBazw47isnS8ITVZboKj9Vi1O4mmdAaghzURjI2DH7DMOE2e6B4e6a6XAczI4HqEXLlvxR4jgo5m61LKDxhxW9lUq3NxIqKss1jaT8Pj9TgQpDRuq9uasjh6gp05MzeqVvYApRX60oiQf8YQ439mryGJUonYWf05lQCNssyG-LH6uc9h_nGEjFUReBRaWTC5x_hcCU4T_5ABKFfSAT1Az_09IDBd3A6ewhmDsnuF_K2KoLWKVla-dAYmcUW-E-OAPdbHoDnk6Ekwu0fraEt15B02Pk86fL9HXPbMosm4-n9X2FT-Wer6DCkditilXBSVTYG85GHmEFAWwJhNb2NCTwmJf1mZQifuKH6YNcmd81oiI8yh6n7Ff-5rK4vaBqbOyTY3jtAfCrifp_3MdUUtMH-weT8C9urY5mj7Vk1ibMNoIhA&sai=AMfl-YR_jh0L1GhKkZ_U84SlsuhGxUiBijkCuMjhdLixvLvHzMb0LhZLTRjBZx0my6GfiQRb5XqiLm9-vkkO2yiufSAlS7c1gpczrtGb6KMy91ihWA4sYFycTJNqxeqt3zfkic4ejK1aP0z6UYK2WgMVf5JyEwizNLZi0LmjnP_WQP0Ur_v4mmv3jhKRJKiWqQwylDmJKjjZgTuKYS9b8vZljUx_IVGzxSTjoGpkyZV4B23TAfG-rSfB3XgMN-J6um_i3OdK1RyBsl4PM-ah8rgIUDoMwG9dES9bzldBZxp2bBTRqenvqWn8sQaiMRopTkUmSVabNvIrZu4ZWWR85vNBqIAYjFjarjFUlhsdag&sig=Cg0ArKJSzJ_w4io6dWHiEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20220822.47774&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWrecHM4KXw0RYSoZJZ-XRql5t5QfjZngzAExTJAthGohIWxZqaKk7m0RPPCrIZQYrn7sxwpAX8v957jRGW45rjsto1id6LeV3z8-i28hDreo6hOA3GxUCTq9mG9LmZQEsOOa85ZgSNnQpzRNcCc_vwgelJQ&dbm_d=AKAmf-CNMEGfe_wChdtkFLgintQ2qGPXIq8N9ExM6TytY8zjLTlhi_mEVNU0mB0cITYGGEgubLfHkZiReNCmEjZzvCLVhB4kKQ3AGDZrvNoBieKeyOH7t30-posGq7jFdJxzGeP_oeqK8gGHmKhj4WlrLgLwcQiSC3D6CePkZwg_3ecRDDp3z6f0tdDMtNtAWkZd72-VnqJCUpE0fem5yyWH8pNAzVMY7AhZlWQ55w0NUmG1vQWrLnlafOkDWZWYXETJqIsywvpeQ7YD9cBwjeR3rV5lUlAE_Q9ioeDAExV6wekomiyJkEln-7XSsNdEV7ds0DdxMHcfOCAYnkECS_vtFzBe9fxn0QLJvjwTq5__wgAcHyMzB-trLJ5BpLtbEbz6CdbYAHypNsWKSmA0qrcbUcWksaoZffijqVJPbB1JSjhZF5O4Zob8HS73NLepAM92Xw1mnQdOIPzTscTsbIqAdSGfSKjB_4YcBvL2gSykkhBzQxOhoRjKyt0xY41UIoPhdnw3A5bqNDDeEnH0836bH5G36aueuej4hJI8XE6qpqjHEPHqYV-sWCEomc8izVlRO8U-T_MsiMoSuE8NECRgL5xWyeWeNZ-7WEY41V1-X7kKs0Msy2gzY33MJ3O3qf-BVPpiqiyr_BFWeneb4CHAqdsD1iqTgaJ-4Gxm-8ZX7H4HzGl68Xf3con20e3ih4BvSkwfcOF2jdntnXWvTAnM3PDC2xHjTlDRvVd3lXT0QuTD1jNSJLSHc7WQUeEhHzqTvOWBwnsnxAZ3HHfe2tfq0pGlzOOGUl3Nlunq6VzAlrPyQ5nnBwKnEJj5BJJBp8_kIx04842Kp1c5BlIgJ6J3d_CkpeijejFs52dMhi7SIXXnXizg91Ofh4FKzobLD2uCnRc6lhseBtYZXqozb6Daqpa7QyQP01ga-x8Xm5eZPtl5nWR1WFPMvz2KkEETNf8-jtsLVy88f6zZKmO7tAhnGnbqy1-R6LzXMAGkjcXkY5EEvnRfOplDj4cyBdy8g1LUORkNCbjMRXeaSkMFMKWmqrz2wmhuoQXS8zVF70niOycfjQ-QnR5LrrWVNygZYci-BmtugZxwrACTcciCxzsrHGBi7FQyo2ZuZtVCpg4f9nf4pI6H1QiA4A1_lIytARm8XvQgWepEcHLpN9RuqQ-vrGZmNQ26VMW4SexcNB9yDgHaTnu2FB-wgai4I9IK7vMPbsgjFAxmNt46cAQCT6lZ4ufQ69X_F8XeIYhnOzGDfH4z-xAfYdJS4AH1K7QgIhy6087NyXDVTLo5V8x5nr0P6qwt9J7yCA0ivmQvBeySJ8SRmwRW54uDZ-0UktkZfmQ5XwrJMKNIwwuQDPTYXFkRc3dR5cwqYvfNliFgGNseN5KVx9kfh0Rl1a2W6NmJ_jyQQ2kz-aoZ9DQbOjwcmls9T1mG1K6uPZM--laoXcvBLxTiF7ICX8Del8EBDecoquGb5YfrLeuRg3WnHPiwHOyxfUrQXZMgzaePKfKdE0kIsl2uc31_uFDrlcBEDiTw6b7BUnzGwFYapakZIrMkJm0IxaaglP_J0NG1u5_BOE6zTUmTjWUeqcokxQehTRq9PvOiE75ZpmMANUHNavWe-rQZCq7sKYPPnVNus84S5BAbesN3a7W3t764v7fbNl1yQto2kvprakFzJjVAX6APAkxG5jYFyd7dGvIPdBx8uEB3SpwT7lqkYIEVC2d-zUmt1kXFPZMG8BMYGR0OZzgpTO3QWrNa9m1z3_d3J3KCYo7mQk8CMn70NWx3IoVX4S3wLkqAGtF7o5_f9WcKOKTb1_LUauBbM6ACzwEzkAfYQe5v9yEwHytd4H59HskajwPHYcYytIULH_hIo54kDmhx-PV7xTS9naGFN9uYbgH6LCqQdwfcj27lY2WqW1bDhZq2QQbu9qnQedMzVAplyH6vxh9UDMNAsILzTaRv1lk13cdqPGau0tQfUCvVA85_UBh7NeIztJ1PWb-BOrAnyFl43lHzpXMXsXPqOgdoBeMoHZxdcJ10Ecib9TPwmBw6Awu7T92kq0Pc3BWQimbwBJ3fk7_MfT_tqUPdi_s-fZZy-Ql4dtVjLLHnRmf_XcI0OcID05KgZ-CWM1k-Akha5sLN1mn9zg8HpiT0qtJW6sLp_4qD9ByGSeHA8yjtFMNcSrvr-bPMECCD4jwjIOEb4uqXL0CgRAmo5Wrxe5crPi6ptKTtMlyT-vbDrTVWRUFlET6r240pIlV0WBhxjp_wqkoOxsi5djUBEGgV0K6dGGOoJDKnFVafDUGXiR2vLRvwG6rTopub4atmYIqZOxwU5_vawCm-voNU14v39wXBBlZvZKEqs6m1QpS2C3dj5a49DwB7XIkf3rwiLwhi0as-d3tbqz9A9B0f8ZVKMxOQ2840zZjJt9u96zTu2H5Sz9eFiCYz4Zpy6nbIZfI0xgTb-wKnD-gfOBPgUpJrywsRfDEAmv1LlXY7ji3sCWgtLHXj_nTnh3XWTONelvZ4EPXIS0etVNbrPIo_Q4jawhiWPG90bB-Up7kRJwOMF_3n9d8RPow17xLw3UHo2797UjK8NiVZooQ-RYv04YPH3cJs9_y-8K9usRrA5fl-D5-H-gQw6-QqYhsgS99Eh-jbXKSCH93b63uu-CzCDz0poVFqizoJ-dU6-2uwE43Hpb6VOuUyeyFG6wLjQ6breKgeQk1V0Z3vGAfgnSdIHLb6eahcHAG6qo-ysawRHejHH0RJrUF_jIeZlNa4xZyo_Cjtk2is84ABvEcTyqz37uHaHTYLcZyEsmChuGcq_-Fpy0MEC6W7hirWhwfbjMeNJwb8Fnl-mOGUxCz-LyQgWNvhNvLWOEx72By7pF4jPZCxy1Js4Fxz7o6XLKM92Wg3OreTgH-04xPK6UUE_Ydet-19HhjNYK95gJ8he3QkgMh9WUfz2LXSfubT9lXrbFMo9t2b0yYfhimzTDZHKJR9nb8pojSRc3P9PVwufBITXZT0SoB-6wXd2Fni_WUNijoqGucLLuusAnIejF0eGSItUQYBEL8SXDDBs6ZVJCKPBI37KcYG1RTsEUcHobttXGHNX3TSshjLN3tgiKzQJZJ8rdTyG_Vjj0y4ctzM5MJ-1oauJNUYPbhQdMNmAkFHr53kHW7G2IWH0rauRMGtCfXt9W3KoVWFRX0Fx2oPpWtXKs5uS1y9k04Yk78QhvwzdlmWnrIg0vNeMhqTuwqt3-Ig8wcZwn0DSsaRZ6N9XvZ8nOMOV1wD82rHqd-k2_YEJkZdVDcONYzEGUzWymB63_8UWPQAV7aRUW-2FwRD1aBW_0_fxJP__k9cdGUeLACmHmBy1_afqUq9gUdikaUPSyKnALvWxO09Epwf50yiv8vjiqzt_IbSZmeNcFpsQuj5D7WXtCAcoFW-qtejFfkZxI98i_i7jrWoAnzXC6HVhukKebMzDkOWM8qrh34GFQ2yGbtcbJ2avdiJHhYV8cScsPyZjMOz7mu3kkOOeTkYuYsea6aBHA19j-98pXIOieJJWBYVzCpcvBLgr1v3SHsuGqe78Ek1TjQo4b4_cDomAbfvhFj1TSdn5riUu9CLRS1pRD3w088u-tvY9AjIqfRVqosxiGYCClVU7GdQdZQovMPCFwE2rJ6gU4N029gi5LzIECProVJFsopnBkWAZ_JaE_TYmTpyYnU0lsYUEDyO-uStSCnGHMeGXv-ZksEY_VwLkVicrWv8ldH6Syk9Pnn7Vn4HaSHiA5f2futfaFzD-qUQ_wjbE3ErysxgLlvq5J8dsyyIrzy6MfIDk7AEs2KG01Bg6aF-W6ysml1ZA7knAyyq97AWYVFzu6rxWFT0ULXPYr342RralhexKoFgaJljAWurso7PdUI0BmM4Sio9GcG0k5_vSSVW8EV4xOXEK8kbQcTeMxJcwajGT9OsUiyxuCZ95DvIUVl53Cl06s5kFtzjkefVFyybpkjv5BrwEuyXjGFn0IcsH-rgiHes2h0EGcfbtkKJYY82e4-40KyyiPxwjFRm5gL6BzHW_pBHWehz-YrQGFm3y4tRT0Ao8IAEJxbBYUVETo7VDm6qpW20_7wWgRlzc_BrQeauHI2knZ_T-PdIsSj_KEdrAFA1XRBbjMZRke-5Q1_jSBdVPfLICMPVveEZ8wqmME6irRnO-df38UAxyZd-_eEMATwLt9SxUJbhZtWJCiTsEcd58tAbWVwh0ntl30RwMwwiwyoyRJranyemNPXlQ6YOk3oVjtzRZL-oyz4YmFdNthd_CjTat25AC_rzqUFL2XT4dCbkCCt2Li4whcTf00iJiMaMYhIzB1jeRk9Sl9Ja-tbJTYOCjtIfUTO9vt-Qz2eBpRUM-ySn9MJ1iRzzuzGlGNlew7_sxOhThyeTiSs7R78lcTR8R8zXEi1DA8FysfgjkXsGmeRT49R0MZt4nKQjdlZAkmZdZQZrZ5-bqwzsbgqoLsL5trcxtj6CsvPi1cMDm_uHIj8ixZvGwD0ZinB3JY9MpWXPM_45ZBHxHYq_PyYc6FE5cwBtu1eicQKLyPcMmGdWvn5whhT56EfXy96E3jZX3O1B9XfsxNX9DCdorYBU0Neh66tkmpbbvIJXJ6QY_w6rT3kUPQYt7sAWsmw34tn2L89kpm06V71iWdRAH7Lkiw8pDCcMOgqa7Ag-fTFqB2ong5zt1hyOXitZTBVTLOaOuSk5RnnMawC55IvPF6tVHkIQIQ09PVKilQP8Rh7BJ_GzMx5ZHgTRrh-J4txdUF3iWTUGTvZdYbqdYV60_Gf8mMRQu9cOutZ4DTA40waUr2jdJDD9sZr37Tj_rT73VguyT_etEn5y0a0dBhuuh0zxW7r-uOOPdlOQzFiF-jKPGMvlepOVxo-AE2ymHtotBOFSi0u1wxyr1SbJSeoncgGpko0_KsKtdBfOkcUYcQb6BoZBLp0upoORKAyzlEygeA17sFtubfVoLSlDlQ&cid=CAASJORoQNWxl17Ol2rND_0Yr55f4JrhTHCobUna9aJyM7QTdZK-Xg&xfc=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuQA3hml1_NgeOvqK-6-GUmgMBUjNls_d4EWCRFOOsNzHyYxJejx9NIMRa-z5EfTH23wk0HKWE5w1Eext-BosclYvxc1P_l-7PCbOiGnQmkFreM_hIN5wPNBINEhGls_x485VkvL6X4aCztMfU5FJu2tkCOPCKzqYmo0qBZyAp7wU6WilC4fpDHxcb2tWE4N5uq-T4hADSLYYo2ocVaDX95ycZNt5FAjWzMzwR7SrpaYY7sCis4-PnRBCqYX9hqQL3gp8ihklkAVQ3o2J9SysBr6TWhWewGFoCoMSl6C3-Dvq3jlPdG1OWiqAoJhCMATI7rIrVUbwo6dau5MiO5Fx37-DUcmi8MHzjohyoTNC8%26sai%3DAMfl-YRvgsPwERRJfoJ0y-UI6Tw_x_bn8MxBo2fa5BGoul8M0GDB5Yne1aJAce7sP-cKOUFRMpoh5aE3FVKkVdE3NyyisdEussvg8JWyOlRJx-k0aioya5oNcFsukd6WRg%26sig%3DCg0ArKJSzOnmkYQ4X6kDEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&rfl=2%2Chttps%253A%252F%252Fglamour.globo.com%242%2Chttps%253A%252F%252Fglamour.globo.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 25 Aug 2022 05:14:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dot.gif
s0.2mdn.net/ Frame 4BB2 		43 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif
Requested by
Host: 9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com
URL: https://9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 13:05:11 GMT
x-content-type-options
nosniff
age
58128
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 25 Aug 2022 13:05:11 GMT
sid
mug.criteo.com/ Frame EED5
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=globo.com&sn=ChromeSyncframe&so=3&topUrl=glamour.globo.com&bundle=i5QzMF92NXpJUjJwNG85cjlzZHpZYTQzcTRFJTJGSGJJQzd4emR4aHF1JTJCQ051SW5HS...
  • https://mug.criteo.com/sid?cpp=7qw493xzUFZVM0hUSll3VHhTL0k3M0c1MGhYQWJoSURLRWpaWUc2MzVteURxZGV5RlA2Qk1EWng5Z0xLWit3WFVSckk2YWRGNE1IUW1Samg0NXpPeWRmOTFHUlh4ZGpaak9jYTU5UEZ4ZmNMcEJoUEhNdHNleHV1bWIxaX...
431 B
631 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=7qw493xzUFZVM0hUSll3VHhTL0k3M0c1MGhYQWJoSURLRWpaWUc2MzVteURxZGV5RlA2Qk1EWng5Z0xLWit3WFVSckk2YWRGNE1IUW1Samg0NXpPeWRmOTFHUlh4ZGpaak9jYTU5UEZ4ZmNMcEJoUEhNdHNleHV1bWIxaXI0WnpRaytyU2UvQVBYTVNoR244NzMyQXEyVXROQXk3bnpQczRyanpYcVJ5YmkrZER5bVhYK3pOaHdsYk1qdDdTcmdTRyt5cEcvWTU4RTdabS9va1c0bnpZWDlXSlptVEpOdjRvRndoUXBwMm5aSnBzeU1BK2tBTFZ2ODkrZ1YrK1JXR3BmZGkzVW5oRG1QRDRQQWs1RW5IcVk5bzc4Zz09fA&cppv=2
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
9e6896478a9358eb1c51ca9ea80ca957b0722427ebe29bcdb601ecff06423fc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3952
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=7qw493xzUFZVM0hUSll3VHhTL0k3M0c1MGhYQWJoSURLRWpaWUc2MzVteURxZGV5RlA2Qk1EWng5Z0xLWit3WFVSckk2YWRGNE1IUW1Samg0NXpPeWRmOTFHUlh4ZGpaak9jYTU5UEZ4ZmNMcEJoUEhNdHNleHV1bWIxaXI0WnpRaytyU2UvQVBYTVNoR244NzMyQXEyVXROQXk3bnpQczRyanpYcVJ5YmkrZER5bVhYK3pOaHdsYk1qdDdTcmdTRyt5cEcvWTU4RTdabS9va1c0bnpZWDlXSlptVEpOdjRvRndoUXBwMm5aSnBzeU1BK2tBTFZ2ODkrZ1YrK1JXR3BmZGkzVW5oRG1QRDRQQWs1RW5IcVk5bzc4Zz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1469
content-length
541
expires
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame 3F1E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YwcFFgAGgokIaAY0AAAnMNxKp9bCD7dQ1Ixnqw&u=%7CdPGRhl%2B7%2BMWgpPFIpCJqMtCJIuSB7aEzylITgSDLOdw%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MTceYYGR9Jp5gwJSFuY1ZhN1_Ei2GJq8gd_G0tw1r14hnbYpVmvZEeZ3grlLUx-z4YYgXcAXP-xm45dOpRMTQ2S5iczFkxYc4DVGYC46ATP-k6EYWtuYZ03Fn2IUxSqnA_ihx5X8BFdchR5NyXI4oYxBTP2vLFJ5UMkfKCLc84eaNK2weWxmJ71gTfmFr8odm5bxqiOQJ--htYWPUtQ7RKgLoSbTX6T59wBkzS5n5CjsxYsz6Cs9dCgWg904mlqCZzn9F_BGivAe1umNo23lypsKXgoF0-WcHUiCJBaJJm13slpbs8eEc1FyD8sMMR46ul6bAZOhIsMZyQwgNT9Rc1vQ9KulDUKYGLE_O4T_q71i1dk-CTLivbkQd8NiriMGMz4oD1Uj0l3d6g9UZ3wHDOqD9RBRmTkxUKli2P7duAyr0zhZFthEV5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTXExFgUHY4mFGrSMoPMPsM6AuAecge-wXNqkqap0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN6ABrN3-6APIAQngAgCoAwGqBNQCT9DBe3BZCAmn095o1iZouRKGQHDII5v-6LFV0nXaKTdGgkpaKzANBAqC5gW_mk3z7OXElD4oa-YJ4kAMQMRerD2-_XB52qxxOfsLXCsJT8BaFEmWq3WE0JKS_jgO8WM1wCJRDc7rXco8ACI66A4Y-E4Ade9Fqbg24omZB7vHKkQ14Qvpyn6PkoIfi_Kj5dKUoyuX_O8V-4jFqjJxaWdz1eZ7jZ29K2rqOBvCQcPLXW_3RT_qtEmNLkS0LfmikJe0lJOdPFjmR2lDGN2dlyOsT3XGggo6FntlmBPAEH8q8IIu4RBn2gPpBGXWW47nZMqdEB0p-Gk2u16ro0T9lzyza6zdWOY2QeAUSt5LoG80ZKFlx1mb_EHkmYjuD7g3PGE8Xow-dROFmlJXWaCak2gL4Cozx_xj2hyqt6qcKSqXc9GZQZSbSwZFA30QjYN6gRTPlZXkvOAEAYAG8svvvtjL7-1JoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1BBFSwNw0F-QD9vVwmK83CozIVhQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Aug 2023 05:13:59 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 3F1E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YwcFFgAGgokIaAY0AAAnMNxKp9bCD7dQ1Ixnqw&u=%7CdPGRhl%2B7%2BMWgpPFIpCJqMtCJIuSB7aEzylITgSDLOdw%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MTceYYGR9Jp5gwJSFuY1ZhN1_Ei2GJq8gd_G0tw1r14hnbYpVmvZEeZ3grlLUx-z4YYgXcAXP-xm45dOpRMTQ2S5iczFkxYc4DVGYC46ATP-k6EYWtuYZ03Fn2IUxSqnA_ihx5X8BFdchR5NyXI4oYxBTP2vLFJ5UMkfKCLc84eaNK2weWxmJ71gTfmFr8odm5bxqiOQJ--htYWPUtQ7RKgLoSbTX6T59wBkzS5n5CjsxYsz6Cs9dCgWg904mlqCZzn9F_BGivAe1umNo23lypsKXgoF0-WcHUiCJBaJJm13slpbs8eEc1FyD8sMMR46ul6bAZOhIsMZyQwgNT9Rc1vQ9KulDUKYGLE_O4T_q71i1dk-CTLivbkQd8NiriMGMz4oD1Uj0l3d6g9UZ3wHDOqD9RBRmTkxUKli2P7duAyr0zhZFthEV5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTXExFgUHY4mFGrSMoPMPsM6AuAecge-wXNqkqap0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN6ABrN3-6APIAQngAgCoAwGqBNQCT9DBe3BZCAmn095o1iZouRKGQHDII5v-6LFV0nXaKTdGgkpaKzANBAqC5gW_mk3z7OXElD4oa-YJ4kAMQMRerD2-_XB52qxxOfsLXCsJT8BaFEmWq3WE0JKS_jgO8WM1wCJRDc7rXco8ACI66A4Y-E4Ade9Fqbg24omZB7vHKkQ14Qvpyn6PkoIfi_Kj5dKUoyuX_O8V-4jFqjJxaWdz1eZ7jZ29K2rqOBvCQcPLXW_3RT_qtEmNLkS0LfmikJe0lJOdPFjmR2lDGN2dlyOsT3XGggo6FntlmBPAEH8q8IIu4RBn2gPpBGXWW47nZMqdEB0p-Gk2u16ro0T9lzyza6zdWOY2QeAUSt5LoG80ZKFlx1mb_EHkmYjuD7g3PGE8Xow-dROFmlJXWaCak2gL4Cozx_xj2hyqt6qcKSqXc9GZQZSbSwZFA30QjYN6gRTPlZXkvOAEAYAG8svvvtjL7-1JoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1BBFSwNw0F-QD9vVwmK83CozIVhQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Aug 2023 05:13:59 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 3F1E 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YwcFFgAGgokIaAY0AAAnMNxKp9bCD7dQ1Ixnqw&u=%7CdPGRhl%2B7%2BMWgpPFIpCJqMtCJIuSB7aEzylITgSDLOdw%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MTceYYGR9Jp5gwJSFuY1ZhN1_Ei2GJq8gd_G0tw1r14hnbYpVmvZEeZ3grlLUx-z4YYgXcAXP-xm45dOpRMTQ2S5iczFkxYc4DVGYC46ATP-k6EYWtuYZ03Fn2IUxSqnA_ihx5X8BFdchR5NyXI4oYxBTP2vLFJ5UMkfKCLc84eaNK2weWxmJ71gTfmFr8odm5bxqiOQJ--htYWPUtQ7RKgLoSbTX6T59wBkzS5n5CjsxYsz6Cs9dCgWg904mlqCZzn9F_BGivAe1umNo23lypsKXgoF0-WcHUiCJBaJJm13slpbs8eEc1FyD8sMMR46ul6bAZOhIsMZyQwgNT9Rc1vQ9KulDUKYGLE_O4T_q71i1dk-CTLivbkQd8NiriMGMz4oD1Uj0l3d6g9UZ3wHDOqD9RBRmTkxUKli2P7duAyr0zhZFthEV5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTXExFgUHY4mFGrSMoPMPsM6AuAecge-wXNqkqap0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN6ABrN3-6APIAQngAgCoAwGqBNQCT9DBe3BZCAmn095o1iZouRKGQHDII5v-6LFV0nXaKTdGgkpaKzANBAqC5gW_mk3z7OXElD4oa-YJ4kAMQMRerD2-_XB52qxxOfsLXCsJT8BaFEmWq3WE0JKS_jgO8WM1wCJRDc7rXco8ACI66A4Y-E4Ade9Fqbg24omZB7vHKkQ14Qvpyn6PkoIfi_Kj5dKUoyuX_O8V-4jFqjJxaWdz1eZ7jZ29K2rqOBvCQcPLXW_3RT_qtEmNLkS0LfmikJe0lJOdPFjmR2lDGN2dlyOsT3XGggo6FntlmBPAEH8q8IIu4RBn2gPpBGXWW47nZMqdEB0p-Gk2u16ro0T9lzyza6zdWOY2QeAUSt5LoG80ZKFlx1mb_EHkmYjuD7g3PGE8Xow-dROFmlJXWaCak2gL4Cozx_xj2hyqt6qcKSqXc9GZQZSbSwZFA30QjYN6gRTPlZXkvOAEAYAG8svvvtjL7-1JoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1BBFSwNw0F-QD9vVwmK83CozIVhQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 20 Aug 2023 05:13:59 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 3F1E 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YwcFFgAGgokIaAY0AAAnMNxKp9bCD7dQ1Ixnqw&u=%7CdPGRhl%2B7%2BMWgpPFIpCJqMtCJIuSB7aEzylITgSDLOdw%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MTceYYGR9Jp5gwJSFuY1ZhN1_Ei2GJq8gd_G0tw1r14hnbYpVmvZEeZ3grlLUx-z4YYgXcAXP-xm45dOpRMTQ2S5iczFkxYc4DVGYC46ATP-k6EYWtuYZ03Fn2IUxSqnA_ihx5X8BFdchR5NyXI4oYxBTP2vLFJ5UMkfKCLc84eaNK2weWxmJ71gTfmFr8odm5bxqiOQJ--htYWPUtQ7RKgLoSbTX6T59wBkzS5n5CjsxYsz6Cs9dCgWg904mlqCZzn9F_BGivAe1umNo23lypsKXgoF0-WcHUiCJBaJJm13slpbs8eEc1FyD8sMMR46ul6bAZOhIsMZyQwgNT9Rc1vQ9KulDUKYGLE_O4T_q71i1dk-CTLivbkQd8NiriMGMz4oD1Uj0l3d6g9UZ3wHDOqD9RBRmTkxUKli2P7duAyr0zhZFthEV5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTXExFgUHY4mFGrSMoPMPsM6AuAecge-wXNqkqap0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN6ABrN3-6APIAQngAgCoAwGqBNQCT9DBe3BZCAmn095o1iZouRKGQHDII5v-6LFV0nXaKTdGgkpaKzANBAqC5gW_mk3z7OXElD4oa-YJ4kAMQMRerD2-_XB52qxxOfsLXCsJT8BaFEmWq3WE0JKS_jgO8WM1wCJRDc7rXco8ACI66A4Y-E4Ade9Fqbg24omZB7vHKkQ14Qvpyn6PkoIfi_Kj5dKUoyuX_O8V-4jFqjJxaWdz1eZ7jZ29K2rqOBvCQcPLXW_3RT_qtEmNLkS0LfmikJe0lJOdPFjmR2lDGN2dlyOsT3XGggo6FntlmBPAEH8q8IIu4RBn2gPpBGXWW47nZMqdEB0p-Gk2u16ro0T9lzyza6zdWOY2QeAUSt5LoG80ZKFlx1mb_EHkmYjuD7g3PGE8Xow-dROFmlJXWaCak2gL4Cozx_xj2hyqt6qcKSqXc9GZQZSbSwZFA30QjYN6gRTPlZXkvOAEAYAG8svvvtjL7-1JoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1BBFSwNw0F-QD9vVwmK83CozIVhQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 20 Aug 2023 05:13:59 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame 3F1E 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=gCCCUScO91vBMgpbo-gLfZAesS1Pkku-yET8s2ad3WSOWp2fW1JBfhuhRFo-wuJBJZ2hS7is2vVA1q22KTg4BNLZEHbPm21wPk0PQCXQBTXMZVMVwwnm4KKS9UPzKm_uYvP2Masp1DRt4DjxJr7Ub4ZAFEjfhIBCFO4eyK2esR8do1OO_PBTtDkMhasuFfzqc8YQoWCFqo4m0zYJG1O4xf5gfg7MlDKQvvC_6UY4VLfEwBqbH1KlbrH6F9rjF7Csv-RR9odd_5Q462hxmVRm0eGDXGXVZzVYutk57tjfpGYv3Eyiqn8d77ZQyh5AlPB_CDZ1fxiA0iLmeko8BFqn5iX3XyzB_YaWMen7V1jfIenyoyY02jTFgGooVs6nypfaMSpXpsKNDXdS1xHAYf0SvZ9Dkhx8mnYeTOYcWc8V6MX9zFKkLHrgTdmJIclQ1aTmkbm41A
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YwcFFgAGgokIaAY0AAAnMNxKp9bCD7dQ1Ixnqw&u=%7CdPGRhl%2B7%2BMWgpPFIpCJqMtCJIuSB7aEzylITgSDLOdw%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MTceYYGR9Jp5gwJSFuY1ZhN1_Ei2GJq8gd_G0tw1r14hnbYpVmvZEeZ3grlLUx-z4YYgXcAXP-xm45dOpRMTQ2S5iczFkxYc4DVGYC46ATP-k6EYWtuYZ03Fn2IUxSqnA_ihx5X8BFdchR5NyXI4oYxBTP2vLFJ5UMkfKCLc84eaNK2weWxmJ71gTfmFr8odm5bxqiOQJ--htYWPUtQ7RKgLoSbTX6T59wBkzS5n5CjsxYsz6Cs9dCgWg904mlqCZzn9F_BGivAe1umNo23lypsKXgoF0-WcHUiCJBaJJm13slpbs8eEc1FyD8sMMR46ul6bAZOhIsMZyQwgNT9Rc1vQ9KulDUKYGLE_O4T_q71i1dk-CTLivbkQd8NiriMGMz4oD1Uj0l3d6g9UZ3wHDOqD9RBRmTkxUKli2P7duAyr0zhZFthEV5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTXExFgUHY4mFGrSMoPMPsM6AuAecge-wXNqkqap0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN6ABrN3-6APIAQngAgCoAwGqBNQCT9DBe3BZCAmn095o1iZouRKGQHDII5v-6LFV0nXaKTdGgkpaKzANBAqC5gW_mk3z7OXElD4oa-YJ4kAMQMRerD2-_XB52qxxOfsLXCsJT8BaFEmWq3WE0JKS_jgO8WM1wCJRDc7rXco8ACI66A4Y-E4Ade9Fqbg24omZB7vHKkQ14Qvpyn6PkoIfi_Kj5dKUoyuX_O8V-4jFqjJxaWdz1eZ7jZ29K2rqOBvCQcPLXW_3RT_qtEmNLkS0LfmikJe0lJOdPFjmR2lDGN2dlyOsT3XGggo6FntlmBPAEH8q8IIu4RBn2gPpBGXWW47nZMqdEB0p-Gk2u16ro0T9lzyza6zdWOY2QeAUSt5LoG80ZKFlx1mb_EHkmYjuD7g3PGE8Xow-dROFmlJXWaCak2gL4Cozx_xj2hyqt6qcKSqXc9GZQZSbSwZFA30QjYN6gRTPlZXkvOAEAYAG8svvvtjL7-1JoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1BBFSwNw0F-QD9vVwmK83CozIVhQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:00 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
5352349
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 1B59 		42 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=6mON_wj9cjVVAHwHbQc8chvp3hRGSuH1Uhy8wk7geOI
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
Content-Type
image/gif
ecm3
s.amazon-adsystem.com/ Frame 1B59
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=1eo9jUQpnoIYoddd-cZ0_X0-nCVCo1LHUx8KEgShFdY
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=1eo9jUQpnoIYoddd-cZ0_X0-nCVCo1LHUx8KEgShFdY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
PP8MAJM2RNJRJ8R9K0WD
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=1eo9jUQpnoIYoddd-cZ0_X0-nCVCo1LHUx8KEgShFdY
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
x.bidswitch.net/ Frame 1B59 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:13:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
onetag-sys.com/match/ Frame 1B59
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=b9936307-0516-4500-b3ae-7b63940e6617&gdpr=1&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=b9936307-0516-4500-b3ae-7b63940e6617&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Protocol
H2
Server
51.222.39.187 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip187.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 25 Aug 2022 05:14:00 GMT
Server
MT3 4494 7cf1da7 master nrt-pixel-x2 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=1&uid=b9936307-0516-4500-b3ae-7b63940e6617&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 25 Aug 2022 05:13:59 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 1B59 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.80 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
49049ff336235ad60cb44abcb1cec1d6
Content-Type
image/gif
/
onetag-sys.com/match/ Frame 1B59
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7412760816595641933
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7412760816595641933
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Protocol
H2
Server
51.222.39.187 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip187.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:59 GMT
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
417c0270-01d3-4a6a-b6e6-3a3734e4b011
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7412760816595641933
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ssbsync-global.smartadserver.com/api/ Frame 1B59 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.182 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
content-length
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 1B59 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.11 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
content-length
0
/
onetag-sys.com/match/ Frame 1B59
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESECkUQc7MQb3vaAN2yO4JSeQ&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESECkUQc7MQb3vaAN2yO4JSeQ&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Protocol
H2
Server
51.222.39.187 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip187.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESECkUQc7MQb3vaAN2yO4JSeQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 1B59
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=367b5a0bc1350c8f&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdp...
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAEhG6WkJB6lgMzD6MrAAAAAAA&expiration=1661490840&is_secure=true
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAEhG6WkJB6lgMzD6MrAAAAAAA&expiration=1661490840&is_secure=true
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Protocol
H2
Server
51.222.39.187 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip187.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:00 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAEhG6WkJB6lgMzD6MrAAAAAAA&expiration=1661490840&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
occ
ups.analytics.yahoo.com/ups/58488/ Frame 1B59 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-90-66.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
server
ATS/9.1.10.25
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 1B59
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=f392b494-04f1-4190-8b81-965c828ca97a&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=f392b494-04f1-4190-8b81-965c828ca97a&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Protocol
H2
Server
51.222.39.187 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip187.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=f392b494-04f1-4190-8b81-965c828ca97a&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
233
csync
sync.spotim.market/ Frame 1B59 		0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=558187&extuid=6mON_wj9cjVVAHwHbQc8chvp3hRGSuH1Uhy8wk7geOI
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:13:59 GMT
Server
Adtelligent
Etag
26228ea582814d32
Content-Length
0
usersync
usersync.gumgum.com/ Frame 32A0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=b9936307-0516-4500-b3ae-7b63940e6617&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=b9936307-0516-4500-b3ae-7b63940e6617&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 25 Aug 2022 05:14:00 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 25 Aug 2022 05:14:00 GMT
Expires
Thu, 25 Aug 2022 05:13:59 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4494 7cf1da7 master nrt-pixel-x20 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=b9936307-0516-4500-b3ae-7b63940e6617&gdpr=&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 13E7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=YwcFFQACNb5MfABN&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=YwcFFQACNb5MfABN&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 25 Aug 2022 05:14:00 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 25 Aug 2022 05:13:59 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=YwcFFQACNb5MfABN&gdpr=&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-chi-kigq8000057-CHI
x-timer
S1661404440.981721,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame E6DF 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV81MzQ5ZTI5ZS1lNTczLTQ2M2EtODA0Mi03MjhkMTAzZWUzOWI=&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 05:13:59 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 546E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.132.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-212.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=71309
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 25 Aug 2022 05:13:59 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 26 Aug 2022 01:02:28 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 80B1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=f392b494-04f1-4190-8b81-965c828ca97a
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=f392b494-04f1-4190-8b81-965c828ca97a
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 25 Aug 2022 05:14:00 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Thu, 25 Aug 2022 05:13:59 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=f392b494-04f1-4190-8b81-965c828ca97a
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 95C8
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY2...
  • https://cs.emxdgt.com/umcheck?apnxid=7412760816595641933&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNW...
  • https://usersync.gumgum.com/usersync?b=emx&i=7412760816595641933brt54361661404439995180b7
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=emx&i=7412760816595641933brt54361661404439995180b7
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 25 Aug 2022 05:14:00 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
0
content-type
text/html
date
Thu, 25 Aug 2022 05:13:59 GMT
location
https://usersync.gumgum.com/usersync?b=emx&i=7412760816595641933brt54361661404439995180b7
usersync
usersync.gumgum.com/ Frame BB60
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=YwcFGMCo8YsAAGFHD0UAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=YwcFGMCo8YsAAGFHD0UAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 25 Aug 2022 05:14:00 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 25 Aug 2022 05:14:00 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=YwcFGMCo8YsAAGFHD0UAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
44
X-SO-HostName
m-ad32.dc4p.scaleout.jp
X-SO-IP
167.88.7.162
X-SO-Key
YwcFGMCo8YsAAGFHD0UAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":44,"gdpr":false,"ipv4":"167.88.7.162","key":"YwcFGMCo8YsAAGFHD0UAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad32"}
X-SO-LB-Hostname
m-tgng39.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad32
usersync
usersync.gumgum.com/ Frame AD06
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=YwcFFiEqvqgxgytikig15QAA%26468
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=YwcFFiEqvqgxgytikig15QAA%26468
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 25 Aug 2022 05:14:00 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7401d775db9f633c-ORD
content-length
0
date
Thu, 25 Aug 2022 05:14:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=YwcFFiEqvqgxgytikig15QAA%26468
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sk08wpHbld%2F%2FpZBleU8i4ekKrFoR6LN%2FgAeTqO1yYnN5uv%2BEUk3Uub3TxKC0ndj852uaDIDL4bHfOpbiRvBzaXjHKk1qTfM1PtBO4m7SHBCt6cDyiXqIjRw3wfetBdGrDL3uFxlHygRmIA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 6E93
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=v9oQfujxQcoR0TJPtVBy&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=v9oQfujxQcoR0TJPtVBy&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 25 Aug 2022 05:14:00 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 25 Aug 2022 05:14:00 GMT Thu, 25 Aug 2022 05:14:00 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=v9oQfujxQcoR0TJPtVBy&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 3B1D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 25 Aug 2022 05:14:00 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 25 Aug 2022 05:13:59 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
aip
usw1.smartadserver.com/h/ 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usw1.smartadserver.com/h/aip?uii=721247772134011725&tmstp=1661404438305&ckid=3915573460503402842&systgt=%24qc%3d1312541377%3b%24ql%3dUnknown%3b%24qpc%3d77477%3b%24qt%3d152_507_31155t%3b%24dma%3d618%3b%24b%3d16999%3b%24o%3d11100%3b%24wpc%3d5890%3b%24wpc%3d5892%3b%24wpc%3d5893%3b%24wpc%3d5896%3b%24wpc%3d5899%3b%24wpc%3d5839%3b%24wpc%3d5841%3b%24wpc%3d5844%3b%24wpc%3d5845%3b%24wpc%3d5847%3b%24wpc%3d5850%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5828%3b%24wpc%3d5830%3b%24wpc%3d5832%3b%24wpc%3d5833%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5805%3b%24wpc%3d5807%3b%24wpc%3d5809%3b%24wpc%3d5810%3b%24wpc%3d5786%3b%24wpc%3d5757%3b%24wpc%3d5759%3b%24wpc%3d5771%3b%24wpc%3d5774%3b%24wpc%3d5775%3b%24wpc%3d5778%3b%24wpc%3d5779%3b%24wpc%3d5782%3b%24wpc%3d5783%3b%24wpc%3d5739%3b%24wpc%3d6190%3b%24wpc%3d6192%3b%24wpc%3d6195%3b%24wpc%3d6197%3b%24wpc%3d6198%3b%24wpc%3d6205%3b%24wpc%3d6207%3b%24wpc%3d6209%3b%24wpc%3d6211%3b%24wpc%3d6235%3b%24wpc%3d6237%3b%24wpc%3d6239%3b%24wpc%3d6241%3b%24wpc%3d6243%3b%24wpc%3d6052%3b%24wpc%3d6054%3b%24wpc%3d6055%3b%24wpc%3d6057%3b%24wpc%3d6059%3b%24wpc%3d6060%3b%24wpc%3d6001%3b%24wpc%3d6002%3b%24wpc%3d6005%3b%24wpc%3d6006%3b%24wpc%3d6007%3b%24wpc%3d6011%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5989%3b%24wpc%3d5990%3b%24wpc%3d5993%3b%24wpc%3d5994%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5967%3b%24wpc%3d5968%3b%24wpc%3d5971%3b%24wpc%3d5973%3b%24wpc%3d5975%3b%24wpc%3d5947%3b%24wpc%3d5948%3b%24wpc%3d5951%3b%24wpc%3d5920%3b%24wpc%3d5921%3b%24wpc%3d5924%3b%24wpc%3d5925%3b%24wpc%3d5933%3b%24wpc%3d5935%3b%24wpc%3d5937%3b%24wpc%3d5939%3b%24wpc%3d5941%3b%24wpc%3d5943%3b%24wpc%3d5945%3b%24wpc%3d5904%3b%24wpc%3d5906%3b%24wpc%3d5907%3b%24wpc%3d5910%3b%24wpc%3d5595%3b%24wpc%3d6266%3b%24wpc%3d8630%3b%24wpc%3d1335%3b%24wpc%3d1336%3b%24wpc%3d1337%3b%24wpc%3d1339%3b%24wpc%3d1340%3b%24wpc%3d1342%3b%24wpc%3d1343%3b%24wpc%3d1344%3b%24wpc%3d1345%3b%24wpc%3d7823%3b%24wpc%3d6425%3b%24wpc%3d6430%3b%24wpc%3d6274%3b%24wpc%3d6275%3b%24wpc%3d1273&acd=1661404438370&envtype=0&opid=e58ac08d-381f-4fc7-8970-80b1dd562668&opdt=1661404438370&siteid=411664&tgt=aggressive%3dfalse%3btemplate_category%3darticle%3bpublisher_country%3dBR%3bcontext_safe%3dfalse%3badunit_type%3dinImage%3bvw_display%3d60%3bvw_video%3d53%3bvtr%3d33%3bvtr_short%3d31%3bvtr_medium%3d18%3bvtr_long%3d41%3bctr%3d0%3bproducts%3dOM120x600%3bsizes%3d120x600%3bproducts%3dOM160x600%3bsizes%3d160x600%3bproducts%3dOM300x600%3bsizes%3d300x600%3bproducts%3dOM320x50%3bsizes%3d320x50%3bproducts%3dOM728x90%3bsizes%3d728x90%3bproducts%3dOM970x250%3bsizes%3d970x250%3bproducts%3dOM300x250%3bsizes%3d300x250%3bproducts%3dP120x600%3bsizes%3d120x600%3bproducts%3dP160x600%3bsizes%3d160x600%3bproducts%3dP300x600%3bsizes%3d300x600%3bproducts%3dP320x50%3bsizes%3d320x50%3bproducts%3dP728x90%3bsizes%3d728x90%3bproducts%3dP970x250%3bsizes%3d970x250%3bproducts%3dP300x250%3bsizes%3d300x250%3bpublisher_category%3dbeauty-and-personal-care%3bcontext_custom_category%3doisolucoes%3bcontext_custom_category%3dshortwhats%3bcontext_custom_category%3dlab_vigor_business_empresas%3bcontext_custom_category%3dblockromance%3bcontext_custom_category%3dPedigree_Inovacao_tendencias%3bcontext_custom_category%3dlab_visa_house_decor%3bcontext_custom_category%3dlab_schweppes_esportes%3bcontext_custom_category%3drockinrio%3bcontext_custom_category%3dlab_visa_fashion%3bcontext_custom_category%3dterror%3bcontext_custom_category%3dlab_heineken_drinks%3bcontext_custom_category%3dlab_visa_travel%3bcontext_custom_category%3dpme%3bcontext_custom_category%3dwhiskas%3bcontext_custom_category%3dlab_visa_gastronomy%3bcontext_custom_category%3dshortblacklist%3bcontext_custom_category%3dlab_vigor_business_vacations%3bcontext_custom_category%3dlabpuig-ch-exclusivity%3bcontext_custom_category%3dlab_schweppes_life_lugares%3bcontext_custom_category%3dlab_schweppes_cultural_bares%3bcontext_custom_category%3dlabpuig-pr-experience%3bcontext_custom_category%3dnubank%3bcontext_custom_category%3dmilionario%3bcontext_custom_category%3dheineken_lab_tiger_block%3bcontext_custom_category%3dlabcolgateheal%3bcontext_custom_category%3dfilmeseseries%3bcontext_custom_category%3dlabcolgatenatfa%3bcontext_custom_category%3dosquatrocompro%3bcontext_custom_category%3dfilmesinfantis%3bcontext_custom_category%3dcafe%3bcontext_custom_category%3dsensodyne%3bcontext_custom_category%3dilhabela1%3bcontext_custom_category%3dlab_schweppes_rock_in_rio%3bcontext_custom_category%3dlab_schweppes_social_tecnologia%3bcontext_custom_category%3dtim5g%3bcontext_custom_category%3dcaminhao%3bcontext_custom_category%3dmundialhortifruti%3bcontext_custom_category%3dlab_schweppes_life_familia%3bcontext_custom_category%3dcocameals%3bcontext_custom_category%3dbaby%3bcontext_custom_category%3dmundialcarnes%3bcontext_custom_category%3ddoubleverify%3bcontext_custom_category%3dgsk_publicis_sensodyne%3bcontext_custom_category%3dlab_vigor_wellness_influencers%3bcontext_custom_category%3dcafe_br%3bcontext_custom_category%3dlab_schweppes_mixology%3bcontext_custom_category%3dcrianca%3bcontext_custom_category%3damericanastech%3bcontext_custom_category%3dgm-s10-ch%3bcontext_custom_category%3dlab_vigor_wellness_exercise%3bcontext_custom_category%3dRock+in+Rio%3bcontext_custom_category%3dlabpuig-ch-fashion%3bcontext_custom_category%3dlabpuig-ab-family%3bcontext_custom_category%3dtest-luxurytravel-br%3bcontext_custom_category%3dtexacoblock%3bcontext_custom_category%3damericanasapple%3bcontext_custom_category%3dlab_vigor_wellness_dance%3bcontext_custom_category%3dGM+s10+CH%26X+50+anos%3bcontext_custom_category%3dPedigree_Confianca%3bcontext_custom_category%3dlab_schweppes_social_atualidades%3bcontext_custom_category%3dlab_vigor_active_recipes%3bcontext_custom_category%3dmakeup%3bcontext_custom_category%3dtimcontrole%3bcontext_custom_category%3dpagode%3bcontext_custom_category%3dliveloblocklist%3bcontext_custom_category%3dgames%3bcontext_custom_category%3dPedigree_Qualidade%3bcontext_custom_category%3dlab_schweppes_life_sentimentos%3bcontext_custom_category%3dfanta%3bcontext_custom_category%3dLGBT2022%3bcontext_custom_category%3dlabpuig-pr-music%3bcontext_custom_category%3dnovela_pantanal%3bcontext_custom_category%3dlab_vigor_business_family%3bcontext_custom_category%3dlivelo%3bcontext_category%3dgossip%3bcontext_subcategory%3d-%3bcontext_categories_tier1%3dmovies%3bcontext_categories_tier2%3ddocumentary-movies%3bcontext_categories_tier3%3dother%3bcontext_categories_tier4%3dnone%3bab%3dNativeMinSize%3b%3b%24dt%3d1t%3b%24dma%3d618&gdpr=0&visit=S&statid=16&imptype=0&intgtype=0&pgDomain=https%3a%2f%2fglamour.globo.com%2flifestyle%2fnoticia%2f2019%2f12%2fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&cappid=3915573460503402842&capp=0&mcrdbt=1&insid=10180190&imgid=0&pgid=1383108&fmtid=78373&isLazy=0&rtb=1&rtbnid=3050&rtbbid=721247772133994770&rtbh=8a10c805a8b08ae7349aa2c7fb9fbab5e5794834&rtblt=637970012384625167&rtbet=0&rtbptnid=68&cftgid=3954d311d320&rtbnc=nc
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.83.76.65 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
transfer-encoding
chunked
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame D843
Redirect Chain
  • https://px.owneriq.net/ecmg?google_gid=CAESEP8VHVMmZ7I_EruHCQmuNqE&google_cver=1&google_push=AehlK4A0wfjFGt3PzbYhBNWeOzMUDxwCdPEPMDXbgcN2i4Hgibevmfzt6cXjyD2vWMtiL9KJ_oD9BYW19la7kg8H2IyHyVn6K34G5dzo...
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AehlK4A0wfjFGt3PzbYhBNWeOzMUDxwCdPEPMDXbgcN2i4Hgibevmfzt6cXjyD2vWMtiL9KJ_oD9BYW19la7kg8H2IyHyVn6K34G5dzokDnBrgNsJAaJuvjA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AehlK4A0wfjFGt3PzbYhBNWeOzMUDxwCdPEPMDXbgcN2i4Hgibevmfzt6cXjyD2vWMtiL9KJ_oD9BYW19la7kg8H2IyHyVn6K34G5dzokDnBrgNsJAaJuvjAV-bnu7Yky8WF574ksmRy-oY&google_cver=1&google_gid=CAESEP8VHVMmZ7I_EruHCQmuNqE&google_hm=UTcxNDY5MDgzOTExMDU2ODQzMzZQ
Requested by
Host: 3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com
URL: https://3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 25 Aug 2022 05:14:00 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AehlK4A0wfjFGt3PzbYhBNWeOzMUDxwCdPEPMDXbgcN2i4Hgibevmfzt6cXjyD2vWMtiL9KJ_oD9BYW19la7kg8H2IyHyVn6K34G5dzokDnBrgNsJAaJuvjAV-bnu7Yky8WF574ksmRy-oY&google_cver=1&google_gid=CAESEP8VHVMmZ7I_EruHCQmuNqE&google_hm=UTcxNDY5MDgzOTExMDU2ODQzMzZQ
Cache-Control
max-age=58345
Connection
keep-alive
Content-Type
text/html
Content-Length
154
pixel
cm.g.doubleclick.net/ Frame D843
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECZemA3XhkustYxw4oGb34Y&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aUVaNjFRaHoxT3I1Yk41&google_gid=CAESECZemA3XhkustYxw4oGb34Y&google_cver=1&google_push=AehlK4CiGII6jpK4oaYFjL3KbKpRKlXVbjpUgocH7AWELtp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aUVaNjFRaHoxT3I1Yk41&google_gid=CAESECZemA3XhkustYxw4oGb34Y&google_cver=1&google_push=AehlK4CiGII6jpK4oaYFjL3KbKpRKlXVbjpUgocH7AWELtps0cQMWoqQUbyBkXq1OUmx5EiRfe3qZbVIUASdPb3o24xU5hoGa881aGrpFWfMD1UE114v5oOub7n-tJwrT74njDuZAa8_7w
Requested by
Host: 3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com
URL: https://3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:59 GMT
Server
PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-00cd072e8cf76a91b@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aUVaNjFRaHoxT3I1Yk41&google_gid=CAESECZemA3XhkustYxw4oGb34Y&google_cver=1&google_push=AehlK4CiGII6jpK4oaYFjL3KbKpRKlXVbjpUgocH7AWELtps0cQMWoqQUbyBkXq1OUmx5EiRfe3qZbVIUASdPb3o24xU5hoGa881aGrpFWfMD1UE114v5oOub7n-tJwrT74njDuZAa8_7w
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D843
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WXdjRkZRQUNOYjVNZkFCTg==&google_gid=CAESEDYfQoeFMrsCAXvvqNFSZck&google_cver=1&google_push=AehlK4B0ooyyqUQrXcz9vBXLTF1HboDaTA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WXdjRkZRQUNOYjVNZkFCTg==&google_gid=CAESEDYfQoeFMrsCAXvvqNFSZck&google_cver=1&google_push=AehlK4B0ooyyqUQrXcz9vBXLTF1HboDaTAYovUKPgn02ibLNAgZ_FcmkG8sQariq0-6cNiyKU6km0syy4JMgwfuT5TmtefoNiXxn8ahVLqDhoh0Is-CkyG1W7gClIpIXLIHucuBSNC7mUQ
Requested by
Host: 3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com
URL: https://3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
via
1.1 varnish
server
Varnish
x-timer
S1661404440.981779,VS0,VE0
x-served-by
cache-chi-kigq8000057-CHI
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WXdjRkZRQUNOYjVNZkFCTg==&google_gid=CAESEDYfQoeFMrsCAXvvqNFSZck&google_cver=1&google_push=AehlK4B0ooyyqUQrXcz9vBXLTF1HboDaTAYovUKPgn02ibLNAgZ_FcmkG8sQariq0-6cNiyKU6km0syy4JMgwfuT5TmtefoNiXxn8ahVLqDhoh0Is-CkyG1W7gClIpIXLIHucuBSNC7mUQ
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame D843
Redirect Chain
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=AehlK4D2hml7D4OLTG5-lyUX1rvaC684a8cERbpyhRizFawW6U8H7prTOZ1__PLIV0RUuBbvzXBKuHXDIKmZVVSuqG36lPVh8ZJcXHu69ime7QUBSurpUhDH8M81UxdtfVhB6tToPIlotMY&go...
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AehlK4D2hml7D4OLTG5-lyUX1rvaC684a8cERbpyhRizFawW6U8H7prTOZ1__PLIV0RUuBbvzXBKuHXDIKmZVVSuqG36lPVh8ZJcXHu69ime7QUBSurpUhDH8M81UxdtfVhB6tToPI...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AehlK4D2hml7D4OLTG5-lyUX1rvaC684a8cERbpyhRizFawW6U8H7prTOZ1__PLIV0RUuBbvzXBKuHXDIKmZVVSuqG36lPVh8ZJcXHu69ime7QUBSurpUhDH8M81UxdtfVhB6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AehlK4D2hml7D4OLTG5-lyUX1rvaC684a8cERbpyhRizFawW6U8H7prTOZ1__PLIV0RUuBbvzXBKuHXDIKmZVVSuqG36lPVh8ZJcXHu69ime7QUBSurpUhDH8M81UxdtfVhB6tToPIlotMY&google_hm=ARzIwV8l0Nl3ks8ADsd_tJCaJMA
Requested by
Host: 3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com
URL: https://3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:00 GMT
via
1.1 d877346b368e974486e739220882b59e.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
JFK50-P4
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AehlK4D2hml7D4OLTG5-lyUX1rvaC684a8cERbpyhRizFawW6U8H7prTOZ1__PLIV0RUuBbvzXBKuHXDIKmZVVSuqG36lPVh8ZJcXHu69ime7QUBSurpUhDH8M81UxdtfVhB6tToPIlotMY&google_hm=ARzIwV8l0Nl3ks8ADsd_tJCaJMA
cache-control
no-cache
content-length
0
x-amz-cf-id
qUjSILj09GKkfXWyxubsGRlpCFSF8DW7Tv4fBGABrzoeeuXSXDPw8g==
expires
-1
dot.gif
s0.2mdn.net/ Frame D843 		43 B
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEBV9p4PVKJGWh-HawWIoiV0&google_cver=1&google_push=AehlK4AN0Oxfx8rMb1Yr2A2uQmsiaOrzM3kHWDm4LKA14WhXAKOEmANFtb2axMdc464p_XgJvZssEoVm-xZQN79sGUUkGZtajTEhvYC4Dq8X2oLZl5D0KRoWeeJPR81Gx0dbYI6KNKuIou0
Requested by
Host: 3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com
URL: https://3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Aug 2022 05:14:00 GMT
pixel
cm.g.doubleclick.net/ Frame D843
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Fsay_w7nSxqLjFcGg-xXxA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Fsay_w7nSxqLjFcGg-xXxA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4AjktPQZ0qHMsSnF7BVtMTZY4yS_JNS0rAkb5allHAswxDEsc_Q2IyqrLv-erNBwgmS2fgsbskDYhKkhWZzHqJSMManCtzcXMKAyQYYm_UdbLXJugcqsWywx6ngMXYLAGDzMLqA7w
Requested by
Host: 3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com
URL: https://3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Fsay_w7nSxqLjFcGg-xXxA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4AjktPQZ0qHMsSnF7BVtMTZY4yS_JNS0rAkb5allHAswxDEsc_Q2IyqrLv-erNBwgmS2fgsbskDYhKkhWZzHqJSMManCtzcXMKAyQYYm_UdbLXJugcqsWywx6ngMXYLAGDzMLqA7w
date
Thu, 25 Aug 2022 05:13:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame D843
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEEo1iLAsz_5JsyVOu5gB3Qk&google_cver=1&google_push=AehlK4BO0uixntxKnyAJbk2_d8o17zMyEMROYj--tS-SDqktAvMuqPjI8gR-PWKUWX3m9HZL-r2sm...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4BO0uixntxKnyAJbk2_d8o17zMyEMROYj--tS-SDqktAvMuqPjI8gR-PWKUWX3m9HZL-r2smf681hzdgAu7dtDZmGb8cGLjeY90Ro9NjhASWH2vIFirZG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4BO0uixntxKnyAJbk2_d8o17zMyEMROYj--tS-SDqktAvMuqPjI8gR-PWKUWX3m9HZL-r2smf681hzdgAu7dtDZmGb8cGLjeY90Ro9NjhASWH2vIFirZGjxa-01pOSZeZSKHZOesUo&google_hm=WXdjRkdNQ284WG9BQVB6NEt3c0FBQUFB
Requested by
Host: 3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com
URL: https://3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
8
Date
Thu, 25 Aug 2022 05:14:00 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEEo1iLAsz_5JsyVOu5gB3Qk&google_cver=1&google_push=AehlK4BO0uixntxKnyAJbk2_d8o17zMyEMROYj--tS-SDqktAvMuqPjI8gR-PWKUWX3m9HZL-r2smf681hzdgAu7dtDZmGb8cGLjeY90Ro9NjhASWH2vIFirZGjxa-01pOSZeZSKHZOesUo","cluster_id":8,"gdpr":false,"ipv4":"167.88.7.162","key":"YwcFGMCo8XoAAPz4KwsAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad328"}
X-SO-Ads-Time
5
X-SO-Key
YwcFGMCo8XoAAPz4KwsAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad328
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4BO0uixntxKnyAJbk2_d8o17zMyEMROYj--tS-SDqktAvMuqPjI8gR-PWKUWX3m9HZL-r2smf681hzdgAu7dtDZmGb8cGLjeY90Ro9NjhASWH2vIFirZGjxa-01pOSZeZSKHZOesUo&google_hm=WXdjRkdNQ284WG9BQVB6NEt3c0FBQUFB
Cache-Control
private
X-SO-HostName
m-ad328.dc4p.scaleout.jp
Connection
keep-alive
Content-Length
0
X-SO-LB-Hostname
m-tgng22.dc4p.scaleout.jp
X-SO-IP
167.88.7.162
attr
cm.g.doubleclick.net/pixel/ Frame D843 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K2CmXZzTdP3sISpUGzdKmobAEPeW0bogOJz8TQvS_e0YF5dPARQDBs98tbp87besJlcwqZ
Requested by
Host: 3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com
URL: https://3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
usync.js
eus.rubiconproject.com/ Frame 3720 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ed05b379e16f99e991942612551f789ce3f82404bd8e0dfa0b0b16a5e800e9ca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:14:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 13:55:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36647
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9443
Expires
Thu, 25 Aug 2022 15:24:47 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZmU1NGNjMjVjMjVkMzY5ODNhZGJkY2ZhN2YxZTVkZg==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZmU1NGNjMjVjMjVkMzY5ODNhZGJkY2ZhN2YxZTVkZg==&gdpr=0&gdpr_consent=
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:13:59 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZmU1NGNjMjVjMjVkMzY5ODNhZGJkY2ZhN2YxZTVkZg==&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1661404439966064-306
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=fe54cc25c25d36983adbdcfa7f1e5df&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=fe54cc25c25d36983adbdcfa7f1e5df&ex=freewheel.tv&gdpr=0&gdpr_consent=
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
EWREASJ7DA7ATH19DZ2R
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:00 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=fe54cc25c25d36983adbdcfa7f1e5df&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1661404440059085-131
truncated
/ Frame 78E4 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
945f98ebecf4bfd00ec2fbfd949824323698e34d9531dab6fe714771942717a6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
ab
nym1-ib.adnxs.com/ Frame 2880 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&e=wqT_3QLQD_D90AcAAAMA1gAFAQiWipyYBhDErZal5diDkHEY__X6uuek5skkKjYJIuAO_euH2T8RtE8y410QyT8ZAAAAgD0KIUAhsm1IW9zL0j8p2ubG9IQl4z8xAAAA4KNw3T8wgfrzCjipH0CYOUgCUK6y-LQBWMWqlQFgAGjPglZ4jM8FgAEBigEDVVNEkgEDQlJMmAH6AaAB-gGoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKAnd1ZignYScsIDUwNjUxNzAsIDE2NjE0MDQ0MzgpO3VmKCdpJywgNzUxMzQxNCwgMTY2MTQwNDQzOCk7dWYoJ2cnLCAxODcyNTM1NyxCOwAwcicsIDM3OTQ1OTg4NjY9APCLkgK1BCFjSHhwY1FpUS1zc1pFSzZ5LUxRQkdBQWd4YXFWQVRBRU9BQkFBRWlZT1ZDQi12TUtXQUJnUDJnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkVLZ0JDckFCQUxrQjR3SHp5NGdsNHpfQkFlTUI4OHVJSmVNX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWNiS3lnUDFBY3h0a3otWUFnQ2dBZ0cxQWcBIwRDOQkI8FVEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnR0FBd0dZQXdHNkF3bE9XVTB5T2pVM01EZmdBNDh2Z0FUb25vVUppQVRzbm9VSmtBUUJtQVFCd1FRQQFiBQEITWtFBQgFARhEWUJBRHhCBQwJAWxpQVhMTEpBRjZwOU1xUVYyaWVxdGdXMFVRTEVGASKIb0xXajVUX0JCUUFBQUtDMW93VkF5UVVBQUFDQWQwRGJQOUUFKAkBBERaBSgBAfBDUEFfNEFXNTB3UHdCZTN6OWdqNEJkS1R0UUtDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCcHFabVptWm1lMF9xQVlFc2dZa0MBdA0BAEUdDABHHQwASR0MIHVBWUstQWZRMAFsWDRUVkNQZ0huZGdJLUFmTjZBajRCLWZ4ARRUOGZNSS1BZWc5UWcumgKZASE3eFZwZD45AjBNV3FsUUVnQUNnQU1aGZ0YT2dsT1dVMC2JFGRBank5Sg2kEEE4RDlSEQwMQUFCWh0MAGgdDABwHQwAeB0MCDRBSS5BAvReATgusgIkZTQ3OWVjNGItNmIwNS00ZDc4LTk4MDEtYTNlZWRhOWUxMGY02AKfRuAC7pBd6gJqaHR0cHM6Ly9nbGFtb3VyLmdsb2JvLmNvbS9saWZlc3R5bGUvbm90aWNpYS8yMDE5LzEyL21lbGhvcmVzLWRvLWFuby1vcy1tZW1lcy1tYWlzLWVuZ3JhY2Fkb3MtZGUtMjAxOS5naHRtbPICEQoGQURWX0lEEgc1MDY1MTcw8gISCgZDUEdfSUQSCDE4NzI1MzU38gIKCgVDUF9JRBIBMPICDQoIQURWX0ZSRVESATDyAg0KCFJFTV9VU0VSEgEw8gIMCghBRFZfQ09ERRIA8gIMCghDUEdfQ09ERRIA8gILCgdDUF9DT0RFEgDyAhAKBUlPX0lEEgc3NTEzNDE08gILCgdJT19DT0RFEgDyAhMKD0NVU1RPTV9NT0RFTF9JRBIA8gIaChZDVR0WHExFQUZfTkFNBTMQHgoaQ1UuHQA4QVNUX01PRElGSUVEEgDyAbEYU1BMSVRfSQHR9DQBgAMAiAMBkAMAmAMUoAMBqgMAwAOsAsgDANgDkogC4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQMMTY3Ljg4LjcuMTYyqAQAsgQMCAAQABgAIAAwADgCuAQAwATOwLkiyAQA0gQONzMyMCNOWU0yOjU3MDfaBAIIAeAEAPAErrL4tAH6BBIJAAAAwKbxREARAAAAoMQMVsCIBQGYBQCgBf___________wGqBS00MDg4NDlmZC1jMDFmLTQ2YjItYTNmNy04OWM4OTZiYTA0YzlfQXBwTmV4dXPABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWnogL6BQQIABAAkAYAmAYAogYONDAwOSNOWU0yOjU0MDK4BgDBBgAAAAAAAPA_0AapJdoGFgoQEUcRAQH1UOAGAfIGhwEI6p9MEoABemhKMF9sb2Ee2ERBQWtDQlFFSXZZTGFCeEN4dE5nQ0dQcUJpZ01nQnlnQVFKSDFpd2RJci1pTUIxQ1BMMWlhS26d9xBIZ0FnUR0QTElnQkFKQUJBSm9CQWdnQXFBRUFzLiAAPEEuLoAHAYgHAKAHAboHDwgFoEQgADAAONweQADIB4zPBdIHDQkJvgQ-QAG-CNoHBgknbOAHAOoHAggA8Aex8PgFiggCEACVCAAAgD-YCAE.&s=0c56af5c1cb42975fd4e481382539be3c3c8615b&pp=0.195812
Requested by
Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
aba93e6d7b0386c16f82e6c47b9e88a6b9196f9a6b364beafc6a54d319f90bbe
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:14:00 GMT
Content-Encoding
gzip
X-Creative-ID
379459886
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5752ae53-5583-4dca-a4e3-59f44854c792
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
event
s.seedtag.com/s/ Frame 2880 		43 B
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/s/event?type=imp&id=408849fd-c01f-46b2-a3f7-89c896ba04c9_AppNexus_1
Requested by
Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
image/gif
access-control-allow-credentials
true
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
truncated
/ Frame 1323 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/gif
vpaid_6d8da985.js
vpaid.springserve.com/production/ Frame FC79 		506 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_6d8da985.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:400:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e8003ad291ba3bd8691f5b0754b18daa4f89147dd3f27f204c651cd8d5fbf8f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 06:17:45 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 16:39:44 GMT
server
AmazonS3
age
255376
etag
W/"9026fbc1fc8aafffe9b6d2458d235a3a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 71963481e8787829babadbbb735376ee.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
fvxUrDp87kNIJYJ98j8diuqrECdV3z8bOcaU3CU12SHhGHCD6WJAgA==
t
t.lkqd.net/ Frame FC9A 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Thu, 25 Aug 2022 05:14:00 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 25 Aug 2022 05:14:00 GMT
server
nginx
wl
t.pubmatic.com/ Frame 5897 		17 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=157163
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.121 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:00 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7591 		1 KB
754 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com
URL: https://9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
39895
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 18:09:05 GMT
etag
48472445140208031
expires
Thu, 25 Aug 2022 18:09:05 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4BB2 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab988eb336d693ffc32234147f24574dd70244b3323d36e58e36ff9e14de8298

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 4BB2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6H9pVQ2VQOzBM2sKphM_032NkG0ifzPlLCm-ujd5VLlXT9emnfVJX9m7UUrDf0AWJcTh5LAAITf5XtOt9BsS-uhg8dKB-2aBVouvb2R17Civ47LDmLmy7TgfVKVFXNv6kyXkzdfnk-IcNr4IHfNAzOk33tPLsqdkPhH5aFw0P8d5PBP4dIEcI0Gxd_besUSF3X7ZSM6aLLgwbHUkuoTTVnLkxW8C8wzTUeH7iz_JNfk5rZrpq4OB65rXMkhXt6jd9JI7d9BkSLtgXDNI5YvMNSDKbtgg-pchSYxDZGoMMUXR0MbLdvQwRIc_WKvpYLDvzJSfg1CEoaS0AAZo6xvxGO1ebaZLCmsuFPt0xlfY672AsVQ&sai=AMfl-YTA0P11fJEerk_cCeA70D2qjPHvwJ4HKlkNEKTXGcq0XC7aSnAluhZllKVLc9BVD8YKsQjgqJ9zcwX6f3iQiXG4oBnRfm-lMlTOrJ0nM39E4io8PuRMa3k0YKaNkQ&sig=Cg0ArKJSzINxSxKiMoNFEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 05:14:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 25 Aug 2022 05:14:00 GMT
st.min.html
apps.sascdn.com/rtb/transparency/handler/ Frame 879C 		531 B
881 B 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22721247772133994770%22%2c%22adomain%22%3a%22unidosus.org%22%2c%22page%22%3a%221383108%22%2c%22format%22%3a%2278373%22%2c%22crid%22%3a%226117171%22%2c%22dsp%22%3a%2268%22%2c%22buyer%22%3a%2211760%22%2c%22cid%22%3a%222172825%22%2c%22adid%22%3a%22%22%2c%22hash%22%3a%22-5241868059446901536%22%7d
Requested by
Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::687c:2c0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Referer
https://config.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
531
Content-Type
text/html
Date
Thu, 25 Aug 2022 05:14:00 GMT
ETag
"cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires
Fri, 26 Aug 2022 05:14:00 GMT
Last-Modified
Thu, 18 Feb 2021 14:12:04 GMT
Server
AkamaiNetStorage
gpt.js
www.googletagservices.com/tag/js/ Frame F062 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd6b3451bd3f375e1dd605d5dd648dffa5eb5b69d72a09ca33aefbad9a336dcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28537
x-xss-protection
0
server
sffe
etag
"1313 / 276 of 1000 / last-modified: 1661379059"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 25 Aug 2022 05:14:00 GMT
aip
usw1.smartadserver.com/h/ Frame F062 		43 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usw1.smartadserver.com/h/aip?uii=721247772134011725&tmstp=1661404438305&ckid=3915573460503402842&systgt=%24qc%3d1312541377%3b%24ql%3dUnknown%3b%24qpc%3d77477%3b%24qt%3d152_507_31155t%3b%24dma%3d618%3b%24b%3d16999%3b%24o%3d11100%3b%24wpc%3d5890%3b%24wpc%3d5892%3b%24wpc%3d5893%3b%24wpc%3d5896%3b%24wpc%3d5899%3b%24wpc%3d5839%3b%24wpc%3d5841%3b%24wpc%3d5844%3b%24wpc%3d5845%3b%24wpc%3d5847%3b%24wpc%3d5850%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5828%3b%24wpc%3d5830%3b%24wpc%3d5832%3b%24wpc%3d5833%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5805%3b%24wpc%3d5807%3b%24wpc%3d5809%3b%24wpc%3d5810%3b%24wpc%3d5786%3b%24wpc%3d5757%3b%24wpc%3d5759%3b%24wpc%3d5771%3b%24wpc%3d5774%3b%24wpc%3d5775%3b%24wpc%3d5778%3b%24wpc%3d5779%3b%24wpc%3d5782%3b%24wpc%3d5783%3b%24wpc%3d5739%3b%24wpc%3d6190%3b%24wpc%3d6192%3b%24wpc%3d6195%3b%24wpc%3d6197%3b%24wpc%3d6198%3b%24wpc%3d6205%3b%24wpc%3d6207%3b%24wpc%3d6209%3b%24wpc%3d6211%3b%24wpc%3d6235%3b%24wpc%3d6237%3b%24wpc%3d6239%3b%24wpc%3d6241%3b%24wpc%3d6243%3b%24wpc%3d6052%3b%24wpc%3d6054%3b%24wpc%3d6055%3b%24wpc%3d6057%3b%24wpc%3d6059%3b%24wpc%3d6060%3b%24wpc%3d6001%3b%24wpc%3d6002%3b%24wpc%3d6005%3b%24wpc%3d6006%3b%24wpc%3d6007%3b%24wpc%3d6011%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5989%3b%24wpc%3d5990%3b%24wpc%3d5993%3b%24wpc%3d5994%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5967%3b%24wpc%3d5968%3b%24wpc%3d5971%3b%24wpc%3d5973%3b%24wpc%3d5975%3b%24wpc%3d5947%3b%24wpc%3d5948%3b%24wpc%3d5951%3b%24wpc%3d5920%3b%24wpc%3d5921%3b%24wpc%3d5924%3b%24wpc%3d5925%3b%24wpc%3d5933%3b%24wpc%3d5935%3b%24wpc%3d5937%3b%24wpc%3d5939%3b%24wpc%3d5941%3b%24wpc%3d5943%3b%24wpc%3d5945%3b%24wpc%3d5904%3b%24wpc%3d5906%3b%24wpc%3d5907%3b%24wpc%3d5910%3b%24wpc%3d5595%3b%24wpc%3d6266%3b%24wpc%3d8630%3b%24wpc%3d1335%3b%24wpc%3d1336%3b%24wpc%3d1337%3b%24wpc%3d1339%3b%24wpc%3d1340%3b%24wpc%3d1342%3b%24wpc%3d1343%3b%24wpc%3d1344%3b%24wpc%3d1345%3b%24wpc%3d7823%3b%24wpc%3d6425%3b%24wpc%3d6430%3b%24wpc%3d6274%3b%24wpc%3d6275%3b%24wpc%3d1273&acd=1661404438370&envtype=0&opid=e58ac08d-381f-4fc7-8970-80b1dd562668&opdt=1661404438370&siteid=411664&tgt=aggressive%3dfalse%3btemplate_category%3darticle%3bpublisher_country%3dBR%3bcontext_safe%3dfalse%3badunit_type%3dinImage%3bvw_display%3d60%3bvw_video%3d53%3bvtr%3d33%3bvtr_short%3d31%3bvtr_medium%3d18%3bvtr_long%3d41%3bctr%3d0%3bproducts%3dOM120x600%3bsizes%3d120x600%3bproducts%3dOM160x600%3bsizes%3d160x600%3bproducts%3dOM300x600%3bsizes%3d300x600%3bproducts%3dOM320x50%3bsizes%3d320x50%3bproducts%3dOM728x90%3bsizes%3d728x90%3bproducts%3dOM970x250%3bsizes%3d970x250%3bproducts%3dOM300x250%3bsizes%3d300x250%3bproducts%3dP120x600%3bsizes%3d120x600%3bproducts%3dP160x600%3bsizes%3d160x600%3bproducts%3dP300x600%3bsizes%3d300x600%3bproducts%3dP320x50%3bsizes%3d320x50%3bproducts%3dP728x90%3bsizes%3d728x90%3bproducts%3dP970x250%3bsizes%3d970x250%3bproducts%3dP300x250%3bsizes%3d300x250%3bpublisher_category%3dbeauty-and-personal-care%3bcontext_custom_category%3doisolucoes%3bcontext_custom_category%3dshortwhats%3bcontext_custom_category%3dlab_vigor_business_empresas%3bcontext_custom_category%3dblockromance%3bcontext_custom_category%3dPedigree_Inovacao_tendencias%3bcontext_custom_category%3dlab_visa_house_decor%3bcontext_custom_category%3dlab_schweppes_esportes%3bcontext_custom_category%3drockinrio%3bcontext_custom_category%3dlab_visa_fashion%3bcontext_custom_category%3dterror%3bcontext_custom_category%3dlab_heineken_drinks%3bcontext_custom_category%3dlab_visa_travel%3bcontext_custom_category%3dpme%3bcontext_custom_category%3dwhiskas%3bcontext_custom_category%3dlab_visa_gastronomy%3bcontext_custom_category%3dshortblacklist%3bcontext_custom_category%3dlab_vigor_business_vacations%3bcontext_custom_category%3dlabpuig-ch-exclusivity%3bcontext_custom_category%3dlab_schweppes_life_lugares%3bcontext_custom_category%3dlab_schweppes_cultural_bares%3bcontext_custom_category%3dlabpuig-pr-experience%3bcontext_custom_category%3dnubank%3bcontext_custom_category%3dmilionario%3bcontext_custom_category%3dheineken_lab_tiger_block%3bcontext_custom_category%3dlabcolgateheal%3bcontext_custom_category%3dfilmeseseries%3bcontext_custom_category%3dlabcolgatenatfa%3bcontext_custom_category%3dosquatrocompro%3bcontext_custom_category%3dfilmesinfantis%3bcontext_custom_category%3dcafe%3bcontext_custom_category%3dsensodyne%3bcontext_custom_category%3dilhabela1%3bcontext_custom_category%3dlab_schweppes_rock_in_rio%3bcontext_custom_category%3dlab_schweppes_social_tecnologia%3bcontext_custom_category%3dtim5g%3bcontext_custom_category%3dcaminhao%3bcontext_custom_category%3dmundialhortifruti%3bcontext_custom_category%3dlab_schweppes_life_familia%3bcontext_custom_category%3dcocameals%3bcontext_custom_category%3dbaby%3bcontext_custom_category%3dmundialcarnes%3bcontext_custom_category%3ddoubleverify%3bcontext_custom_category%3dgsk_publicis_sensodyne%3bcontext_custom_category%3dlab_vigor_wellness_influencers%3bcontext_custom_category%3dcafe_br%3bcontext_custom_category%3dlab_schweppes_mixology%3bcontext_custom_category%3dcrianca%3bcontext_custom_category%3damericanastech%3bcontext_custom_category%3dgm-s10-ch%3bcontext_custom_category%3dlab_vigor_wellness_exercise%3bcontext_custom_category%3dRock+in+Rio%3bcontext_custom_category%3dlabpuig-ch-fashion%3bcontext_custom_category%3dlabpuig-ab-family%3bcontext_custom_category%3dtest-luxurytravel-br%3bcontext_custom_category%3dtexacoblock%3bcontext_custom_category%3damericanasapple%3bcontext_custom_category%3dlab_vigor_wellness_dance%3bcontext_custom_category%3dGM+s10+CH%26X+50+anos%3bcontext_custom_category%3dPedigree_Confianca%3bcontext_custom_category%3dlab_schweppes_social_atualidades%3bcontext_custom_category%3dlab_vigor_active_recipes%3bcontext_custom_category%3dmakeup%3bcontext_custom_category%3dtimcontrole%3bcontext_custom_category%3dpagode%3bcontext_custom_category%3dliveloblocklist%3bcontext_custom_category%3dgames%3bcontext_custom_category%3dPedigree_Qualidade%3bcontext_custom_category%3dlab_schweppes_life_sentimentos%3bcontext_custom_category%3dfanta%3bcontext_custom_category%3dLGBT2022%3bcontext_custom_category%3dlabpuig-pr-music%3bcontext_custom_category%3dnovela_pantanal%3bcontext_custom_category%3dlab_vigor_business_family%3bcontext_custom_category%3dlivelo%3bcontext_category%3dgossip%3bcontext_subcategory%3d-%3bcontext_categories_tier1%3dmovies%3bcontext_categories_tier2%3ddocumentary-movies%3bcontext_categories_tier3%3dother%3bcontext_categories_tier4%3dnone%3bab%3dNativeMinSize%3b%3b%24dt%3d1t%3b%24dma%3d618&gdpr=0&visit=S&statid=16&imptype=0&intgtype=0&pgDomain=https%3a%2f%2fglamour.globo.com%2flifestyle%2fnoticia%2f2019%2f12%2fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&cappid=3915573460503402842&capp=0&mcrdbt=1&insid=10180190&imgid=0&pgid=1383108&fmtid=78373&isLazy=0&rtb=1&rtbnid=3050&rtbbid=721247772133994770&rtbh=8a10c805a8b08ae7349aa2c7fb9fbab5e5794834&rtblt=637970012384625167&rtbet=0&rtbptnid=68&cftgid=3954d311d320
Requested by
Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.83.76.65 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:13:59 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
aid:63070516df1bfd3905d50040;c:0.3933;cid:2172825;ts:1661404438456
node-p2w-1utzoa.sitescout.com/smartadserver/px/ Frame F062 		43 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://node-p2w-1utzoa.sitescout.com/smartadserver/px/aid:63070516df1bfd3905d50040;c:0.3933;cid:2172825;ts:1661404438456
Requested by
Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.25.232.94 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
A /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:00 GMT
Server
A
P3P
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
Cache-Control
max-age=0,no-cache,no-store
Connection
close, close
Content-Type
image/gif
Content-Length
43
Expires
Tue, 11 Oct 1977 12:34:56 GMT
aa.js
q.adrta.com/ Frame F062 		887 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q.adrta.com/aa.js?cb=1661404438456
Requested by
Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.63.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-63-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2292a22f6040a861907017a1c2518b687d1ffdd13371946760b6abe871ee7153

Request headers

accept-language
en-US,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 25 Aug 2022 05:14:00 GMT
content-encoding
gzip
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
event
s.seedtag.com/s/ Frame F062 		43 B
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/s/event?type=imp&id=5d48fd61-fc4b-43a5-8c28-9cd7c2bcc1f7_SmartAdServerDisplayStandard_1
Requested by
Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
image/gif
access-control-allow-credentials
true
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 3F1E 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YwcFFgAGgokIaAY0AAAnMNxKp9bCD7dQ1Ixnqw&u=%7CdPGRhl%2B7%2BMWgpPFIpCJqMtCJIuSB7aEzylITgSDLOdw%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MTceYYGR9Jp5gwJSFuY1ZhN1_Ei2GJq8gd_G0tw1r14hnbYpVmvZEeZ3grlLUx-z4YYgXcAXP-xm45dOpRMTQ2S5iczFkxYc4DVGYC46ATP-k6EYWtuYZ03Fn2IUxSqnA_ihx5X8BFdchR5NyXI4oYxBTP2vLFJ5UMkfKCLc84eaNK2weWxmJ71gTfmFr8odm5bxqiOQJ--htYWPUtQ7RKgLoSbTX6T59wBkzS5n5CjsxYsz6Cs9dCgWg904mlqCZzn9F_BGivAe1umNo23lypsKXgoF0-WcHUiCJBaJJm13slpbs8eEc1FyD8sMMR46ul6bAZOhIsMZyQwgNT9Rc1vQ9KulDUKYGLE_O4T_q71i1dk-CTLivbkQd8NiriMGMz4oD1Uj0l3d6g9UZ3wHDOqD9RBRmTkxUKli2P7duAyr0zhZFthEV5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTXExFgUHY4mFGrSMoPMPsM6AuAecge-wXNqkqap0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN6ABrN3-6APIAQngAgCoAwGqBNQCT9DBe3BZCAmn095o1iZouRKGQHDII5v-6LFV0nXaKTdGgkpaKzANBAqC5gW_mk3z7OXElD4oa-YJ4kAMQMRerD2-_XB52qxxOfsLXCsJT8BaFEmWq3WE0JKS_jgO8WM1wCJRDc7rXco8ACI66A4Y-E4Ade9Fqbg24omZB7vHKkQ14Qvpyn6PkoIfi_Kj5dKUoyuX_O8V-4jFqjJxaWdz1eZ7jZ29K2rqOBvCQcPLXW_3RT_qtEmNLkS0LfmikJe0lJOdPFjmR2lDGN2dlyOsT3XGggo6FntlmBPAEH8q8IIu4RBn2gPpBGXWW47nZMqdEB0p-Gk2u16ro0T9lzyza6zdWOY2QeAUSt5LoG80ZKFlx1mb_EHkmYjuD7g3PGE8Xow-dROFmlJXWaCak2gL4Cozx_xj2hyqt6qcKSqXc9GZQZSbSwZFA30QjYN6gRTPlZXkvOAEAYAG8svvvtjL7-1JoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1BBFSwNw0F-QD9vVwmK83CozIVhQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1848871
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AvFKyujHOaaGr0IrTvddlunAxisPRg9PXk7zZELFeQz0HCoh67ib5%2FeQU59S1eGTCnZYBo3X%2B2QNPKPmIlNm7OHPG%2FyVNhOLsRPlnREU12y70IfZmUZ%2FeBBEwtRbc3OtglbR5IZikOgAOZDoNJfKl%2F8v"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7401d778795d2994-ORD
expires
Tue, 15 Aug 2023 05:14:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 3F1E 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YwcFFgAGgokIaAY0AAAnMNxKp9bCD7dQ1Ixnqw&u=%7CdPGRhl%2B7%2BMWgpPFIpCJqMtCJIuSB7aEzylITgSDLOdw%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MTceYYGR9Jp5gwJSFuY1ZhN1_Ei2GJq8gd_G0tw1r14hnbYpVmvZEeZ3grlLUx-z4YYgXcAXP-xm45dOpRMTQ2S5iczFkxYc4DVGYC46ATP-k6EYWtuYZ03Fn2IUxSqnA_ihx5X8BFdchR5NyXI4oYxBTP2vLFJ5UMkfKCLc84eaNK2weWxmJ71gTfmFr8odm5bxqiOQJ--htYWPUtQ7RKgLoSbTX6T59wBkzS5n5CjsxYsz6Cs9dCgWg904mlqCZzn9F_BGivAe1umNo23lypsKXgoF0-WcHUiCJBaJJm13slpbs8eEc1FyD8sMMR46ul6bAZOhIsMZyQwgNT9Rc1vQ9KulDUKYGLE_O4T_q71i1dk-CTLivbkQd8NiriMGMz4oD1Uj0l3d6g9UZ3wHDOqD9RBRmTkxUKli2P7duAyr0zhZFthEV5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTXExFgUHY4mFGrSMoPMPsM6AuAecge-wXNqkqap0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN6ABrN3-6APIAQngAgCoAwGqBNQCT9DBe3BZCAmn095o1iZouRKGQHDII5v-6LFV0nXaKTdGgkpaKzANBAqC5gW_mk3z7OXElD4oa-YJ4kAMQMRerD2-_XB52qxxOfsLXCsJT8BaFEmWq3WE0JKS_jgO8WM1wCJRDc7rXco8ACI66A4Y-E4Ade9Fqbg24omZB7vHKkQ14Qvpyn6PkoIfi_Kj5dKUoyuX_O8V-4jFqjJxaWdz1eZ7jZ29K2rqOBvCQcPLXW_3RT_qtEmNLkS0LfmikJe0lJOdPFjmR2lDGN2dlyOsT3XGggo6FntlmBPAEH8q8IIu4RBn2gPpBGXWW47nZMqdEB0p-Gk2u16ro0T9lzyza6zdWOY2QeAUSt5LoG80ZKFlx1mb_EHkmYjuD7g3PGE8Xow-dROFmlJXWaCak2gL4Cozx_xj2hyqt6qcKSqXc9GZQZSbSwZFA30QjYN6gRTPlZXkvOAEAYAG8svvvtjL7-1JoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1BBFSwNw0F-QD9vVwmK83CozIVhQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Aug 2023 05:14:00 GMT
4c0c6686a93045c6ad1c1c9d19dc38d7_sharpgroteskmedium22.woff
static.criteo.net/design/dt/ Frame 3F1E 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/4c0c6686a93045c6ad1c1c9d19dc38d7_sharpgroteskmedium22.woff
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YwcFFgAGgokIaAY0AAAnMNxKp9bCD7dQ1Ixnqw&u=%7CdPGRhl%2B7%2BMWgpPFIpCJqMtCJIuSB7aEzylITgSDLOdw%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MTceYYGR9Jp5gwJSFuY1ZhN1_Ei2GJq8gd_G0tw1r14hnbYpVmvZEeZ3grlLUx-z4YYgXcAXP-xm45dOpRMTQ2S5iczFkxYc4DVGYC46ATP-k6EYWtuYZ03Fn2IUxSqnA_ihx5X8BFdchR5NyXI4oYxBTP2vLFJ5UMkfKCLc84eaNK2weWxmJ71gTfmFr8odm5bxqiOQJ--htYWPUtQ7RKgLoSbTX6T59wBkzS5n5CjsxYsz6Cs9dCgWg904mlqCZzn9F_BGivAe1umNo23lypsKXgoF0-WcHUiCJBaJJm13slpbs8eEc1FyD8sMMR46ul6bAZOhIsMZyQwgNT9Rc1vQ9KulDUKYGLE_O4T_q71i1dk-CTLivbkQd8NiriMGMz4oD1Uj0l3d6g9UZ3wHDOqD9RBRmTkxUKli2P7duAyr0zhZFthEV5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTXExFgUHY4mFGrSMoPMPsM6AuAecge-wXNqkqap0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN6ABrN3-6APIAQngAgCoAwGqBNQCT9DBe3BZCAmn095o1iZouRKGQHDII5v-6LFV0nXaKTdGgkpaKzANBAqC5gW_mk3z7OXElD4oa-YJ4kAMQMRerD2-_XB52qxxOfsLXCsJT8BaFEmWq3WE0JKS_jgO8WM1wCJRDc7rXco8ACI66A4Y-E4Ade9Fqbg24omZB7vHKkQ14Qvpyn6PkoIfi_Kj5dKUoyuX_O8V-4jFqjJxaWdz1eZ7jZ29K2rqOBvCQcPLXW_3RT_qtEmNLkS0LfmikJe0lJOdPFjmR2lDGN2dlyOsT3XGggo6FntlmBPAEH8q8IIu4RBn2gPpBGXWW47nZMqdEB0p-Gk2u16ro0T9lzyza6zdWOY2QeAUSt5LoG80ZKFlx1mb_EHkmYjuD7g3PGE8Xow-dROFmlJXWaCak2gL4Cozx_xj2hyqt6qcKSqXc9GZQZSbSwZFA30QjYN6gRTPlZXkvOAEAYAG8svvvtjL7-1JoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1BBFSwNw0F-QD9vVwmK83CozIVhQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
192829959bf3b5699716d4fa411c0da8d960960f4c4c8d7065bb48faba1edee7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Origin
https://ads.us.criteo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
content-encoding
gzip
last-modified
Mon, 17 Dec 2018 15:33:37 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c17c1d1-8a08"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Aug 2023 05:14:00 GMT
img
pix.us.criteo.net/img/ Frame 3F1E 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=316&m=0&partner=21472&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F21472%2F210922%2Fc1b70a7d5fbd463b933c0c6ea013ffba_apt2blogo.png&v=3&w=1276&s=teIkE_tgxmv8n20knZQRGUV1
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YwcFFgAGgokIaAY0AAAnMNxKp9bCD7dQ1Ixnqw&u=%7CdPGRhl%2B7%2BMWgpPFIpCJqMtCJIuSB7aEzylITgSDLOdw%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MTceYYGR9Jp5gwJSFuY1ZhN1_Ei2GJq8gd_G0tw1r14hnbYpVmvZEeZ3grlLUx-z4YYgXcAXP-xm45dOpRMTQ2S5iczFkxYc4DVGYC46ATP-k6EYWtuYZ03Fn2IUxSqnA_ihx5X8BFdchR5NyXI4oYxBTP2vLFJ5UMkfKCLc84eaNK2weWxmJ71gTfmFr8odm5bxqiOQJ--htYWPUtQ7RKgLoSbTX6T59wBkzS5n5CjsxYsz6Cs9dCgWg904mlqCZzn9F_BGivAe1umNo23lypsKXgoF0-WcHUiCJBaJJm13slpbs8eEc1FyD8sMMR46ul6bAZOhIsMZyQwgNT9Rc1vQ9KulDUKYGLE_O4T_q71i1dk-CTLivbkQd8NiriMGMz4oD1Uj0l3d6g9UZ3wHDOqD9RBRmTkxUKli2P7duAyr0zhZFthEV5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTXExFgUHY4mFGrSMoPMPsM6AuAecge-wXNqkqap0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN6ABrN3-6APIAQngAgCoAwGqBNQCT9DBe3BZCAmn095o1iZouRKGQHDII5v-6LFV0nXaKTdGgkpaKzANBAqC5gW_mk3z7OXElD4oa-YJ4kAMQMRerD2-_XB52qxxOfsLXCsJT8BaFEmWq3WE0JKS_jgO8WM1wCJRDc7rXco8ACI66A4Y-E4Ade9Fqbg24omZB7vHKkQ14Qvpyn6PkoIfi_Kj5dKUoyuX_O8V-4jFqjJxaWdz1eZ7jZ29K2rqOBvCQcPLXW_3RT_qtEmNLkS0LfmikJe0lJOdPFjmR2lDGN2dlyOsT3XGggo6FntlmBPAEH8q8IIu4RBn2gPpBGXWW47nZMqdEB0p-Gk2u16ro0T9lzyza6zdWOY2QeAUSt5LoG80ZKFlx1mb_EHkmYjuD7g3PGE8Xow-dROFmlJXWaCak2gL4Cozx_xj2hyqt6qcKSqXc9GZQZSbSwZFA30QjYN6gRTPlZXkvOAEAYAG8svvvtjL7-1JoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1BBFSwNw0F-QD9vVwmK83CozIVhQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
540ec6140bc77b27dafedc109bb4e4ece1ccb0f5d1456c40ea23d2c5063a80d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28762559
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
29613
expires
Mon, 24 Jul 2023 02:49:59 GMT
img
pix.us.criteo.net/img/ Frame 3F1E 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?cq=256&h=800&m=0&partner=21472&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0014%2F1865%2F7881%2Fproducts%2F11.jpg%3Fv%3D1624869980&v=3&w=800&s=6AIHG8FMwbmZCXASny1XAX-f&b=800
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YwcFFgAGgokIaAY0AAAnMNxKp9bCD7dQ1Ixnqw&u=%7CdPGRhl%2B7%2BMWgpPFIpCJqMtCJIuSB7aEzylITgSDLOdw%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MTceYYGR9Jp5gwJSFuY1ZhN1_Ei2GJq8gd_G0tw1r14hnbYpVmvZEeZ3grlLUx-z4YYgXcAXP-xm45dOpRMTQ2S5iczFkxYc4DVGYC46ATP-k6EYWtuYZ03Fn2IUxSqnA_ihx5X8BFdchR5NyXI4oYxBTP2vLFJ5UMkfKCLc84eaNK2weWxmJ71gTfmFr8odm5bxqiOQJ--htYWPUtQ7RKgLoSbTX6T59wBkzS5n5CjsxYsz6Cs9dCgWg904mlqCZzn9F_BGivAe1umNo23lypsKXgoF0-WcHUiCJBaJJm13slpbs8eEc1FyD8sMMR46ul6bAZOhIsMZyQwgNT9Rc1vQ9KulDUKYGLE_O4T_q71i1dk-CTLivbkQd8NiriMGMz4oD1Uj0l3d6g9UZ3wHDOqD9RBRmTkxUKli2P7duAyr0zhZFthEV5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTXExFgUHY4mFGrSMoPMPsM6AuAecge-wXNqkqap0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN6ABrN3-6APIAQngAgCoAwGqBNQCT9DBe3BZCAmn095o1iZouRKGQHDII5v-6LFV0nXaKTdGgkpaKzANBAqC5gW_mk3z7OXElD4oa-YJ4kAMQMRerD2-_XB52qxxOfsLXCsJT8BaFEmWq3WE0JKS_jgO8WM1wCJRDc7rXco8ACI66A4Y-E4Ade9Fqbg24omZB7vHKkQ14Qvpyn6PkoIfi_Kj5dKUoyuX_O8V-4jFqjJxaWdz1eZ7jZ29K2rqOBvCQcPLXW_3RT_qtEmNLkS0LfmikJe0lJOdPFjmR2lDGN2dlyOsT3XGggo6FntlmBPAEH8q8IIu4RBn2gPpBGXWW47nZMqdEB0p-Gk2u16ro0T9lzyza6zdWOY2QeAUSt5LoG80ZKFlx1mb_EHkmYjuD7g3PGE8Xow-dROFmlJXWaCak2gL4Cozx_xj2hyqt6qcKSqXc9GZQZSbSwZFA30QjYN6gRTPlZXkvOAEAYAG8svvvtjL7-1JoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1BBFSwNw0F-QD9vVwmK83CozIVhQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
6d3f979aa5e232e59a817c0ce87451940991400579e507707ae0d8857b7db0d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30231253
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
12542
expires
Thu, 10 Aug 2023 02:48:13 GMT
img
pix.us.criteo.net/img/ Frame 3F1E 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?cq=256&h=800&m=0&partner=21472&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0014%2F1865%2F7881%2Fproducts%2FAPT2B-TORANADO-SECTIONAL-GRYLTHR-4.jpg%3Fv%3D1642098922&v=3&w=800&s=4UiV7xBb4PM8sJsGHo5-7b0t&b=800
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YwcFFgAGgokIaAY0AAAnMNxKp9bCD7dQ1Ixnqw&u=%7CdPGRhl%2B7%2BMWgpPFIpCJqMtCJIuSB7aEzylITgSDLOdw%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MTceYYGR9Jp5gwJSFuY1ZhN1_Ei2GJq8gd_G0tw1r14hnbYpVmvZEeZ3grlLUx-z4YYgXcAXP-xm45dOpRMTQ2S5iczFkxYc4DVGYC46ATP-k6EYWtuYZ03Fn2IUxSqnA_ihx5X8BFdchR5NyXI4oYxBTP2vLFJ5UMkfKCLc84eaNK2weWxmJ71gTfmFr8odm5bxqiOQJ--htYWPUtQ7RKgLoSbTX6T59wBkzS5n5CjsxYsz6Cs9dCgWg904mlqCZzn9F_BGivAe1umNo23lypsKXgoF0-WcHUiCJBaJJm13slpbs8eEc1FyD8sMMR46ul6bAZOhIsMZyQwgNT9Rc1vQ9KulDUKYGLE_O4T_q71i1dk-CTLivbkQd8NiriMGMz4oD1Uj0l3d6g9UZ3wHDOqD9RBRmTkxUKli2P7duAyr0zhZFthEV5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTXExFgUHY4mFGrSMoPMPsM6AuAecge-wXNqkqap0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN6ABrN3-6APIAQngAgCoAwGqBNQCT9DBe3BZCAmn095o1iZouRKGQHDII5v-6LFV0nXaKTdGgkpaKzANBAqC5gW_mk3z7OXElD4oa-YJ4kAMQMRerD2-_XB52qxxOfsLXCsJT8BaFEmWq3WE0JKS_jgO8WM1wCJRDc7rXco8ACI66A4Y-E4Ade9Fqbg24omZB7vHKkQ14Qvpyn6PkoIfi_Kj5dKUoyuX_O8V-4jFqjJxaWdz1eZ7jZ29K2rqOBvCQcPLXW_3RT_qtEmNLkS0LfmikJe0lJOdPFjmR2lDGN2dlyOsT3XGggo6FntlmBPAEH8q8IIu4RBn2gPpBGXWW47nZMqdEB0p-Gk2u16ro0T9lzyza6zdWOY2QeAUSt5LoG80ZKFlx1mb_EHkmYjuD7g3PGE8Xow-dROFmlJXWaCak2gL4Cozx_xj2hyqt6qcKSqXc9GZQZSbSwZFA30QjYN6gRTPlZXkvOAEAYAG8svvvtjL7-1JoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1BBFSwNw0F-QD9vVwmK83CozIVhQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b8d4b2dc578418828e430a65d888b79686d607a8c53b47dd558ce87681b28002
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29614718
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11572
expires
Wed, 02 Aug 2023 23:32:39 GMT
img
pix.us.criteo.net/img/ Frame 3F1E 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?cq=256&h=800&m=0&partner=21472&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0014%2F1865%2F7881%2Fproducts%2FApt2B-Soto-Espresso-Sofa-Surf.jpg%3Fv%3D1649958475&v=3&w=800&s=bLwb5nEfe_pJrBUsWbhbUoUP&b=800
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YwcFFgAGgokIaAY0AAAnMNxKp9bCD7dQ1Ixnqw&u=%7CdPGRhl%2B7%2BMWgpPFIpCJqMtCJIuSB7aEzylITgSDLOdw%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MTceYYGR9Jp5gwJSFuY1ZhN1_Ei2GJq8gd_G0tw1r14hnbYpVmvZEeZ3grlLUx-z4YYgXcAXP-xm45dOpRMTQ2S5iczFkxYc4DVGYC46ATP-k6EYWtuYZ03Fn2IUxSqnA_ihx5X8BFdchR5NyXI4oYxBTP2vLFJ5UMkfKCLc84eaNK2weWxmJ71gTfmFr8odm5bxqiOQJ--htYWPUtQ7RKgLoSbTX6T59wBkzS5n5CjsxYsz6Cs9dCgWg904mlqCZzn9F_BGivAe1umNo23lypsKXgoF0-WcHUiCJBaJJm13slpbs8eEc1FyD8sMMR46ul6bAZOhIsMZyQwgNT9Rc1vQ9KulDUKYGLE_O4T_q71i1dk-CTLivbkQd8NiriMGMz4oD1Uj0l3d6g9UZ3wHDOqD9RBRmTkxUKli2P7duAyr0zhZFthEV5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTXExFgUHY4mFGrSMoPMPsM6AuAecge-wXNqkqap0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN6ABrN3-6APIAQngAgCoAwGqBNQCT9DBe3BZCAmn095o1iZouRKGQHDII5v-6LFV0nXaKTdGgkpaKzANBAqC5gW_mk3z7OXElD4oa-YJ4kAMQMRerD2-_XB52qxxOfsLXCsJT8BaFEmWq3WE0JKS_jgO8WM1wCJRDc7rXco8ACI66A4Y-E4Ade9Fqbg24omZB7vHKkQ14Qvpyn6PkoIfi_Kj5dKUoyuX_O8V-4jFqjJxaWdz1eZ7jZ29K2rqOBvCQcPLXW_3RT_qtEmNLkS0LfmikJe0lJOdPFjmR2lDGN2dlyOsT3XGggo6FntlmBPAEH8q8IIu4RBn2gPpBGXWW47nZMqdEB0p-Gk2u16ro0T9lzyza6zdWOY2QeAUSt5LoG80ZKFlx1mb_EHkmYjuD7g3PGE8Xow-dROFmlJXWaCak2gL4Cozx_xj2hyqt6qcKSqXc9GZQZSbSwZFA30QjYN6gRTPlZXkvOAEAYAG8svvvtjL7-1JoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1BBFSwNw0F-QD9vVwmK83CozIVhQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
594459f04b56087383793fd0e59649aaf95cc0cc3ba4d5cfa007d5ce6ff32181
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27935419
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
9578
expires
Fri, 14 Jul 2023 13:04:19 GMT
img
pix.us.criteo.net/img/ Frame 3F1E 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?cq=256&h=800&m=0&partner=21472&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0014%2F1865%2F7881%2Fproducts%2FMarco_Apt_Size_Sofa_Espresso_Pomegranate_35f4a69d-bac8-45fd-9f9f-0bc631a0c9c7.jpg%3Fv%3D1627497955&v=3&w=800&s=TWyTv9oy3qetDTMJoMR18Vux&b=800
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YwcFFgAGgokIaAY0AAAnMNxKp9bCD7dQ1Ixnqw&u=%7CdPGRhl%2B7%2BMWgpPFIpCJqMtCJIuSB7aEzylITgSDLOdw%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MTceYYGR9Jp5gwJSFuY1ZhN1_Ei2GJq8gd_G0tw1r14hnbYpVmvZEeZ3grlLUx-z4YYgXcAXP-xm45dOpRMTQ2S5iczFkxYc4DVGYC46ATP-k6EYWtuYZ03Fn2IUxSqnA_ihx5X8BFdchR5NyXI4oYxBTP2vLFJ5UMkfKCLc84eaNK2weWxmJ71gTfmFr8odm5bxqiOQJ--htYWPUtQ7RKgLoSbTX6T59wBkzS5n5CjsxYsz6Cs9dCgWg904mlqCZzn9F_BGivAe1umNo23lypsKXgoF0-WcHUiCJBaJJm13slpbs8eEc1FyD8sMMR46ul6bAZOhIsMZyQwgNT9Rc1vQ9KulDUKYGLE_O4T_q71i1dk-CTLivbkQd8NiriMGMz4oD1Uj0l3d6g9UZ3wHDOqD9RBRmTkxUKli2P7duAyr0zhZFthEV5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTXExFgUHY4mFGrSMoPMPsM6AuAecge-wXNqkqap0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN6ABrN3-6APIAQngAgCoAwGqBNQCT9DBe3BZCAmn095o1iZouRKGQHDII5v-6LFV0nXaKTdGgkpaKzANBAqC5gW_mk3z7OXElD4oa-YJ4kAMQMRerD2-_XB52qxxOfsLXCsJT8BaFEmWq3WE0JKS_jgO8WM1wCJRDc7rXco8ACI66A4Y-E4Ade9Fqbg24omZB7vHKkQ14Qvpyn6PkoIfi_Kj5dKUoyuX_O8V-4jFqjJxaWdz1eZ7jZ29K2rqOBvCQcPLXW_3RT_qtEmNLkS0LfmikJe0lJOdPFjmR2lDGN2dlyOsT3XGggo6FntlmBPAEH8q8IIu4RBn2gPpBGXWW47nZMqdEB0p-Gk2u16ro0T9lzyza6zdWOY2QeAUSt5LoG80ZKFlx1mb_EHkmYjuD7g3PGE8Xow-dROFmlJXWaCak2gL4Cozx_xj2hyqt6qcKSqXc9GZQZSbSwZFA30QjYN6gRTPlZXkvOAEAYAG8svvvtjL7-1JoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1BBFSwNw0F-QD9vVwmK83CozIVhQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
55b8d8023063c17ceb90f9cef08ed6d7a4dc764b3448534b0b863a277fa9f704
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:13:59 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27098639
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
7286
expires
Tue, 04 Jul 2023 20:37:59 GMT
img
pix.us.criteo.net/img/ Frame 3F1E 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?cq=256&h=800&m=0&partner=21472&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0014%2F1865%2F7881%2Fproducts%2Fimg_3f48d987-4651-4489-b4b5-5fece00a911d.png%3Fv%3D1635879186&v=3&w=800&s=azhL6hT0Xd20cbZhbwXEdJy1&b=800
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YwcFFgAGgokIaAY0AAAnMNxKp9bCD7dQ1Ixnqw&u=%7CdPGRhl%2B7%2BMWgpPFIpCJqMtCJIuSB7aEzylITgSDLOdw%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MTceYYGR9Jp5gwJSFuY1ZhN1_Ei2GJq8gd_G0tw1r14hnbYpVmvZEeZ3grlLUx-z4YYgXcAXP-xm45dOpRMTQ2S5iczFkxYc4DVGYC46ATP-k6EYWtuYZ03Fn2IUxSqnA_ihx5X8BFdchR5NyXI4oYxBTP2vLFJ5UMkfKCLc84eaNK2weWxmJ71gTfmFr8odm5bxqiOQJ--htYWPUtQ7RKgLoSbTX6T59wBkzS5n5CjsxYsz6Cs9dCgWg904mlqCZzn9F_BGivAe1umNo23lypsKXgoF0-WcHUiCJBaJJm13slpbs8eEc1FyD8sMMR46ul6bAZOhIsMZyQwgNT9Rc1vQ9KulDUKYGLE_O4T_q71i1dk-CTLivbkQd8NiriMGMz4oD1Uj0l3d6g9UZ3wHDOqD9RBRmTkxUKli2P7duAyr0zhZFthEV5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTXExFgUHY4mFGrSMoPMPsM6AuAecge-wXNqkqap0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN6ABrN3-6APIAQngAgCoAwGqBNQCT9DBe3BZCAmn095o1iZouRKGQHDII5v-6LFV0nXaKTdGgkpaKzANBAqC5gW_mk3z7OXElD4oa-YJ4kAMQMRerD2-_XB52qxxOfsLXCsJT8BaFEmWq3WE0JKS_jgO8WM1wCJRDc7rXco8ACI66A4Y-E4Ade9Fqbg24omZB7vHKkQ14Qvpyn6PkoIfi_Kj5dKUoyuX_O8V-4jFqjJxaWdz1eZ7jZ29K2rqOBvCQcPLXW_3RT_qtEmNLkS0LfmikJe0lJOdPFjmR2lDGN2dlyOsT3XGggo6FntlmBPAEH8q8IIu4RBn2gPpBGXWW47nZMqdEB0p-Gk2u16ro0T9lzyza6zdWOY2QeAUSt5LoG80ZKFlx1mb_EHkmYjuD7g3PGE8Xow-dROFmlJXWaCak2gL4Cozx_xj2hyqt6qcKSqXc9GZQZSbSwZFA30QjYN6gRTPlZXkvOAEAYAG8svvvtjL7-1JoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1BBFSwNw0F-QD9vVwmK83CozIVhQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
73f7aff779c41ff88537f39fc27bba4a36a81214fe1bf87a3eebdd1d55aba6fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28246271
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
8350
expires
Tue, 18 Jul 2023 03:25:11 GMT
img
pix.us.criteo.net/img/ Frame 3F1E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?cq=256&h=800&m=0&partner=21472&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0014%2F1865%2F7881%2Fproducts%2FAPT2B-PET-BED-LARGE-EVERGREEN-VELVET-1.jpg%3Fv%3D1642099655&v=3&w=800&s=3xqZrStfvnINSzVEF1BrARQy&b=800
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YwcFFgAGgokIaAY0AAAnMNxKp9bCD7dQ1Ixnqw&u=%7CdPGRhl%2B7%2BMWgpPFIpCJqMtCJIuSB7aEzylITgSDLOdw%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MTceYYGR9Jp5gwJSFuY1ZhN1_Ei2GJq8gd_G0tw1r14hnbYpVmvZEeZ3grlLUx-z4YYgXcAXP-xm45dOpRMTQ2S5iczFkxYc4DVGYC46ATP-k6EYWtuYZ03Fn2IUxSqnA_ihx5X8BFdchR5NyXI4oYxBTP2vLFJ5UMkfKCLc84eaNK2weWxmJ71gTfmFr8odm5bxqiOQJ--htYWPUtQ7RKgLoSbTX6T59wBkzS5n5CjsxYsz6Cs9dCgWg904mlqCZzn9F_BGivAe1umNo23lypsKXgoF0-WcHUiCJBaJJm13slpbs8eEc1FyD8sMMR46ul6bAZOhIsMZyQwgNT9Rc1vQ9KulDUKYGLE_O4T_q71i1dk-CTLivbkQd8NiriMGMz4oD1Uj0l3d6g9UZ3wHDOqD9RBRmTkxUKli2P7duAyr0zhZFthEV5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTXExFgUHY4mFGrSMoPMPsM6AuAecge-wXNqkqap0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN6ABrN3-6APIAQngAgCoAwGqBNQCT9DBe3BZCAmn095o1iZouRKGQHDII5v-6LFV0nXaKTdGgkpaKzANBAqC5gW_mk3z7OXElD4oa-YJ4kAMQMRerD2-_XB52qxxOfsLXCsJT8BaFEmWq3WE0JKS_jgO8WM1wCJRDc7rXco8ACI66A4Y-E4Ade9Fqbg24omZB7vHKkQ14Qvpyn6PkoIfi_Kj5dKUoyuX_O8V-4jFqjJxaWdz1eZ7jZ29K2rqOBvCQcPLXW_3RT_qtEmNLkS0LfmikJe0lJOdPFjmR2lDGN2dlyOsT3XGggo6FntlmBPAEH8q8IIu4RBn2gPpBGXWW47nZMqdEB0p-Gk2u16ro0T9lzyza6zdWOY2QeAUSt5LoG80ZKFlx1mb_EHkmYjuD7g3PGE8Xow-dROFmlJXWaCak2gL4Cozx_xj2hyqt6qcKSqXc9GZQZSbSwZFA30QjYN6gRTPlZXkvOAEAYAG8svvvtjL7-1JoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1BBFSwNw0F-QD9vVwmK83CozIVhQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
2bff28f8401ff5f6fd4b5a8d119831187ca601e7a6641cbf75841e35bc416b47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27932673
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6266
expires
Fri, 14 Jul 2023 12:18:34 GMT
all
csm.us.criteo.net/ Frame 3F1E 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=_13HViSUVsDCZkZ8N7ah-wpkNFKKCAsWemyjyPH3mX98ATKXb21o2E_ozo4a8sx6n3WMhvINfietu6WgYKIRlfAQVABeAvdfhhvzShCjY008R34fbdpv3Hy3sMYaRFT6e_r544OswK2fs0RQlclE-_X4QFlqMtC-ImKaP8IMFkK3IGOcEwek-PvAVVHa9n0sY3Jm21rPpJZOgJ58nFtLciEd8UgiBA_U-9ce46JN4I-OQdWuO6nXx86C5OvkSKdHxtP2AQ&sds=2&rev=82533&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YwcFFgAGgokIaAY0AAAnMNxKp9bCD7dQ1Ixnqw&u=%7CdPGRhl%2B7%2BMWgpPFIpCJqMtCJIuSB7aEzylITgSDLOdw%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MTceYYGR9Jp5gwJSFuY1ZhN1_Ei2GJq8gd_G0tw1r14hnbYpVmvZEeZ3grlLUx-z4YYgXcAXP-xm45dOpRMTQ2S5iczFkxYc4DVGYC46ATP-k6EYWtuYZ03Fn2IUxSqnA_ihx5X8BFdchR5NyXI4oYxBTP2vLFJ5UMkfKCLc84eaNK2weWxmJ71gTfmFr8odm5bxqiOQJ--htYWPUtQ7RKgLoSbTX6T59wBkzS5n5CjsxYsz6Cs9dCgWg904mlqCZzn9F_BGivAe1umNo23lypsKXgoF0-WcHUiCJBaJJm13slpbs8eEc1FyD8sMMR46ul6bAZOhIsMZyQwgNT9Rc1vQ9KulDUKYGLE_O4T_q71i1dk-CTLivbkQd8NiriMGMz4oD1Uj0l3d6g9UZ3wHDOqD9RBRmTkxUKli2P7duAyr0zhZFthEV5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTXExFgUHY4mFGrSMoPMPsM6AuAecge-wXNqkqap0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN6ABrN3-6APIAQngAgCoAwGqBNQCT9DBe3BZCAmn095o1iZouRKGQHDII5v-6LFV0nXaKTdGgkpaKzANBAqC5gW_mk3z7OXElD4oa-YJ4kAMQMRerD2-_XB52qxxOfsLXCsJT8BaFEmWq3WE0JKS_jgO8WM1wCJRDc7rXco8ACI66A4Y-E4Ade9Fqbg24omZB7vHKkQ14Qvpyn6PkoIfi_Kj5dKUoyuX_O8V-4jFqjJxaWdz1eZ7jZ29K2rqOBvCQcPLXW_3RT_qtEmNLkS0LfmikJe0lJOdPFjmR2lDGN2dlyOsT3XGggo6FntlmBPAEH8q8IIu4RBn2gPpBGXWW47nZMqdEB0p-Gk2u16ro0T9lzyza6zdWOY2QeAUSt5LoG80ZKFlx1mb_EHkmYjuD7g3PGE8Xow-dROFmlJXWaCak2gL4Cozx_xj2hyqt6qcKSqXc9GZQZSbSwZFA30QjYN6gRTPlZXkvOAEAYAG8svvvtjL7-1JoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1BBFSwNw0F-QD9vVwmK83CozIVhQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 25 Aug 2022 05:14:00 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3F1E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YwcFFgAGgokIaAY0AAAnMNxKp9bCD7dQ1Ixnqw&u=%7CdPGRhl%2B7%2BMWgpPFIpCJqMtCJIuSB7aEzylITgSDLOdw%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MTceYYGR9Jp5gwJSFuY1ZhN1_Ei2GJq8gd_G0tw1r14hnbYpVmvZEeZ3grlLUx-z4YYgXcAXP-xm45dOpRMTQ2S5iczFkxYc4DVGYC46ATP-k6EYWtuYZ03Fn2IUxSqnA_ihx5X8BFdchR5NyXI4oYxBTP2vLFJ5UMkfKCLc84eaNK2weWxmJ71gTfmFr8odm5bxqiOQJ--htYWPUtQ7RKgLoSbTX6T59wBkzS5n5CjsxYsz6Cs9dCgWg904mlqCZzn9F_BGivAe1umNo23lypsKXgoF0-WcHUiCJBaJJm13slpbs8eEc1FyD8sMMR46ul6bAZOhIsMZyQwgNT9Rc1vQ9KulDUKYGLE_O4T_q71i1dk-CTLivbkQd8NiriMGMz4oD1Uj0l3d6g9UZ3wHDOqD9RBRmTkxUKli2P7duAyr0zhZFthEV5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTXExFgUHY4mFGrSMoPMPsM6AuAecge-wXNqkqap0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN6ABrN3-6APIAQngAgCoAwGqBNQCT9DBe3BZCAmn095o1iZouRKGQHDII5v-6LFV0nXaKTdGgkpaKzANBAqC5gW_mk3z7OXElD4oa-YJ4kAMQMRerD2-_XB52qxxOfsLXCsJT8BaFEmWq3WE0JKS_jgO8WM1wCJRDc7rXco8ACI66A4Y-E4Ade9Fqbg24omZB7vHKkQ14Qvpyn6PkoIfi_Kj5dKUoyuX_O8V-4jFqjJxaWdz1eZ7jZ29K2rqOBvCQcPLXW_3RT_qtEmNLkS0LfmikJe0lJOdPFjmR2lDGN2dlyOsT3XGggo6FntlmBPAEH8q8IIu4RBn2gPpBGXWW47nZMqdEB0p-Gk2u16ro0T9lzyza6zdWOY2QeAUSt5LoG80ZKFlx1mb_EHkmYjuD7g3PGE8Xow-dROFmlJXWaCak2gL4Cozx_xj2hyqt6qcKSqXc9GZQZSbSwZFA30QjYN6gRTPlZXkvOAEAYAG8svvvtjL7-1JoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1BBFSwNw0F-QD9vVwmK83CozIVhQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Aug 2023 05:14:00 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 3F1E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YwcFFgAGgokIaAY0AAAnMNxKp9bCD7dQ1Ixnqw&u=%7CdPGRhl%2B7%2BMWgpPFIpCJqMtCJIuSB7aEzylITgSDLOdw%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MTceYYGR9Jp5gwJSFuY1ZhN1_Ei2GJq8gd_G0tw1r14hnbYpVmvZEeZ3grlLUx-z4YYgXcAXP-xm45dOpRMTQ2S5iczFkxYc4DVGYC46ATP-k6EYWtuYZ03Fn2IUxSqnA_ihx5X8BFdchR5NyXI4oYxBTP2vLFJ5UMkfKCLc84eaNK2weWxmJ71gTfmFr8odm5bxqiOQJ--htYWPUtQ7RKgLoSbTX6T59wBkzS5n5CjsxYsz6Cs9dCgWg904mlqCZzn9F_BGivAe1umNo23lypsKXgoF0-WcHUiCJBaJJm13slpbs8eEc1FyD8sMMR46ul6bAZOhIsMZyQwgNT9Rc1vQ9KulDUKYGLE_O4T_q71i1dk-CTLivbkQd8NiriMGMz4oD1Uj0l3d6g9UZ3wHDOqD9RBRmTkxUKli2P7duAyr0zhZFthEV5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTXExFgUHY4mFGrSMoPMPsM6AuAecge-wXNqkqap0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN6ABrN3-6APIAQngAgCoAwGqBNQCT9DBe3BZCAmn095o1iZouRKGQHDII5v-6LFV0nXaKTdGgkpaKzANBAqC5gW_mk3z7OXElD4oa-YJ4kAMQMRerD2-_XB52qxxOfsLXCsJT8BaFEmWq3WE0JKS_jgO8WM1wCJRDc7rXco8ACI66A4Y-E4Ade9Fqbg24omZB7vHKkQ14Qvpyn6PkoIfi_Kj5dKUoyuX_O8V-4jFqjJxaWdz1eZ7jZ29K2rqOBvCQcPLXW_3RT_qtEmNLkS0LfmikJe0lJOdPFjmR2lDGN2dlyOsT3XGggo6FntlmBPAEH8q8IIu4RBn2gPpBGXWW47nZMqdEB0p-Gk2u16ro0T9lzyza6zdWOY2QeAUSt5LoG80ZKFlx1mb_EHkmYjuD7g3PGE8Xow-dROFmlJXWaCak2gL4Cozx_xj2hyqt6qcKSqXc9GZQZSbSwZFA30QjYN6gRTPlZXkvOAEAYAG8svvvtjL7-1JoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1BBFSwNw0F-QD9vVwmK83CozIVhQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Aug 2023 05:14:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 20D4 		43 B
910 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=8f017596-d5fb-4ecf-818b-c1ced2c63d0e&expiration=1669353240
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
7401d7787f912c44-ORD
pragma
no-cache
date
Thu, 25 Aug 2022 05:14:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q1GXXl5d8pkQAP2%2BcRXTyzg8J2BRCdr3NsdYwrZRhRrtW3NpKS%2Foak9nhiCXyzQORJ29MRwOHROhawjifPtxS0VZbl9VRxn3MANx3GkwlR%2FOZXWIKga6tY9ZW7OQ28T99vjsYUM2lVT%2BLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0
cookiesyncendpoint
sync.aniview.com/ Frame 3720
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17184&khaos=L78LAY60-1Y-88US
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=L78LAY60-1Y-88US
0
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=L78LAY60-1Y-88US
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Protocol
H2
Server
54.208.23.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-23-128.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=L78LAY60-1Y-88US
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
ad49a0f18e050afeb6359164ab3bd56e
Expires
0
usync.js
eus.rubiconproject.com/ Frame 3B1D 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ed05b379e16f99e991942612551f789ce3f82404bd8e0dfa0b0b16a5e800e9ca

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:14:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 13:55:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36647
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9443
Expires
Thu, 25 Aug 2022 15:24:47 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 2880 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: nym1-ib.adnxs.com
URL: https://nym1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&e=wqT_3QLQD_D90AcAAAMA1gAFAQiWipyYBhDErZal5diDkHEY__X6uuek5skkKjYJIuAO_euH2T8RtE8y410QyT8ZAAAAgD0KIUAhsm1IW9zL0j8p2ubG9IQl4z8xAAAA4KNw3T8wgfrzCjipH0CYOUgCUK6y-LQBWMWqlQFgAGjPglZ4jM8FgAEBigEDVVNEkgEDQlJMmAH6AaAB-gGoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKAnd1ZignYScsIDUwNjUxNzAsIDE2NjE0MDQ0MzgpO3VmKCdpJywgNzUxMzQxNCwgMTY2MTQwNDQzOCk7dWYoJ2cnLCAxODcyNTM1NyxCOwAwcicsIDM3OTQ1OTg4NjY9APCLkgK1BCFjSHhwY1FpUS1zc1pFSzZ5LUxRQkdBQWd4YXFWQVRBRU9BQkFBRWlZT1ZDQi12TUtXQUJnUDJnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkVLZ0JDckFCQUxrQjR3SHp5NGdsNHpfQkFlTUI4OHVJSmVNX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWNiS3lnUDFBY3h0a3otWUFnQ2dBZ0cxQWcBIwRDOQkI8FVEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnR0FBd0dZQXdHNkF3bE9XVTB5T2pVM01EZmdBNDh2Z0FUb25vVUppQVRzbm9VSmtBUUJtQVFCd1FRQQFiBQEITWtFBQgFARhEWUJBRHhCBQwJAWxpQVhMTEpBRjZwOU1xUVYyaWVxdGdXMFVRTEVGASKIb0xXajVUX0JCUUFBQUtDMW93VkF5UVVBQUFDQWQwRGJQOUUFKAkBBERaBSgBAfBDUEFfNEFXNTB3UHdCZTN6OWdqNEJkS1R0UUtDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCcHFabVptWm1lMF9xQVlFc2dZa0MBdA0BAEUdDABHHQwASR0MIHVBWUstQWZRMAFsWDRUVkNQZ0huZGdJLUFmTjZBajRCLWZ4ARRUOGZNSS1BZWc5UWcumgKZASE3eFZwZD45AjBNV3FsUUVnQUNnQU1aGZ0YT2dsT1dVMC2JFGRBank5Sg2kEEE4RDlSEQwMQUFCWh0MAGgdDABwHQwAeB0MCDRBSS5BAvReATgusgIkZTQ3OWVjNGItNmIwNS00ZDc4LTk4MDEtYTNlZWRhOWUxMGY02AKfRuAC7pBd6gJqaHR0cHM6Ly9nbGFtb3VyLmdsb2JvLmNvbS9saWZlc3R5bGUvbm90aWNpYS8yMDE5LzEyL21lbGhvcmVzLWRvLWFuby1vcy1tZW1lcy1tYWlzLWVuZ3JhY2Fkb3MtZGUtMjAxOS5naHRtbPICEQoGQURWX0lEEgc1MDY1MTcw8gISCgZDUEdfSUQSCDE4NzI1MzU38gIKCgVDUF9JRBIBMPICDQoIQURWX0ZSRVESATDyAg0KCFJFTV9VU0VSEgEw8gIMCghBRFZfQ09ERRIA8gIMCghDUEdfQ09ERRIA8gILCgdDUF9DT0RFEgDyAhAKBUlPX0lEEgc3NTEzNDE08gILCgdJT19DT0RFEgDyAhMKD0NVU1RPTV9NT0RFTF9JRBIA8gIaChZDVR0WHExFQUZfTkFNBTMQHgoaQ1UuHQA4QVNUX01PRElGSUVEEgDyAbEYU1BMSVRfSQHR9DQBgAMAiAMBkAMAmAMUoAMBqgMAwAOsAsgDANgDkogC4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQMMTY3Ljg4LjcuMTYyqAQAsgQMCAAQABgAIAAwADgCuAQAwATOwLkiyAQA0gQONzMyMCNOWU0yOjU3MDfaBAIIAeAEAPAErrL4tAH6BBIJAAAAwKbxREARAAAAoMQMVsCIBQGYBQCgBf___________wGqBS00MDg4NDlmZC1jMDFmLTQ2YjItYTNmNy04OWM4OTZiYTA0YzlfQXBwTmV4dXPABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWnogL6BQQIABAAkAYAmAYAogYONDAwOSNOWU0yOjU0MDK4BgDBBgAAAAAAAPA_0AapJdoGFgoQEUcRAQH1UOAGAfIGhwEI6p9MEoABemhKMF9sb2Ee2ERBQWtDQlFFSXZZTGFCeEN4dE5nQ0dQcUJpZ01nQnlnQVFKSDFpd2RJci1pTUIxQ1BMMWlhS26d9xBIZ0FnUR0QTElnQkFKQUJBSm9CQWdnQXFBRUFzLiAAPEEuLoAHAYgHAKAHAboHDwgFoEQgADAAONweQADIB4zPBdIHDQkJvgQ-QAG-CNoHBgknbOAHAOoHAggA8Aex8PgFiggCEACVCAAAgD-YCAE.&s=0c56af5c1cb42975fd4e481382539be3c3c8615b&pp=0.195812
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:49:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1495
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8749
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 21:33:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 25 Aug 2022 05:49:05 GMT
controller
ssl.connextra.com/servlet/ Frame 2880
Redirect Chain
  • https://ssl.connextra.com/WynnBet/selector/image?client=WynnBet&placement=DDM_APN_SB_US_IN_Display_Impression_Pixel_1x1&_cb=1403933271&apnauc=8151531570527049412&bidid=8151531570527049412&dspid=3bc...
  • https://ssl.connextra.com/servlet/controller?service=DDM_SB_US_IN_Display_Impression_Pixel_1x1&pubhost=config.seedtag.com&image=image%2Fgif&client=WynnBet&placement=DDM_APN_SB_US_IN_Display_Impress...
144 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.connextra.com/servlet/controller?service=DDM_SB_US_IN_Display_Impression_Pixel_1x1&pubhost=config.seedtag.com&image=image%2Fgif&client=WynnBet&placement=DDM_APN_SB_US_IN_Display_Impression_Pixel_1x1&_cb=1403933271&apnauc=8151531570527049412&bidid=8151531570527049412&dspid=3bc1d7fd2e
Requested by
Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html
Protocol
H2
Server
23.5.239.40 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-239-40.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9ae828f8c201158509783acfad90f9f9f64e387fda11b0768a3524baeb84b8c3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
content-length
144
content-type
image/gif
x-served-by
vlp-cxtadsrv02.connextra.net
expires
Thu, 25 Aug 2022 05:14:02 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:00 GMT
vary
*
p3p
CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
location
https://ssl.connextra.com:443/servlet/controller?service=DDM_SB_US_IN_Display_Impression_Pixel_1x1&pubhost=config.seedtag.com&image=image%2Fgif&client=WynnBet&placement=DDM_APN_SB_US_IN_Display_Impression_Pixel_1x1&_cb=1403933271&apnauc=8151531570527049412&bidid=8151531570527049412&dspid=3bc1d7fd2e
expires
Thu, 25 Aug 2022 05:14:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
x-served-by
vlp-cxtadsrv14.connextra.net
rd_log
nym1-ib.adnxs.com/ Frame 2880 		0
813 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&e=wqT_3QLND_D9zQcAAAMA1gAFAQiWipyYBhDErZal5diDkHEY__X6uuek5skkKjYJIuAO_euH2T8RtE8y410QyT8ZAAAAgD0KIUAhsm1IW9zL0j8p2ubG9IQl4z8xAAAA4KNw3T8wgfrzCjipH0CYOUgCUK6y-LQBWMWqlQFgAGjPglZ4jM8FgAEBigEDVVNEkgEDQlJMmAH6AaAB-gGoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKAnd1ZignYScsIDUwNjUxNzAsIDE2NjE0MDQ0MzgpO3VmKCdpJywgNzUxMzQxNCwgMTY2MTQwNDQzOCk7dWYoJ2cnLCAxODcyNTM1NyxCOwAwcicsIDM3OTQ1OTg4NjY9APCLkgK1BCFjSHhwY1FpUS1zc1pFSzZ5LUxRQkdBQWd4YXFWQVRBRU9BQkFBRWlZT1ZDQi12TUtXQUJnUDJnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkVLZ0JDckFCQUxrQjR3SHp5NGdsNHpfQkFlTUI4OHVJSmVNX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWNiS3lnUDFBY3h0a3otWUFnQ2dBZ0cxQWcBIwRDOQkI8FVEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnR0FBd0dZQXdHNkF3bE9XVTB5T2pVM01EZmdBNDh2Z0FUb25vVUppQVRzbm9VSmtBUUJtQVFCd1FRQQFiBQEITWtFBQgFARhEWUJBRHhCBQwJAWxpQVhMTEpBRjZwOU1xUVYyaWVxdGdXMFVRTEVGASKIb0xXajVUX0JCUUFBQUtDMW93VkF5UVVBQUFDQWQwRGJQOUUFKAkBBERaBSgBAfBDUEFfNEFXNTB3UHdCZTN6OWdqNEJkS1R0UUtDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCcHFabVptWm1lMF9xQVlFc2dZa0MBdA0BAEUdDABHHQwASR0MIHVBWUstQWZRMAFsWDRUVkNQZ0huZGdJLUFmTjZBajRCLWZ4ARRUOGZNSS1BZWc5UWcumgKZASE3eFZwZD45AjBNV3FsUUVnQUNnQU1aGZ0YT2dsT1dVMC2JFGRBank5Sg2kEEE4RDlSEQwMQUFCWh0MAGgdDABwHQwAeB0MCDRBSS5BAvReATgusgIkZTQ3OWVjNGItNmIwNS00ZDc4LTk4MDEtYTNlZWRhOWUxMGY02AKfRuAC7pBd6gJqaHR0cHM6Ly9nbGFtb3VyLmdsb2JvLmNvbS9saWZlc3R5bGUvbm90aWNpYS8yMDE5LzEyL21lbGhvcmVzLWRvLWFuby1vcy1tZW1lcy1tYWlzLWVuZ3JhY2Fkb3MtZGUtMjAxOS5naHRtbPICEQoGQURWX0lEEgc1MDY1MTcw8gISCgZDUEdfSUQSCDE4NzI1MzU38gIKCgVDUF9JRBIBMPICDQoIQURWX0ZSRVESATDyAg0KCFJFTV9VU0VSEgEw8gIMCghBRFZfQ09ERRIA8gIMCghDUEdfQ09ERRIA8gILCgdDUF9DT0RFEgDyAhAKBUlPX0lEEgc3NTEzNDE08gILCgdJT19DT0RFEgDyAhMKD0NVU1RPTV9NT0RFTF9JRBIA8gIaChZDVR0WHExFQUZfTkFNBTMQHgoaQ1UuHQA4QVNUX01PRElGSUVEEgDyAbEYU1BMSVRfSQHR9DQBgAMAiAMBkAMAmAMUoAMBqgMAwAOsAsgDANgDkogC4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQMMTY3Ljg4LjcuMTYyqAQAsgQMCAAQABgAIAAwADgCuAQAwATOwLkiyAQA0gQONzMyMCNOWU0yOjU3MDfaBAIIAeAEAPAErrL4tAH6BBIJAAAAwKbxREARAAAAoMQMVsCIBQGYBQCgBf___________wGqBS00MDg4NDlmZC1jMDFmLTQ2YjItYTNmNy04OWM4OTZiYTA0YzlfQXBwTmV4dXPABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWnogL6BQQIABAAkAYAmAYAogYONDAwOSNOWU0yOjU0MDK4BgDBBgAAAAAAAPA_0AapJdoGFgoQEUcRAQH1UOAGAfIGhwEI6p9MEoABemhKMF9sb2Ee2ERBQWtDQlFFSXZZTGFCeEN4dE5nQ0dQcUJpZ01nQnlnQVFKSDFpd2RJci1pTUIxQ1BMMWlhS26d9xBIZ0FnUR0QTElnQkFKQUJBSm9CQWdnQXFBRUFzLiAAPEEuLoAHAYgHAKAHAboHDwgFoEQgADAAONweQADIB4zPBdIHDQkJvgQ-QAG-CNoHBgknYOAHAOoHAggA8AcAiggCEACVCAAAgD-YCAE.&s=f712b940c9b636a6a9593e8e6b4e12ba189dc7f9&bdref=https%3A%2F%2Fglamour.globo.com&bdtop=false&bdifs=2&bstk=https%3A%2F%2Fglamour.globo.com,https%3A%2F%2Fglamour.globo.com%2F,https%3A%2F%2Fconfig.seedtag.com%2Fstandard-iframe%2Findex.v1.html&
Requested by
Host: nym1-ib.adnxs.com
URL: https://nym1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&e=wqT_3QLQD_D90AcAAAMA1gAFAQiWipyYBhDErZal5diDkHEY__X6uuek5skkKjYJIuAO_euH2T8RtE8y410QyT8ZAAAAgD0KIUAhsm1IW9zL0j8p2ubG9IQl4z8xAAAA4KNw3T8wgfrzCjipH0CYOUgCUK6y-LQBWMWqlQFgAGjPglZ4jM8FgAEBigEDVVNEkgEDQlJMmAH6AaAB-gGoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKAnd1ZignYScsIDUwNjUxNzAsIDE2NjE0MDQ0MzgpO3VmKCdpJywgNzUxMzQxNCwgMTY2MTQwNDQzOCk7dWYoJ2cnLCAxODcyNTM1NyxCOwAwcicsIDM3OTQ1OTg4NjY9APCLkgK1BCFjSHhwY1FpUS1zc1pFSzZ5LUxRQkdBQWd4YXFWQVRBRU9BQkFBRWlZT1ZDQi12TUtXQUJnUDJnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkVLZ0JDckFCQUxrQjR3SHp5NGdsNHpfQkFlTUI4OHVJSmVNX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWNiS3lnUDFBY3h0a3otWUFnQ2dBZ0cxQWcBIwRDOQkI8FVEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnR0FBd0dZQXdHNkF3bE9XVTB5T2pVM01EZmdBNDh2Z0FUb25vVUppQVRzbm9VSmtBUUJtQVFCd1FRQQFiBQEITWtFBQgFARhEWUJBRHhCBQwJAWxpQVhMTEpBRjZwOU1xUVYyaWVxdGdXMFVRTEVGASKIb0xXajVUX0JCUUFBQUtDMW93VkF5UVVBQUFDQWQwRGJQOUUFKAkBBERaBSgBAfBDUEFfNEFXNTB3UHdCZTN6OWdqNEJkS1R0UUtDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCcHFabVptWm1lMF9xQVlFc2dZa0MBdA0BAEUdDABHHQwASR0MIHVBWUstQWZRMAFsWDRUVkNQZ0huZGdJLUFmTjZBajRCLWZ4ARRUOGZNSS1BZWc5UWcumgKZASE3eFZwZD45AjBNV3FsUUVnQUNnQU1aGZ0YT2dsT1dVMC2JFGRBank5Sg2kEEE4RDlSEQwMQUFCWh0MAGgdDABwHQwAeB0MCDRBSS5BAvReATgusgIkZTQ3OWVjNGItNmIwNS00ZDc4LTk4MDEtYTNlZWRhOWUxMGY02AKfRuAC7pBd6gJqaHR0cHM6Ly9nbGFtb3VyLmdsb2JvLmNvbS9saWZlc3R5bGUvbm90aWNpYS8yMDE5LzEyL21lbGhvcmVzLWRvLWFuby1vcy1tZW1lcy1tYWlzLWVuZ3JhY2Fkb3MtZGUtMjAxOS5naHRtbPICEQoGQURWX0lEEgc1MDY1MTcw8gISCgZDUEdfSUQSCDE4NzI1MzU38gIKCgVDUF9JRBIBMPICDQoIQURWX0ZSRVESATDyAg0KCFJFTV9VU0VSEgEw8gIMCghBRFZfQ09ERRIA8gIMCghDUEdfQ09ERRIA8gILCgdDUF9DT0RFEgDyAhAKBUlPX0lEEgc3NTEzNDE08gILCgdJT19DT0RFEgDyAhMKD0NVU1RPTV9NT0RFTF9JRBIA8gIaChZDVR0WHExFQUZfTkFNBTMQHgoaQ1UuHQA4QVNUX01PRElGSUVEEgDyAbEYU1BMSVRfSQHR9DQBgAMAiAMBkAMAmAMUoAMBqgMAwAOsAsgDANgDkogC4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQMMTY3Ljg4LjcuMTYyqAQAsgQMCAAQABgAIAAwADgCuAQAwATOwLkiyAQA0gQONzMyMCNOWU0yOjU3MDfaBAIIAeAEAPAErrL4tAH6BBIJAAAAwKbxREARAAAAoMQMVsCIBQGYBQCgBf___________wGqBS00MDg4NDlmZC1jMDFmLTQ2YjItYTNmNy04OWM4OTZiYTA0YzlfQXBwTmV4dXPABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWnogL6BQQIABAAkAYAmAYAogYONDAwOSNOWU0yOjU0MDK4BgDBBgAAAAAAAPA_0AapJdoGFgoQEUcRAQH1UOAGAfIGhwEI6p9MEoABemhKMF9sb2Ee2ERBQWtDQlFFSXZZTGFCeEN4dE5nQ0dQcUJpZ01nQnlnQVFKSDFpd2RJci1pTUIxQ1BMMWlhS26d9xBIZ0FnUR0QTElnQkFKQUJBSm9CQWdnQXFBRUFzLiAAPEEuLoAHAYgHAKAHAboHDwgFoEQgADAAONweQADIB4zPBdIHDQkJvgQ-QAG-CNoHBgknbOAHAOoHAggA8Aex8PgFiggCEACVCAAAgD-YCAE.&s=0c56af5c1cb42975fd4e481382539be3c3c8615b&pp=0.195812
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:00 GMT
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
19da5a66-5153-43fc-b914-2b8390c60736
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
it
nym1-ib.adnxs.com/ Frame 2880 		0
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&e=wqT_3QLGDfD9xgYAAAMA1gAFAQiWipyYBhDErZal5diDkHEY__X6uuek5skkKjYJIuAO_euH2T8RtE8y410QyT8ZAAAAgD0KIUAhsm1IW9zL0j8p2ubG9IQl4z8xAAAA4KNw3T8wgfrzCjipH0CYOUgCUK6y-LQBWMWqlQFgAGjPglZ4jM8FgAEBigEDVVNEkgEDQlJMmAH6AaAB-gGoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKAnd1ZignYScsIDUwNjUxNzAsIDE2NjE0MDQ0MzgpO3VmKCdpJywgNzUxMzQxNCwgMTY2MTQwNDQzOCk7dWYoJ2cnLCAxODcyNTM1NyxCOwAwcicsIDM3OTQ1OTg4NjY9APCLkgK1BCFjSHhwY1FpUS1zc1pFSzZ5LUxRQkdBQWd4YXFWQVRBRU9BQkFBRWlZT1ZDQi12TUtXQUJnUDJnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkVLZ0JDckFCQUxrQjR3SHp5NGdsNHpfQkFlTUI4OHVJSmVNX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWNiS3lnUDFBY3h0a3otWUFnQ2dBZ0cxQWcBIwRDOQkI8FVEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnR0FBd0dZQXdHNkF3bE9XVTB5T2pVM01EZmdBNDh2Z0FUb25vVUppQVRzbm9VSmtBUUJtQVFCd1FRQQFiBQEITWtFBQgFARhEWUJBRHhCBQwJAWxpQVhMTEpBRjZwOU1xUVYyaWVxdGdXMFVRTEVGASKIb0xXajVUX0JCUUFBQUtDMW93VkF5UVVBQUFDQWQwRGJQOUUFKAkBBERaBSgBAfBDUEFfNEFXNTB3UHdCZTN6OWdqNEJkS1R0UUtDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCcHFabVptWm1lMF9xQVlFc2dZa0MBdA0BAEUdDABHHQwASR0MIHVBWUstQWZRMAFsWDRUVkNQZ0huZGdJLUFmTjZBajRCLWZ4ARRUOGZNSS1BZWc5UWcumgKZASE3eFZwZD45AjBNV3FsUUVnQUNnQU1aGZ0YT2dsT1dVMC2JFGRBank5Sg2kEEE4RDlSEQwMQUFCWh0MAGgdDABwHQwAeB0MCDRBSS5BAvSOATgusgIkZTQ3OWVjNGItNmIwNS00ZDc4LTk4MDEtYTNlZWRhOWUxMGY02AKfRuAC7pBd6gJqaHR0cHM6Ly9nbGFtb3VyLmdsb2JvLmNvbS9saWZlc3R5bGUvbm90aWNpYS8yMDE5LzEyL21lbGhvcmVzLWRvLWFuby1vcy1tZW1lcy1tYWlzLWVuZ3JhY2Fkb3MtZGUtMjAxOS5naHRtbIADAIgDAZADAJgDFKADAaoDAMADrALIAwDYA5KIAuADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEDDE2Ny44OC43LjE2MqgEALIEDAgAEAAYACAAMAA4ArgEAMAEzsC5IsgEANIEDjczMjAjTllNMjo1NzA32gQCCAHgBADwBK6y-LQB-gQSCQAAAMCm8URAEQAAAKDEDFbAiAUBmAUAoAX___________8BqgUtNDA4ODQ5ZmQtYzAxZi00NmIyLWEzZjctODljODk2YmEwNGM5X0FwcE5leHVzwAUAyQUAAAAAAADwP9IFCQkAAAUNiADYBQHgBQHwBaeiAvoFBAgAEACQBgCYBgCiBg40MDA5I05ZAagcNDAyuAYAwQYJNCjwP9AGqSXaBhYKEAkRGQFgEAAYAOAGAfIGhwEI6p9MEoABemhKMF9sb0EX2ERBQWtDQlFFSXZZTGFCeEN4dE5nQ0dQcUJpZ01nQnlnQVFKSDFpd2RJci1pTUIxQ1BMMWlhS2598AxIZ0FnlaEYQUFBSWdCQYHhLEpvQkFnZ0FxQUVBcy4gADhBLi6ABwGIBwCgBwG6Bw8B30wYACAAMAA43B5AAMgHjM8F0gcNCQnABD5AAb4I2gcGCSdg4AcA6gcCCADwBwCKCAIQAJUIAACAP5gIAQ..&s=36d62e033e6d59ac0bd8f89d9f7950a08413b6ec
Requested by
Host: nym1-ib.adnxs.com
URL: https://nym1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&e=wqT_3QLQD_D90AcAAAMA1gAFAQiWipyYBhDErZal5diDkHEY__X6uuek5skkKjYJIuAO_euH2T8RtE8y410QyT8ZAAAAgD0KIUAhsm1IW9zL0j8p2ubG9IQl4z8xAAAA4KNw3T8wgfrzCjipH0CYOUgCUK6y-LQBWMWqlQFgAGjPglZ4jM8FgAEBigEDVVNEkgEDQlJMmAH6AaAB-gGoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKAnd1ZignYScsIDUwNjUxNzAsIDE2NjE0MDQ0MzgpO3VmKCdpJywgNzUxMzQxNCwgMTY2MTQwNDQzOCk7dWYoJ2cnLCAxODcyNTM1NyxCOwAwcicsIDM3OTQ1OTg4NjY9APCLkgK1BCFjSHhwY1FpUS1zc1pFSzZ5LUxRQkdBQWd4YXFWQVRBRU9BQkFBRWlZT1ZDQi12TUtXQUJnUDJnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkVLZ0JDckFCQUxrQjR3SHp5NGdsNHpfQkFlTUI4OHVJSmVNX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWNiS3lnUDFBY3h0a3otWUFnQ2dBZ0cxQWcBIwRDOQkI8FVEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnR0FBd0dZQXdHNkF3bE9XVTB5T2pVM01EZmdBNDh2Z0FUb25vVUppQVRzbm9VSmtBUUJtQVFCd1FRQQFiBQEITWtFBQgFARhEWUJBRHhCBQwJAWxpQVhMTEpBRjZwOU1xUVYyaWVxdGdXMFVRTEVGASKIb0xXajVUX0JCUUFBQUtDMW93VkF5UVVBQUFDQWQwRGJQOUUFKAkBBERaBSgBAfBDUEFfNEFXNTB3UHdCZTN6OWdqNEJkS1R0UUtDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCcHFabVptWm1lMF9xQVlFc2dZa0MBdA0BAEUdDABHHQwASR0MIHVBWUstQWZRMAFsWDRUVkNQZ0huZGdJLUFmTjZBajRCLWZ4ARRUOGZNSS1BZWc5UWcumgKZASE3eFZwZD45AjBNV3FsUUVnQUNnQU1aGZ0YT2dsT1dVMC2JFGRBank5Sg2kEEE4RDlSEQwMQUFCWh0MAGgdDABwHQwAeB0MCDRBSS5BAvReATgusgIkZTQ3OWVjNGItNmIwNS00ZDc4LTk4MDEtYTNlZWRhOWUxMGY02AKfRuAC7pBd6gJqaHR0cHM6Ly9nbGFtb3VyLmdsb2JvLmNvbS9saWZlc3R5bGUvbm90aWNpYS8yMDE5LzEyL21lbGhvcmVzLWRvLWFuby1vcy1tZW1lcy1tYWlzLWVuZ3JhY2Fkb3MtZGUtMjAxOS5naHRtbPICEQoGQURWX0lEEgc1MDY1MTcw8gISCgZDUEdfSUQSCDE4NzI1MzU38gIKCgVDUF9JRBIBMPICDQoIQURWX0ZSRVESATDyAg0KCFJFTV9VU0VSEgEw8gIMCghBRFZfQ09ERRIA8gIMCghDUEdfQ09ERRIA8gILCgdDUF9DT0RFEgDyAhAKBUlPX0lEEgc3NTEzNDE08gILCgdJT19DT0RFEgDyAhMKD0NVU1RPTV9NT0RFTF9JRBIA8gIaChZDVR0WHExFQUZfTkFNBTMQHgoaQ1UuHQA4QVNUX01PRElGSUVEEgDyAbEYU1BMSVRfSQHR9DQBgAMAiAMBkAMAmAMUoAMBqgMAwAOsAsgDANgDkogC4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQMMTY3Ljg4LjcuMTYyqAQAsgQMCAAQABgAIAAwADgCuAQAwATOwLkiyAQA0gQONzMyMCNOWU0yOjU3MDfaBAIIAeAEAPAErrL4tAH6BBIJAAAAwKbxREARAAAAoMQMVsCIBQGYBQCgBf___________wGqBS00MDg4NDlmZC1jMDFmLTQ2YjItYTNmNy04OWM4OTZiYTA0YzlfQXBwTmV4dXPABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWnogL6BQQIABAAkAYAmAYAogYONDAwOSNOWU0yOjU0MDK4BgDBBgAAAAAAAPA_0AapJdoGFgoQEUcRAQH1UOAGAfIGhwEI6p9MEoABemhKMF9sb2Ee2ERBQWtDQlFFSXZZTGFCeEN4dE5nQ0dQcUJpZ01nQnlnQVFKSDFpd2RJci1pTUIxQ1BMMWlhS26d9xBIZ0FnUR0QTElnQkFKQUJBSm9CQWdnQXFBRUFzLiAAPEEuLoAHAYgHAKAHAboHDwgFoEQgADAAONweQADIB4zPBdIHDQkJvgQ-QAG-CNoHBgknbOAHAOoHAggA8Aex8PgFiggCEACVCAAAgD-YCAE.&s=0c56af5c1cb42975fd4e481382539be3c3c8615b&pp=0.195812
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:00 GMT
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
2e867cbf-2187-430c-a72d-40e3ae69cd7e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame 2880 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: nym1-ib.adnxs.com
URL: https://nym1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&e=wqT_3QLQD_D90AcAAAMA1gAFAQiWipyYBhDErZal5diDkHEY__X6uuek5skkKjYJIuAO_euH2T8RtE8y410QyT8ZAAAAgD0KIUAhsm1IW9zL0j8p2ubG9IQl4z8xAAAA4KNw3T8wgfrzCjipH0CYOUgCUK6y-LQBWMWqlQFgAGjPglZ4jM8FgAEBigEDVVNEkgEDQlJMmAH6AaAB-gGoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKAnd1ZignYScsIDUwNjUxNzAsIDE2NjE0MDQ0MzgpO3VmKCdpJywgNzUxMzQxNCwgMTY2MTQwNDQzOCk7dWYoJ2cnLCAxODcyNTM1NyxCOwAwcicsIDM3OTQ1OTg4NjY9APCLkgK1BCFjSHhwY1FpUS1zc1pFSzZ5LUxRQkdBQWd4YXFWQVRBRU9BQkFBRWlZT1ZDQi12TUtXQUJnUDJnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkVLZ0JDckFCQUxrQjR3SHp5NGdsNHpfQkFlTUI4OHVJSmVNX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWNiS3lnUDFBY3h0a3otWUFnQ2dBZ0cxQWcBIwRDOQkI8FVEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnR0FBd0dZQXdHNkF3bE9XVTB5T2pVM01EZmdBNDh2Z0FUb25vVUppQVRzbm9VSmtBUUJtQVFCd1FRQQFiBQEITWtFBQgFARhEWUJBRHhCBQwJAWxpQVhMTEpBRjZwOU1xUVYyaWVxdGdXMFVRTEVGASKIb0xXajVUX0JCUUFBQUtDMW93VkF5UVVBQUFDQWQwRGJQOUUFKAkBBERaBSgBAfBDUEFfNEFXNTB3UHdCZTN6OWdqNEJkS1R0UUtDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCcHFabVptWm1lMF9xQVlFc2dZa0MBdA0BAEUdDABHHQwASR0MIHVBWUstQWZRMAFsWDRUVkNQZ0huZGdJLUFmTjZBajRCLWZ4ARRUOGZNSS1BZWc5UWcumgKZASE3eFZwZD45AjBNV3FsUUVnQUNnQU1aGZ0YT2dsT1dVMC2JFGRBank5Sg2kEEE4RDlSEQwMQUFCWh0MAGgdDABwHQwAeB0MCDRBSS5BAvReATgusgIkZTQ3OWVjNGItNmIwNS00ZDc4LTk4MDEtYTNlZWRhOWUxMGY02AKfRuAC7pBd6gJqaHR0cHM6Ly9nbGFtb3VyLmdsb2JvLmNvbS9saWZlc3R5bGUvbm90aWNpYS8yMDE5LzEyL21lbGhvcmVzLWRvLWFuby1vcy1tZW1lcy1tYWlzLWVuZ3JhY2Fkb3MtZGUtMjAxOS5naHRtbPICEQoGQURWX0lEEgc1MDY1MTcw8gISCgZDUEdfSUQSCDE4NzI1MzU38gIKCgVDUF9JRBIBMPICDQoIQURWX0ZSRVESATDyAg0KCFJFTV9VU0VSEgEw8gIMCghBRFZfQ09ERRIA8gIMCghDUEdfQ09ERRIA8gILCgdDUF9DT0RFEgDyAhAKBUlPX0lEEgc3NTEzNDE08gILCgdJT19DT0RFEgDyAhMKD0NVU1RPTV9NT0RFTF9JRBIA8gIaChZDVR0WHExFQUZfTkFNBTMQHgoaQ1UuHQA4QVNUX01PRElGSUVEEgDyAbEYU1BMSVRfSQHR9DQBgAMAiAMBkAMAmAMUoAMBqgMAwAOsAsgDANgDkogC4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQMMTY3Ljg4LjcuMTYyqAQAsgQMCAAQABgAIAAwADgCuAQAwATOwLkiyAQA0gQONzMyMCNOWU0yOjU3MDfaBAIIAeAEAPAErrL4tAH6BBIJAAAAwKbxREARAAAAoMQMVsCIBQGYBQCgBf___________wGqBS00MDg4NDlmZC1jMDFmLTQ2YjItYTNmNy04OWM4OTZiYTA0YzlfQXBwTmV4dXPABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWnogL6BQQIABAAkAYAmAYAogYONDAwOSNOWU0yOjU0MDK4BgDBBgAAAAAAAPA_0AapJdoGFgoQEUcRAQH1UOAGAfIGhwEI6p9MEoABemhKMF9sb2Ee2ERBQWtDQlFFSXZZTGFCeEN4dE5nQ0dQcUJpZ01nQnlnQVFKSDFpd2RJci1pTUIxQ1BMMWlhS26d9xBIZ0FnUR0QTElnQkFKQUJBSm9CQWdnQXFBRUFzLiAAPEEuLoAHAYgHAKAHAboHDwgFoEQgADAAONweQADIB4zPBdIHDQkJvgQ-QAG-CNoHBgknbOAHAOoHAggA8Aex8PgFiggCEACVCAAAgD-YCAE.&s=0c56af5c1cb42975fd4e481382539be3c3c8615b&pp=0.195812
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:14:00 GMT
Content-Encoding
gzip
Age
15711331
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21943-LGA, cache-chi-klot8100021-CHI
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1661404441.516931,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
521614, 63929
pubads_impl_2022081701.js
securepubads.g.doubleclick.net/gpt/ Frame F062 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js?cb=31069129
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
sffe /
Resource Hash
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:51:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112971
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133512
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 08:37:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 23 Aug 2023 21:51:09 GMT
prebid
ib.adnxs.com/ut/v3/ Frame FC79 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c11ddcb8c179c2294aad810258eb1036a305dee90ae0c7ea6307f106085e8ec0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:00 GMT
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
cad8d2dd-66e7-4050-aec8-e74ebe99777b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dpixel
cms.quantserve.com/ Frame 7591 		35 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOKr5C9dvOlqRWHyTXurcnc&google_cver=1&google_push=AehlK4ChDGQGE3a1tOUtofp5JJxwfFKnRqgK3XyVLlBDV2N8Y-BtTx4O0vd1MAdpAD3B8j7Q3r2GQrN6yCmpk9YF11nZ8ibqD_LufrBE3nEumJgbpRAAMyWfL0dyclJD6yBnYsmRILu1JCGK-Q
Requested by
Host: 9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com
URL: https://9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:00 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7591
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEC2Bb2z7jcGYBNJJB9KGjYM&google_cver=1&google_push=AehlK4BgWAoWup3u-DEb-6YTh2PB1DhP-VZECygrZjfssYx9MLv6VmNQCBiLYlzMqm_HI1p6umKWhoM1UVT--6cG7gcpdGP4mAZwja...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3E9CCFB3269E467B9622CCC5F9172B9A&google_push=AehlK4BgWAoWup3u-DEb-6YTh2PB1DhP-VZECygrZjfssYx9MLv6VmNQCBiLYlzMqm_HI1p6umKWhoM1UVT--6c...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3E9CCFB3269E467B9622CCC5F9172B9A&google_push=AehlK4BgWAoWup3u-DEb-6YTh2PB1DhP-VZECygrZjfssYx9MLv6VmNQCBiLYlzMqm_HI1p6umKWhoM1UVT--6cG7gcpdGP4mAZwjaMCP3OTFOzCWlgSyFa9B_ty7_J5OwTs30JFV7Gft2u7
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 25 Aug 2022 05:14:00 GMT
x-content-type-options
nosniff
server
openresty
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3E9CCFB3269E467B9622CCC5F9172B9A&google_push=AehlK4BgWAoWup3u-DEb-6YTh2PB1DhP-VZECygrZjfssYx9MLv6VmNQCBiLYlzMqm_HI1p6umKWhoM1UVT--6cG7gcpdGP4mAZwjaMCP3OTFOzCWlgSyFa9B_ty7_J5OwTs30JFV7Gft2u7
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 24 Aug 2022 05:14:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7591
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEN7K2nlfOaMg3Jw-QPWnfS4&google_cver=1&google_push=AehlK4B1iHdLy29iGd6CbD2yxQZIDorMJUo09XGVup_oLPXNQEgvmkefTj-Ago5CV6liVUHJF1B2ckabTN...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEN7K2nlfOaMg3Jw-QPWnfS4&google_cver=1&google_push=AehlK4B1iHdLy29iGd6CbD2yxQZIDorMJUo09XGVup_oLPXNQEgvmkefTj-Ago5CV6liVUHJF1B2ckabTN...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4B1iHdLy29iGd6CbD2yxQZIDorMJUo09XGVup_oLPXNQEgvmkefTj-Ago5CV6liVUHJF1B2ckabTN-xHi5FVq4CTAF-37kwqO6ZvwUNlTv96U7QKVXksJi2l-wMz5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4B1iHdLy29iGd6CbD2yxQZIDorMJUo09XGVup_oLPXNQEgvmkefTj-Ago5CV6liVUHJF1B2ckabTN-xHi5FVq4CTAF-37kwqO6ZvwUNlTv96U7QKVXksJi2l-wMz5P5Y_emiWTdvm_7nw&google_hm=MDUwMzAwMDJfNjMwNzA1MThkYTNjZA%3D%3D
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 25 Aug 2022 05:14:01 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4B1iHdLy29iGd6CbD2yxQZIDorMJUo09XGVup_oLPXNQEgvmkefTj-Ago5CV6liVUHJF1B2ckabTN-xHi5FVq4CTAF-37kwqO6ZvwUNlTv96U7QKVXksJi2l-wMz5P5Y_emiWTdvm_7nw&google_hm=MDUwMzAwMDJfNjMwNzA1MThkYTNjZA%3D%3D
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
pixel
cm.g.doubleclick.net/ Frame 7591
Redirect Chain
  • https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEN7K2nlfOaMg3Jw-QPWnfS4&google_cver=1&google_push=AehlK4A_GUf6fMzpRsz8Sct6Bks3VLBj1brWSGXPBG4lIoPMx...
  • https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEN7K2nlfOaMg3Jw-QPWnfS4&google_cver=1&google_push=AehlK4A_GUf6fMzpRsz8Sct6Bks3VLBj1brWSGXPBG4lIoPMx...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AehlK4A_GUf6fMzpRsz8Sct6Bks3VLBj1brWSGXPBG4lIoPMxhvUgXdx__7fOXS2sboIULffT-3bnivSvzTGhKAatjzT4HCJ6Eyn_w1m38moyn5D3aFQSaDjwJc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AehlK4A_GUf6fMzpRsz8Sct6Bks3VLBj1brWSGXPBG4lIoPMxhvUgXdx__7fOXS2sboIULffT-3bnivSvzTGhKAatjzT4HCJ6Eyn_w1m38moyn5D3aFQSaDjwJcjx05R6v-cJyniUGcDtOrDCw&google_hm=MDQwMzAwMDJfNjMwNzA1MThiNDExNg%3D%3D
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 25 Aug 2022 05:14:00 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AehlK4A_GUf6fMzpRsz8Sct6Bks3VLBj1brWSGXPBG4lIoPMxhvUgXdx__7fOXS2sboIULffT-3bnivSvzTGhKAatjzT4HCJ6Eyn_w1m38moyn5D3aFQSaDjwJcjx05R6v-cJyniUGcDtOrDCw&google_hm=MDQwMzAwMDJfNjMwNzA1MThiNDExNg%3D%3D
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
pixel
cm.g.doubleclick.net/ Frame 7591
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEJ7crAwBT7gtFVWaH3-Khu4&google_cver=1&google_push=AehlK4B4t-OJNDqk2kEfjV74T3pHgs1P1CGV8G6uE5-uohlqsY6sronoCDum3XqDcn814-0vcSTrWZ5vxHC62...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4B4t-OJNDqk2kEfjV74T3pHgs1P1CGV8G6uE5-uohlqsY6sronoCDum3XqDcn814-0vcSTrWZ5vxHC62ALufC5EF9TYW_PLnKCv7CzciGeYVvFro81DBhBK6-ZNAnR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4B4t-OJNDqk2kEfjV74T3pHgs1P1CGV8G6uE5-uohlqsY6sronoCDum3XqDcn814-0vcSTrWZ5vxHC62ALufC5EF9TYW_PLnKCv7CzciGeYVvFro81DBhBK6-ZNAnRaZEPJ8UOq3my0-w&google_hm=NEJGSzVQUzZEd0ZabHRkRGVRNkg=
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:00 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4B4t-OJNDqk2kEfjV74T3pHgs1P1CGV8G6uE5-uohlqsY6sronoCDum3XqDcn814-0vcSTrWZ5vxHC62ALufC5EF9TYW_PLnKCv7CzciGeYVvFro81DBhBK6-ZNAnRaZEPJ8UOq3my0-w&google_hm=NEJGSzVQUzZEd0ZabHRkRGVRNkg=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
282
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7591
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEDc6b_2ZqF1DD5V6ArUvh5Q&google_cver=1&google_push=AehlK4ABukSkxiH1og1H_C8Bg9QNr4aNqgDnmAOKAgGup6MpwK8A2FE5QBUB_aErWk7Nknfa3GA4zRKF4IUlWQ9...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=DStGRj0VSaBPBl_Yc4F1YKdYB6I&google_push=AehlK4ABukSkxiH1og1H_C8Bg9QNr4aNqgDnmAOKAgGup6MpwK8A2FE5QBUB_aErWk7Nknfa3GA4zRKF4IUlWQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=DStGRj0VSaBPBl_Yc4F1YKdYB6I&google_push=AehlK4ABukSkxiH1og1H_C8Bg9QNr4aNqgDnmAOKAgGup6MpwK8A2FE5QBUB_aErWk7Nknfa3GA4zRKF4IUlWQ9ouXWZVyHybMkALC5mZj53C7xszhb7vjqGtWwAqD0rPCkgFvaqyxvalbwBaQ
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=DStGRj0VSaBPBl_Yc4F1YKdYB6I&google_push=AehlK4ABukSkxiH1og1H_C8Bg9QNr4aNqgDnmAOKAgGup6MpwK8A2FE5QBUB_aErWk7Nknfa3GA4zRKF4IUlWQ9ouXWZVyHybMkALC5mZj53C7xszhb7vjqGtWwAqD0rPCkgFvaqyxvalbwBaQ
Date
Thu, 25 Aug 2022 05:14:00 GMT
Connection
keep-alive
Content-Length
288
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 7591
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEBiPd289w-KuEyjrW4BUGfM&google_cver=1&google_push=AehlK4Batjmp9--4IC0w_GF_cRPWHQZX268KJsGMcm3dPSknuCt9-bGsgWe7ItOzynnSKMwKqM7S...
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=rHYNUh8aQA2Wps55vr9t_Q==&no_redirect=1&google_push=AehlK4Batjmp9--4IC0w_GF_cRPWHQZX268KJsGMcm3dPSknuCt9-b...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=rHYNUh8aQA2Wps55vr9t_Q==&no_redirect=1&google_push=AehlK4Batjmp9--4IC0w_GF_cRPWHQZX268KJsGMcm3dPSknuCt9-bGsgWe7ItOzynnSKMwKqM7SFTUshH-OR_w2Efvly69b0ZKVI4uQbyDHXTYLSuLpuD1Q44Nv6gO9gQZ-XDEl26hbx9_DH-k
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=rHYNUh8aQA2Wps55vr9t_Q==&no_redirect=1&google_push=AehlK4Batjmp9--4IC0w_GF_cRPWHQZX268KJsGMcm3dPSknuCt9-bGsgWe7ItOzynnSKMwKqM7SFTUshH-OR_w2Efvly69b0ZKVI4uQbyDHXTYLSuLpuD1Q44Nv6gO9gQZ-XDEl26hbx9_DH-k
date
Thu, 25 Aug 2022 05:14:00 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
attr
cm.g.doubleclick.net/pixel/ Frame 7591 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KpAszWC5IJjuh8SKH4P71RN1a07aQJFNCc3hB46It4PO3z4w1S6JlgXDvf30qc1BkTerKVSg
Requested by
Host: 9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com
URL: https://9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame 4BB2 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuqXf9XqJ0RvsGLrh0GNOV79tbQKF6vQ78g5RNGSp8d_8Q4dRCqn1t3WxPp9xy0I7-XjRGHrsye8Ftq0XefQuwY8MUu2ErhWKAZURKDYo6fLKPl18x3VLmXpEPQxeTXm8eN6xOaGZCN82Pwf12cnfGVd9IpHluh8lYglBvPCARCuzmbTKcXCltMfezlANBIch0AkNwO9eHgYi30qGG5_PZ4I5VK494hK2QRwSizm-M9Uo-sR2-STmlkU00HADxRVHGfmGW1BJPWFGbOgTZDFASDTxHg7wemDmkwCPGfD76NsFlXVGIvM4ksjRoo4fOcxNlHNpGpaBM3lKzncn74eHTOQ-JhKaSkSKD8SmvJQ4r5QRBvC6oTSNqm09nEV7AjTxR1eNKOO91G-7ZoILI-fWdafH_0xuzsnoQVMW3iI1UPF_I0RLbaWLqYfPAUYi8DqDEQkR_RjuDNmvFw2NBOSaXU-oETysiPyogyiiZ3kEP_iEpDarA0ZlBjKjb_5AHHsXFpS5bWVZKPJPsmwJR5bz2-pF3fn_a8_Dv8AiNskMxL8K9oTh5j419lCRX5Scp-PBoFL9T8cQ7UGMtWpc6bW-LDF8bu_7a8_ZrvGNGYD8SuaVLZIlXiPn_smZLC_ohUcHxqlKnKZtkFdoSx0k-h9sPuHUramZ7OgzmNy9zb0EKwoduD42pzSWZTSe-ccUyvJ265753bMSrbRLDcv_5J4N_1HxkJ2GgibD-lsLH3ckCCunj9oEeg-vVTQ3eJh1-IaxzIW8pC6qp4PqkH6yg0LQQRSF_AnA-vXP56VF_Lv2rKyVcaeFTlvNF20S69TFVaMh3-oL5XGWi5SoMXJruFlpAfefx04ptVU9rncX3lUz4wgSG3mYzxoek4Q_N3sqcR4Xhq1L1RzXD_XFNRPVgzBVG7i4CWC9HU0BtXWWo1qSTDXTKN92KztFkHP2M-dvNIXSxOe58WPvIUrQSLQlu8gqb4CnOuQz3lZEduX04zBTr-7yoH-nmpEHAfUkq_vBmnFHBSgaZH8UOh6AtQ739pJk0LeNw0obvD_aQuJm2ofzTlc0ck4pNu_q3WMlSJTLvzwOZ3Mf7hjw3Mxcsu6OZG1JbUJEDALpzQXRF2Pys20mbjE7Ur8rG9hbO5xltFNG4Dw_7vdQEa4fVlwplFFmp6ekrqgg6z-KEfYKdEY4Z31TbGhNPTstpYSvyz-NcUUUbeBAVqlnh3I4q4BHpzwRkcygKR3qTbBazw47isnS8ITVZboKj9Vi1O4mmdAaghzURjI2DH7DMOE2e6B4e6a6XAczI4HqEXLlvxR4jgo5m61LKDxhxW9lUq3NxIqKss1jaT8Pj9TgQpDRuq9uasjh6gp05MzeqVvYApRX60oiQf8YQ439mryGJUonYWf05lQCNssyG-LH6uc9h_nGEjFUReBRaWTC5x_hcCU4T_5ABKFfSAT1Az_09IDBd3A6ewhmDsnuF_K2KoLWKVla-dAYmcUW-E-OAPdbHoDnk6Ekwu0fraEt15B02Pk86fL9HXPbMosm4-n9X2FT-Wer6DCkditilXBSVTYG85GHmEFAWwJhNb2NCTwmJf1mZQifuKH6YNcmd81oiI8yh6n7Ff-5rK4vaBqbOyTY3jtAfCrifp_3MdUUtMH-weT8C9urY5mj7Vk1ibMNoIhA&sai=AMfl-YR_jh0L1GhKkZ_U84SlsuhGxUiBijkCuMjhdLixvLvHzMb0LhZLTRjBZx0my6GfiQRb5XqiLm9-vkkO2yiufSAlS7c1gpczrtGb6KMy91ihWA4sYFycTJNqxeqt3zfkic4ejK1aP0z6UYK2WgMVf5JyEwizNLZi0LmjnP_WQP0Ur_v4mmv3jhKRJKiWqQwylDmJKjjZgTuKYS9b8vZljUx_IVGzxSTjoGpkyZV4B23TAfG-rSfB3XgMN-J6um_i3OdK1RyBsl4PM-ah8rgIUDoMwG9dES9bzldBZxp2bBTRqenvqWn8sQaiMRopTkUmSVabNvIrZu4ZWWR85vNBqIAYjFjarjFUlhsdag&sig=Cg0ArKJSzJ_w4io6dWHiEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=741&vt=11&dtpt=739&dett=4&cstd=0&cisv=r20220822.47774&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWrecHM4KXw0RYSoZJZ-XRql5t5QfjZngzAExTJAthGohIWxZqaKk7m0RPPCrIZQYrn7sxwpAX8v957jRGW45rjsto1id6LeV3z8-i28hDreo6hOA3GxUCTq9mG9LmZQEsOOa85ZgSNnQpzRNcCc_vwgelJQ&dbm_d=AKAmf-CNMEGfe_wChdtkFLgintQ2qGPXIq8N9ExM6TytY8zjLTlhi_mEVNU0mB0cITYGGEgubLfHkZiReNCmEjZzvCLVhB4kKQ3AGDZrvNoBieKeyOH7t30-posGq7jFdJxzGeP_oeqK8gGHmKhj4WlrLgLwcQiSC3D6CePkZwg_3ecRDDp3z6f0tdDMtNtAWkZd72-VnqJCUpE0fem5yyWH8pNAzVMY7AhZlWQ55w0NUmG1vQWrLnlafOkDWZWYXETJqIsywvpeQ7YD9cBwjeR3rV5lUlAE_Q9ioeDAExV6wekomiyJkEln-7XSsNdEV7ds0DdxMHcfOCAYnkECS_vtFzBe9fxn0QLJvjwTq5__wgAcHyMzB-trLJ5BpLtbEbz6CdbYAHypNsWKSmA0qrcbUcWksaoZffijqVJPbB1JSjhZF5O4Zob8HS73NLepAM92Xw1mnQdOIPzTscTsbIqAdSGfSKjB_4YcBvL2gSykkhBzQxOhoRjKyt0xY41UIoPhdnw3A5bqNDDeEnH0836bH5G36aueuej4hJI8XE6qpqjHEPHqYV-sWCEomc8izVlRO8U-T_MsiMoSuE8NECRgL5xWyeWeNZ-7WEY41V1-X7kKs0Msy2gzY33MJ3O3qf-BVPpiqiyr_BFWeneb4CHAqdsD1iqTgaJ-4Gxm-8ZX7H4HzGl68Xf3con20e3ih4BvSkwfcOF2jdntnXWvTAnM3PDC2xHjTlDRvVd3lXT0QuTD1jNSJLSHc7WQUeEhHzqTvOWBwnsnxAZ3HHfe2tfq0pGlzOOGUl3Nlunq6VzAlrPyQ5nnBwKnEJj5BJJBp8_kIx04842Kp1c5BlIgJ6J3d_CkpeijejFs52dMhi7SIXXnXizg91Ofh4FKzobLD2uCnRc6lhseBtYZXqozb6Daqpa7QyQP01ga-x8Xm5eZPtl5nWR1WFPMvz2KkEETNf8-jtsLVy88f6zZKmO7tAhnGnbqy1-R6LzXMAGkjcXkY5EEvnRfOplDj4cyBdy8g1LUORkNCbjMRXeaSkMFMKWmqrz2wmhuoQXS8zVF70niOycfjQ-QnR5LrrWVNygZYci-BmtugZxwrACTcciCxzsrHGBi7FQyo2ZuZtVCpg4f9nf4pI6H1QiA4A1_lIytARm8XvQgWepEcHLpN9RuqQ-vrGZmNQ26VMW4SexcNB9yDgHaTnu2FB-wgai4I9IK7vMPbsgjFAxmNt46cAQCT6lZ4ufQ69X_F8XeIYhnOzGDfH4z-xAfYdJS4AH1K7QgIhy6087NyXDVTLo5V8x5nr0P6qwt9J7yCA0ivmQvBeySJ8SRmwRW54uDZ-0UktkZfmQ5XwrJMKNIwwuQDPTYXFkRc3dR5cwqYvfNliFgGNseN5KVx9kfh0Rl1a2W6NmJ_jyQQ2kz-aoZ9DQbOjwcmls9T1mG1K6uPZM--laoXcvBLxTiF7ICX8Del8EBDecoquGb5YfrLeuRg3WnHPiwHOyxfUrQXZMgzaePKfKdE0kIsl2uc31_uFDrlcBEDiTw6b7BUnzGwFYapakZIrMkJm0IxaaglP_J0NG1u5_BOE6zTUmTjWUeqcokxQehTRq9PvOiE75ZpmMANUHNavWe-rQZCq7sKYPPnVNus84S5BAbesN3a7W3t764v7fbNl1yQto2kvprakFzJjVAX6APAkxG5jYFyd7dGvIPdBx8uEB3SpwT7lqkYIEVC2d-zUmt1kXFPZMG8BMYGR0OZzgpTO3QWrNa9m1z3_d3J3KCYo7mQk8CMn70NWx3IoVX4S3wLkqAGtF7o5_f9WcKOKTb1_LUauBbM6ACzwEzkAfYQe5v9yEwHytd4H59HskajwPHYcYytIULH_hIo54kDmhx-PV7xTS9naGFN9uYbgH6LCqQdwfcj27lY2WqW1bDhZq2QQbu9qnQedMzVAplyH6vxh9UDMNAsILzTaRv1lk13cdqPGau0tQfUCvVA85_UBh7NeIztJ1PWb-BOrAnyFl43lHzpXMXsXPqOgdoBeMoHZxdcJ10Ecib9TPwmBw6Awu7T92kq0Pc3BWQimbwBJ3fk7_MfT_tqUPdi_s-fZZy-Ql4dtVjLLHnRmf_XcI0OcID05KgZ-CWM1k-Akha5sLN1mn9zg8HpiT0qtJW6sLp_4qD9ByGSeHA8yjtFMNcSrvr-bPMECCD4jwjIOEb4uqXL0CgRAmo5Wrxe5crPi6ptKTtMlyT-vbDrTVWRUFlET6r240pIlV0WBhxjp_wqkoOxsi5djUBEGgV0K6dGGOoJDKnFVafDUGXiR2vLRvwG6rTopub4atmYIqZOxwU5_vawCm-voNU14v39wXBBlZvZKEqs6m1QpS2C3dj5a49DwB7XIkf3rwiLwhi0as-d3tbqz9A9B0f8ZVKMxOQ2840zZjJt9u96zTu2H5Sz9eFiCYz4Zpy6nbIZfI0xgTb-wKnD-gfOBPgUpJrywsRfDEAmv1LlXY7ji3sCWgtLHXj_nTnh3XWTONelvZ4EPXIS0etVNbrPIo_Q4jawhiWPG90bB-Up7kRJwOMF_3n9d8RPow17xLw3UHo2797UjK8NiVZooQ-RYv04YPH3cJs9_y-8K9usRrA5fl-D5-H-gQw6-QqYhsgS99Eh-jbXKSCH93b63uu-CzCDz0poVFqizoJ-dU6-2uwE43Hpb6VOuUyeyFG6wLjQ6breKgeQk1V0Z3vGAfgnSdIHLb6eahcHAG6qo-ysawRHejHH0RJrUF_jIeZlNa4xZyo_Cjtk2is84ABvEcTyqz37uHaHTYLcZyEsmChuGcq_-Fpy0MEC6W7hirWhwfbjMeNJwb8Fnl-mOGUxCz-LyQgWNvhNvLWOEx72By7pF4jPZCxy1Js4Fxz7o6XLKM92Wg3OreTgH-04xPK6UUE_Ydet-19HhjNYK95gJ8he3QkgMh9WUfz2LXSfubT9lXrbFMo9t2b0yYfhimzTDZHKJR9nb8pojSRc3P9PVwufBITXZT0SoB-6wXd2Fni_WUNijoqGucLLuusAnIejF0eGSItUQYBEL8SXDDBs6ZVJCKPBI37KcYG1RTsEUcHobttXGHNX3TSshjLN3tgiKzQJZJ8rdTyG_Vjj0y4ctzM5MJ-1oauJNUYPbhQdMNmAkFHr53kHW7G2IWH0rauRMGtCfXt9W3KoVWFRX0Fx2oPpWtXKs5uS1y9k04Yk78QhvwzdlmWnrIg0vNeMhqTuwqt3-Ig8wcZwn0DSsaRZ6N9XvZ8nOMOV1wD82rHqd-k2_YEJkZdVDcONYzEGUzWymB63_8UWPQAV7aRUW-2FwRD1aBW_0_fxJP__k9cdGUeLACmHmBy1_afqUq9gUdikaUPSyKnALvWxO09Epwf50yiv8vjiqzt_IbSZmeNcFpsQuj5D7WXtCAcoFW-qtejFfkZxI98i_i7jrWoAnzXC6HVhukKebMzDkOWM8qrh34GFQ2yGbtcbJ2avdiJHhYV8cScsPyZjMOz7mu3kkOOeTkYuYsea6aBHA19j-98pXIOieJJWBYVzCpcvBLgr1v3SHsuGqe78Ek1TjQo4b4_cDomAbfvhFj1TSdn5riUu9CLRS1pRD3w088u-tvY9AjIqfRVqosxiGYCClVU7GdQdZQovMPCFwE2rJ6gU4N029gi5LzIECProVJFsopnBkWAZ_JaE_TYmTpyYnU0lsYUEDyO-uStSCnGHMeGXv-ZksEY_VwLkVicrWv8ldH6Syk9Pnn7Vn4HaSHiA5f2futfaFzD-qUQ_wjbE3ErysxgLlvq5J8dsyyIrzy6MfIDk7AEs2KG01Bg6aF-W6ysml1ZA7knAyyq97AWYVFzu6rxWFT0ULXPYr342RralhexKoFgaJljAWurso7PdUI0BmM4Sio9GcG0k5_vSSVW8EV4xOXEK8kbQcTeMxJcwajGT9OsUiyxuCZ95DvIUVl53Cl06s5kFtzjkefVFyybpkjv5BrwEuyXjGFn0IcsH-rgiHes2h0EGcfbtkKJYY82e4-40KyyiPxwjFRm5gL6BzHW_pBHWehz-YrQGFm3y4tRT0Ao8IAEJxbBYUVETo7VDm6qpW20_7wWgRlzc_BrQeauHI2knZ_T-PdIsSj_KEdrAFA1XRBbjMZRke-5Q1_jSBdVPfLICMPVveEZ8wqmME6irRnO-df38UAxyZd-_eEMATwLt9SxUJbhZtWJCiTsEcd58tAbWVwh0ntl30RwMwwiwyoyRJranyemNPXlQ6YOk3oVjtzRZL-oyz4YmFdNthd_CjTat25AC_rzqUFL2XT4dCbkCCt2Li4whcTf00iJiMaMYhIzB1jeRk9Sl9Ja-tbJTYOCjtIfUTO9vt-Qz2eBpRUM-ySn9MJ1iRzzuzGlGNlew7_sxOhThyeTiSs7R78lcTR8R8zXEi1DA8FysfgjkXsGmeRT49R0MZt4nKQjdlZAkmZdZQZrZ5-bqwzsbgqoLsL5trcxtj6CsvPi1cMDm_uHIj8ixZvGwD0ZinB3JY9MpWXPM_45ZBHxHYq_PyYc6FE5cwBtu1eicQKLyPcMmGdWvn5whhT56EfXy96E3jZX3O1B9XfsxNX9DCdorYBU0Neh66tkmpbbvIJXJ6QY_w6rT3kUPQYt7sAWsmw34tn2L89kpm06V71iWdRAH7Lkiw8pDCcMOgqa7Ag-fTFqB2ong5zt1hyOXitZTBVTLOaOuSk5RnnMawC55IvPF6tVHkIQIQ09PVKilQP8Rh7BJ_GzMx5ZHgTRrh-J4txdUF3iWTUGTvZdYbqdYV60_Gf8mMRQu9cOutZ4DTA40waUr2jdJDD9sZr37Tj_rT73VguyT_etEn5y0a0dBhuuh0zxW7r-uOOPdlOQzFiF-jKPGMvlepOVxo-AE2ymHtotBOFSi0u1wxyr1SbJSeoncgGpko0_KsKtdBfOkcUYcQb6BoZBLp0upoORKAyzlEygeA17sFtubfVoLSlDlQ&cid=CAASJORoQNWxl17Ol2rND_0Yr55f4JrhTHCobUna9aJyM7QTdZK-Xg&xfc=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuQA3hml1_NgeOvqK-6-GUmgMBUjNls_d4EWCRFOOsNzHyYxJejx9NIMRa-z5EfTH23wk0HKWE5w1Eext-BosclYvxc1P_l-7PCbOiGnQmkFreM_hIN5wPNBINEhGls_x485VkvL6X4aCztMfU5FJu2tkCOPCKzqYmo0qBZyAp7wU6WilC4fpDHxcb2tWE4N5uq-T4hADSLYYo2ocVaDX95ycZNt5FAjWzMzwR7SrpaYY7sCis4-PnRBCqYX9hqQL3gp8ihklkAVQ3o2J9SysBr6TWhWewGFoCoMSl6C3-Dvq3jlPdG1OWiqAoJhCMATI7rIrVUbwo6dau5MiO5Fx37-DUcmi8MHzjohyoTNC8%26sai%3DAMfl-YRvgsPwERRJfoJ0y-UI6Tw_x_bn8MxBo2fa5BGoul8M0GDB5Yne1aJAce7sP-cKOUFRMpoh5aE3FVKkVdE3NyyisdEussvg8JWyOlRJx-k0aioya5oNcFsukd6WRg%26sig%3DCg0ArKJSzOnmkYQ4X6kDEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&rfl=2%2Chttps%253A%252F%252Fglamour.globo.com%242%2Chttps%253A%252F%252Fglamour.globo.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 05:14:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
impl_v90.js
www.googletagservices.com/dcm/ Frame 2880 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v90.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 14:49:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51897
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21331
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 13:07:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Aug 2023 14:49:03 GMT
generate_204
tpc.googlesyndication.com/ Frame C2C0 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?rp4apA
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
c4e75b9c98374ab38bd38ee09e720f64_sharpgroteskmedium18.woff
static.criteo.net/design/dt/ Frame 3F1E 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/c4e75b9c98374ab38bd38ee09e720f64_sharpgroteskmedium18.woff
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YwcFFgAGgokIaAY0AAAnMNxKp9bCD7dQ1Ixnqw&u=%7CdPGRhl%2B7%2BMWgpPFIpCJqMtCJIuSB7aEzylITgSDLOdw%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MTceYYGR9Jp5gwJSFuY1ZhN1_Ei2GJq8gd_G0tw1r14hnbYpVmvZEeZ3grlLUx-z4YYgXcAXP-xm45dOpRMTQ2S5iczFkxYc4DVGYC46ATP-k6EYWtuYZ03Fn2IUxSqnA_ihx5X8BFdchR5NyXI4oYxBTP2vLFJ5UMkfKCLc84eaNK2weWxmJ71gTfmFr8odm5bxqiOQJ--htYWPUtQ7RKgLoSbTX6T59wBkzS5n5CjsxYsz6Cs9dCgWg904mlqCZzn9F_BGivAe1umNo23lypsKXgoF0-WcHUiCJBaJJm13slpbs8eEc1FyD8sMMR46ul6bAZOhIsMZyQwgNT9Rc1vQ9KulDUKYGLE_O4T_q71i1dk-CTLivbkQd8NiriMGMz4oD1Uj0l3d6g9UZ3wHDOqD9RBRmTkxUKli2P7duAyr0zhZFthEV5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTXExFgUHY4mFGrSMoPMPsM6AuAecge-wXNqkqap0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN6ABrN3-6APIAQngAgCoAwGqBNQCT9DBe3BZCAmn095o1iZouRKGQHDII5v-6LFV0nXaKTdGgkpaKzANBAqC5gW_mk3z7OXElD4oa-YJ4kAMQMRerD2-_XB52qxxOfsLXCsJT8BaFEmWq3WE0JKS_jgO8WM1wCJRDc7rXco8ACI66A4Y-E4Ade9Fqbg24omZB7vHKkQ14Qvpyn6PkoIfi_Kj5dKUoyuX_O8V-4jFqjJxaWdz1eZ7jZ29K2rqOBvCQcPLXW_3RT_qtEmNLkS0LfmikJe0lJOdPFjmR2lDGN2dlyOsT3XGggo6FntlmBPAEH8q8IIu4RBn2gPpBGXWW47nZMqdEB0p-Gk2u16ro0T9lzyza6zdWOY2QeAUSt5LoG80ZKFlx1mb_EHkmYjuD7g3PGE8Xow-dROFmlJXWaCak2gL4Cozx_xj2hyqt6qcKSqXc9GZQZSbSwZFA30QjYN6gRTPlZXkvOAEAYAG8svvvtjL7-1JoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1BBFSwNw0F-QD9vVwmK83CozIVhQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
16d0e4f6d886d964d81d7d00ab1a28c4a446a80f1f17a56fd09147b39ee53aec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Origin
https://ads.us.criteo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
content-encoding
gzip
last-modified
Mon, 17 Dec 2018 16:02:29 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c17c895-8854"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Aug 2023 05:14:00 GMT
integrator.js
adservice.google.com/adsid/ Frame F062 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=config.seedtag.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js?cb=31069129
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 05:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame F062 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4303816873566318&correlator=3969085887187970&eid=31069104%2C31069129%2C21068766%2C31068827&output=ldjh&gdfp_req=1&vrg=2022081701&ptt=17&impl=fif&iu_parts=21834399124%2CAMG2361_TM_Unidos_Base_2022%2C01_Display_HA_18_Spanish&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=1032189334&sfv=1-0-38&click=https%3A%2F%2Fclickserv.sitescout.com%2Fclk%2F7bda935385abd164%2F138d11265d806d1a%2F63070516df1bfd3905d50040%2F0%3Fr%3D&fsapi=false&eri=2&sc=1&cdm=config.seedtag.com&abxe=1&dt=1661404440673&lmt=1561458878&dlt=1661404440086&idt=562&adxs=0&adys=0&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=fz4hito7b9vu&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Fconfig.seedtag.com%2Fstandard-iframe%2Findex.v1.html&ref=https%3A%2F%2Fglamour.globo.com%2F&top=https%3A%2F%2Fglamour.globo.com%2F&frm=8&vis=1&psz=300x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=31138590.1661404441&ga_sid=1661404441&ga_hid=1952414221&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js?cb=31069129
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
a135107db4278af6e0c7513f61442d9e6a0b7e008c13de7d82ede5046876be38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8758
x-xss-protection
0
google-lineitem-id
6054939741
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138398710353
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://config.seedtag.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
bb772c466fb6df497b37ef72aab4cbbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FC1B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bb772c466fb6df497b37ef72aab4cbbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js?cb=31069129
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://config.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 05:14:00 GMT
expires
Fri, 25 Aug 2023 05:14:00 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 31DC 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?UeLnvQ
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
r.js
q.adrta.com/ Frame F062 		108 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://q.adrta.com/r.js?v=22.100&rcb=558772&cb=1661404438456
Requested by
Host: q.adrta.com
URL: https://q.adrta.com/aa.js?cb=1661404438456
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.63.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-63-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d6532a71692cf5f160e55e5baf697279d831a40caaf750161236d5b55b0ad6a6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 25 Aug 2022 05:14:00 GMT
content-encoding
gzip
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
asyncPixelSync
pixel-sync.sitescout.com/dmp/ Frame C0F5 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel-sync.sitescout.com/dmp/asyncPixelSync?nid=64&wb=1&hdid=0
Requested by
Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
207.198.113.88 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
104172b04b0ecda98f11cf5f4e9265b4b0a9ae3a7584ffd579f2ea33a66e0e0b

Request headers

Referer
https://config.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0,no-cache,no-store
content-length
1104
content-type
text/html;charset=UTF-8
date
Thu, 25 Aug 2022 05:14:00 GMT
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
server
AC1.1
B28373530.344142128;dc_ver=90.265;sz=250x250;u_sd=1;gdpr=0;dc_adk=1221982917;ord=nrhpkp;click=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FIuAO_euH2T-0TzLjXRDJPwAAAIA9CiFAsm1IW9zL0j_a5sb0hCXjP8SWpVTGD...
ad.doubleclick.net/ddm/adi/N1305047.278396BETGENIUS/ Frame 7454 		48 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N1305047.278396BETGENIUS/B28373530.344142128;dc_ver=90.265;sz=250x250;u_sd=1;gdpr=0;dc_adk=1221982917;ord=nrhpkp;click=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FIuAO_euH2T-0TzLjXRDJPwAAAIA9CiFAsm1IW9zL0j_a5sb0hCXjP8SWpVTGDiBx_7pedyaZkyQWBQdjAAAAAAH9XAGpDwAAmBwAAAIAAAAuGZ4WRVUlAAAAAABVU0QAQlJMAPoA-gBPgQAAAAABAgUCAAAAAKoAFCVQGgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%25217xVpdQiQ-ssZEK6y-LQBGMWqlQEgACgAMZqZmZmZme0_OglOWU0yOjU3MDdAjy9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjU3MDc%3D%2Fbn%3D92044%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fglamour.globo.com$2,https%3A%2F%2Fglamour.globo.com%2F$0;xdt=1;crlt=zTkeA1GAIu;gcsr=m;stc=1;chaa=1;sttr=166;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f6.1e100.net
Software
cafe /
Resource Hash
8404a9bcf2e688a2888c135ad23f014de6d7d622b0516381defbe0969375e862
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://config.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
24779
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 05:14:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame FC79 		981 B
853 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1661404438606,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.132.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-212.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ef468b047afc32102bcf85150daa4ddc44e9220cb158f971963d0c46099a4551

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:00 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
607
expires
Thu, 25 Aug 2022 05:14:00 GMT
container.html
bb772c466fb6df497b37ef72aab4cbbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D7F7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bb772c466fb6df497b37ef72aab4cbbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js?cb=31069129
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://config.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 05:14:00 GMT
expires
Fri, 25 Aug 2023 05:14:00 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1FD2 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=4009&pub_id=1986072
Requested by
Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.132.198 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-198.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://config.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 25 Aug 2022 05:14:00 GMT
ETag
"623de86a-cf34"
Expires
Fri, 26 Aug 2022 05:14:02 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
vevent
nym1-ib.adnxs.com/ Frame 2880 		0
838 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&e=wqT_3QLGDfD9xgYAAAMA1gAFAQiWipyYBhDErZal5diDkHEY__X6uuek5skkKjYJIuAO_euH2T8RtE8y410QyT8ZAAAAgD0KIUAhsm1IW9zL0j8p2ubG9IQl4z8xAAAA4KNw3T8wgfrzCjipH0CYOUgCUK6y-LQBWMWqlQFgAGjPglZ4jM8FgAEBigEDVVNEkgEDQlJMmAH6AaAB-gGoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKAnd1ZignYScsIDUwNjUxNzAsIDE2NjE0MDQ0MzgpO3VmKCdpJywgNzUxMzQxNCwgMTY2MTQwNDQzOCk7dWYoJ2cnLCAxODcyNTM1NyxCOwAwcicsIDM3OTQ1OTg4NjY9APCLkgK1BCFjSHhwY1FpUS1zc1pFSzZ5LUxRQkdBQWd4YXFWQVRBRU9BQkFBRWlZT1ZDQi12TUtXQUJnUDJnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkVLZ0JDckFCQUxrQjR3SHp5NGdsNHpfQkFlTUI4OHVJSmVNX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWNiS3lnUDFBY3h0a3otWUFnQ2dBZ0cxQWcBIwRDOQkI8FVEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnR0FBd0dZQXdHNkF3bE9XVTB5T2pVM01EZmdBNDh2Z0FUb25vVUppQVRzbm9VSmtBUUJtQVFCd1FRQQFiBQEITWtFBQgFARhEWUJBRHhCBQwJAWxpQVhMTEpBRjZwOU1xUVYyaWVxdGdXMFVRTEVGASKIb0xXajVUX0JCUUFBQUtDMW93VkF5UVVBQUFDQWQwRGJQOUUFKAkBBERaBSgBAfBDUEFfNEFXNTB3UHdCZTN6OWdqNEJkS1R0UUtDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCcHFabVptWm1lMF9xQVlFc2dZa0MBdA0BAEUdDABHHQwASR0MIHVBWUstQWZRMAFsWDRUVkNQZ0huZGdJLUFmTjZBajRCLWZ4ARRUOGZNSS1BZWc5UWcumgKZASE3eFZwZD45AjBNV3FsUUVnQUNnQU1aGZ0YT2dsT1dVMC2JFGRBank5Sg2kEEE4RDlSEQwMQUFCWh0MAGgdDABwHQwAeB0MCDRBSS5BAvSOATgusgIkZTQ3OWVjNGItNmIwNS00ZDc4LTk4MDEtYTNlZWRhOWUxMGY02AKfRuAC7pBd6gJqaHR0cHM6Ly9nbGFtb3VyLmdsb2JvLmNvbS9saWZlc3R5bGUvbm90aWNpYS8yMDE5LzEyL21lbGhvcmVzLWRvLWFuby1vcy1tZW1lcy1tYWlzLWVuZ3JhY2Fkb3MtZGUtMjAxOS5naHRtbIADAIgDAZADAJgDFKADAaoDAMADrALIAwDYA5KIAuADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEDDE2Ny44OC43LjE2MqgEALIEDAgAEAAYACAAMAA4ArgEAMAEzsC5IsgEANIEDjczMjAjTllNMjo1NzA32gQCCAHgBADwBK6y-LQB-gQSCQAAAMCm8URAEQAAAKDEDFbAiAUBmAUAoAX___________8BqgUtNDA4ODQ5ZmQtYzAxZi00NmIyLWEzZjctODljODk2YmEwNGM5X0FwcE5leHVzwAUAyQUAAAAAAADwP9IFCQkAAAUNiADYBQHgBQHwBaeiAvoFBAgAEACQBgCYBgCiBg40MDA5I05ZAagcNDAyuAYAwQYJNCjwP9AGqSXaBhYKEAkRGQFgEAAYAOAGAfIGhwEI6p9MEoABemhKMF9sb0EX2ERBQWtDQlFFSXZZTGFCeEN4dE5nQ0dQcUJpZ01nQnlnQVFKSDFpd2RJci1pTUIxQ1BMMWlhS2598AxIZ0FnlaEYQUFBSWdCQYHhLEpvQkFnZ0FxQUVBcy4gADhBLi6ABwGIBwCgBwG6Bw8B30wYACAAMAA43B5AAMgHjM8F0gcNCQnABD5AAb4I2gcGCSdg4AcA6gcCCADwBwCKCAIQAJUIAACAP5gIAQ..&s=36d62e033e6d59ac0bd8f89d9f7950a08413b6ec&type=nv&nvt=5&jm=1003&px=0&py=0&bw=250&bh=250&sid=2370744471482453820&vd=ct~0|rr~0&sv=224&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=22871297&cid=3&cr=nv&sw=1600&sh=1200&pw=250&ph=254&ww=250&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:00 GMT
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
afd37869-8681-4762-9f41-af45cdee95d0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://config.seedtag.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame D158 		158 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1661404438606,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.132.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-212.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
081d455bd5ad34e6a70e34cf5222173a504db11c69cff556b99a87f328b06931

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 05:53:15 GMT
server
Apache
etag
"277a7-5e42219c4aaee-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38049
cdnf.js
pix.adrta.com/ Frame F062 		31 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pix.adrta.com/cdnf.js?v=22.100
Requested by
Host: q.adrta.com
URL: https://q.adrta.com/aa.js?cb=1661404438456
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-119.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d434461376b8827aa6fb19f01d9afa491e4458444af87caddb5986ccde24bd3c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
uAaDO_L2FwS0V0UUMftE_G6ADNRHS9EJ
via
1.1 c67ae9899d89f9402837da3a0ead9442.cloudfront.net (CloudFront)
last-modified
Wed, 29 Jun 2022 07:44:04 GMT
server
AmazonS3
age
84038
etag
"34e0b8551cb8eab694e53a3432ed4d23"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
date
Wed, 24 Aug 2022 05:53:24 GMT
x-amz-cf-pop
EWR53-C1
accept-ranges
bytes
content-length
31858
x-amz-cf-id
hecm0OThg1U8Aaqm3TJJMauJB2GbRGgtK75Z2AVdPhNfpKKG855wKQ==
ibs:dpid=82530&dpuuid=ac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame C0F5 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=82530&dpuuid=ac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553&gdpr=0&gdpr_consent=
Requested by
Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.162.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-162-154.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pixel-sync.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v038-07559b560.edge-va6.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
rB12v/2/Qmk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
um
sync.teads.tv/ Frame C0F5 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=73&uid=ac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553&gdpr=0&gdpr_consent=
Requested by
Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.53.73 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-53-73.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pixel-sync.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:01 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 25 Aug 2022 05:14:01 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif
384136.gif
idsync.rlcdn.com/ Frame C0F5 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/384136.gif?partner_uid=ac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553
Requested by
Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pixel-sync.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 05:14:00 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sd
us-u.openx.net/w/1.0/ Frame C0F5 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=ac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553&gdpr=0&gdpr_consent=
Requested by
Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pixel-sync.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:00 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
usync
su.addthis.com/red/ Frame C0F5 		0
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://su.addthis.com/red/usync?pid=11185&puid=ac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553
Requested by
Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.77.220.151 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-220-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pixel-sync.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:01 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
p3p
policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
content-type
image/png;charset=utf-8
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame D7F7 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js
Requested by
Host: bb772c466fb6df497b37ef72aab4cbbb.safeframe.googlesyndication.com
URL: https://bb772c466fb6df497b37ef72aab4cbbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bb772c466fb6df497b37ef72aab4cbbb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Sep 2022 05:12:50 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame D7F7 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: bb772c466fb6df497b37ef72aab4cbbb.safeframe.googlesyndication.com
URL: https://bb772c466fb6df497b37ef72aab4cbbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bb772c466fb6df497b37ef72aab4cbbb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 07:24:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
424181
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 20 Aug 2023 07:24:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D7F7 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bb772c466fb6df497b37ef72aab4cbbb.safeframe.googlesyndication.com
URL: https://bb772c466fb6df497b37ef72aab4cbbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bb772c466fb6df497b37ef72aab4cbbb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44079
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661341966742178"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 25 Aug 2022 05:14:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 8610 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1661404438606,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.132.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-212.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=18342
content-encoding
gzip
content-length
13946
content-type
text/html
date
Thu, 25 Aug 2022 05:14:00 GMT
expires
Thu, 25 Aug 2022 10:19:42 GMT
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame D158 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1661404438606,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.132.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-212.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
content-encoding
gzip
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=18342
accept-ranges
bytes
content-type
text/html
content-length
13946
expires
Thu, 25 Aug 2022 10:19:42 GMT
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame D7F7 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: bb772c466fb6df497b37ef72aab4cbbb.safeframe.googlesyndication.com
URL: https://bb772c466fb6df497b37ef72aab4cbbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bb772c466fb6df497b37ef72aab4cbbb.safeframe.googlesyndication.com/
Origin
https://bb772c466fb6df497b37ef72aab4cbbb.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 08:52:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73310
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 25 Aug 2022 08:52:11 GMT
9118196663948119722
s0.2mdn.net/simgad/ Frame 7454 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9118196663948119722
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1305047.278396BETGENIUS/B28373530.344142128;dc_ver=90.265;sz=250x250;u_sd=1;gdpr=0;dc_adk=1221982917;ord=nrhpkp;click=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FIuAO_euH2T-0TzLjXRDJPwAAAIA9CiFAsm1IW9zL0j_a5sb0hCXjP8SWpVTGDiBx_7pedyaZkyQWBQdjAAAAAAH9XAGpDwAAmBwAAAIAAAAuGZ4WRVUlAAAAAABVU0QAQlJMAPoA-gBPgQAAAAABAgUCAAAAAKoAFCVQGgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%25217xVpdQiQ-ssZEK6y-LQBGMWqlQEgACgAMZqZmZmZme0_OglOWU0yOjU3MDdAjy9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjU3MDc%3D%2Fbn%3D92044%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fglamour.globo.com$2,https%3A%2F%2Fglamour.globo.com%2F$0;xdt=1;crlt=zTkeA1GAIu;gcsr=m;stc=1;chaa=1;sttr=166;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
642a87ebc12af5f33931cbf41d1cbab3468f80ddc62d72e3e1a88c3e2bd401b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 16:51:49 GMT
x-content-type-options
nosniff
age
130932
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75248
x-xss-protection
0
last-modified
Mon, 22 Aug 2022 13:07:49 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Aug 2023 16:51:49 GMT
sodar_loader.js
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/xfa/ Frame 7454 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/xfa/sodar_loader.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1305047.278396BETGENIUS/B28373530.344142128;dc_ver=90.265;sz=250x250;u_sd=1;gdpr=0;dc_adk=1221982917;ord=nrhpkp;click=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FIuAO_euH2T-0TzLjXRDJPwAAAIA9CiFAsm1IW9zL0j_a5sb0hCXjP8SWpVTGDiBx_7pedyaZkyQWBQdjAAAAAAH9XAGpDwAAmBwAAAIAAAAuGZ4WRVUlAAAAAABVU0QAQlJMAPoA-gBPgQAAAAABAgUCAAAAAKoAFCVQGgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%25217xVpdQiQ-ssZEK6y-LQBGMWqlQEgACgAMZqZmZmZme0_OglOWU0yOjU3MDdAjy9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjU3MDc%3D%2Fbn%3D92044%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fglamour.globo.com$2,https%3A%2F%2Fglamour.globo.com%2F$0;xdt=1;crlt=zTkeA1GAIu;gcsr=m;stc=1;chaa=1;sttr=166;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
874e545a5055f7c8602c30ffd711768e8105bb75c87045a794f934d9cffa30c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 16:01:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47569
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4037
x-xss-protection
0
server
cafe
etag
4842123143989086801
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Sep 2022 16:01:11 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame 7454 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1305047.278396BETGENIUS/B28373530.344142128;dc_ver=90.265;sz=250x250;u_sd=1;gdpr=0;dc_adk=1221982917;ord=nrhpkp;click=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FIuAO_euH2T-0TzLjXRDJPwAAAIA9CiFAsm1IW9zL0j_a5sb0hCXjP8SWpVTGDiBx_7pedyaZkyQWBQdjAAAAAAH9XAGpDwAAmBwAAAIAAAAuGZ4WRVUlAAAAAABVU0QAQlJMAPoA-gBPgQAAAAABAgUCAAAAAKoAFCVQGgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%25217xVpdQiQ-ssZEK6y-LQBGMWqlQEgACgAMZqZmZmZme0_OglOWU0yOjU3MDdAjy9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjU3MDc%3D%2Fbn%3D92044%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fglamour.globo.com$2,https%3A%2F%2Fglamour.globo.com%2F$0;xdt=1;crlt=zTkeA1GAIu;gcsr=m;stc=1;chaa=1;sttr=166;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:00:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
784
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Sep 2022 05:00:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7454 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1305047.278396BETGENIUS/B28373530.344142128;dc_ver=90.265;sz=250x250;u_sd=1;gdpr=0;dc_adk=1221982917;ord=nrhpkp;click=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FIuAO_euH2T-0TzLjXRDJPwAAAIA9CiFAsm1IW9zL0j_a5sb0hCXjP8SWpVTGDiBx_7pedyaZkyQWBQdjAAAAAAH9XAGpDwAAmBwAAAIAAAAuGZ4WRVUlAAAAAABVU0QAQlJMAPoA-gBPgQAAAAABAgUCAAAAAKoAFCVQGgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%25217xVpdQiQ-ssZEK6y-LQBGMWqlQEgACgAMZqZmZmZme0_OglOWU0yOjU3MDdAjy9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjU3MDc%3D%2Fbn%3D92044%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fglamour.globo.com$2,https%3A%2F%2Fglamour.globo.com%2F$0;xdt=1;crlt=zTkeA1GAIu;gcsr=m;stc=1;chaa=1;sttr=166;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44079
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661341966742178"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 25 Aug 2022 05:14:01 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7454 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuSTqS5KaYo14wEP9Ueke8r2hEiNEDJ8V0puVcMAy0uAPnQ2b7-vlBi_q4MZOK_lLP9o-bnqxuoOMAeuwSL85XF1SZ5zP3XaOGhqOvDDS_jMG8EsH_z3lHaHj_8sB4dUz8aXJmHaqpfItEvRFiWOUGeEQA18AFwQD-NJB-2dL6MrJz0PABo5Hym2t6I&sig=Cg0ArKJSzKwtHkaI2qAMEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20220822.30147&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1305047.278396BETGENIUS/B28373530.344142128;dc_ver=90.265;sz=250x250;u_sd=1;gdpr=0;dc_adk=1221982917;ord=nrhpkp;click=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FIuAO_euH2T-0TzLjXRDJPwAAAIA9CiFAsm1IW9zL0j_a5sb0hCXjP8SWpVTGDiBx_7pedyaZkyQWBQdjAAAAAAH9XAGpDwAAmBwAAAIAAAAuGZ4WRVUlAAAAAABVU0QAQlJMAPoA-gBPgQAAAAABAgUCAAAAAKoAFCVQGgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%25217xVpdQiQ-ssZEK6y-LQBGMWqlQEgACgAMZqZmZmZme0_OglOWU0yOjU3MDdAjy9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjU3MDc%3D%2Fbn%3D92044%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fglamour.globo.com$2,https%3A%2F%2Fglamour.globo.com%2F$0;xdt=1;crlt=zTkeA1GAIu;gcsr=m;stc=1;chaa=1;sttr=166;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 05:14:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7454 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1305047.278396BETGENIUS/B28373530.344142128;dc_ver=90.265;sz=250x250;u_sd=1;gdpr=0;dc_adk=1221982917;ord=nrhpkp;click=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FIuAO_euH2T-0TzLjXRDJPwAAAIA9CiFAsm1IW9zL0j_a5sb0hCXjP8SWpVTGDiBx_7pedyaZkyQWBQdjAAAAAAH9XAGpDwAAmBwAAAIAAAAuGZ4WRVUlAAAAAABVU0QAQlJMAPoA-gBPgQAAAAABAgUCAAAAAKoAFCVQGgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%25217xVpdQiQ-ssZEK6y-LQBGMWqlQEgACgAMZqZmZmZme0_OglOWU0yOjU3MDdAjy9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjU3MDc%3D%2Fbn%3D92044%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fglamour.globo.com$2,https%3A%2F%2Fglamour.globo.com%2F$0;xdt=1;crlt=zTkeA1GAIu;gcsr=m;stc=1;chaa=1;sttr=166;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 15:59:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47653
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Aug 2023 15:59:48 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 9489 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157743&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:01 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 8610 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=8663211&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
245b5194e7493d18ae67e3d84082376cce3e88752050ba387f4d60c51d1e1738

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync
ib.adnxs.com/ Frame 1FD2 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=4009&pub_id=1986072&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=4009&pub_id=1986072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:01 GMT
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
eb23b8a6-f7c1-419b-bc88-66b92738805e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7454 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
98f8872e1b56028b79c924ebe11aef57be797b06164a8d9114ffd5c82001ab8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 05:14:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5441
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9151 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
47651
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 15:59:50 GMT
expires
Thu, 24 Aug 2023 15:59:50 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
ipv6.adrta.com/ Frame F062 		124 B
242 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ipv6.adrta.com/?callback=_1661404441119
Requested by
Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=22.100
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:b4f:4b01:546e:1973:3083:feba Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
19486d8ab5ba9b0f646524179ba9d5bf3811c57fa54c7a4ed482742370a48669
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
content-type
text/javascript; charset=utf-8
i
adrta.com/ Frame F062 		144 B
272 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adrta.com/i?cb=31220688&__aasv=22.101&__aaii=8138701677818892249&__aait=1661404440750&__aavz=0&__aaib=0&__aaai=1&__aaaa=0&__aafl=0&__aaaf=1&__aaag=8&__aahd=%7B%22chrome%22%3A%22na%22%7D&__aaax=0&__aaay=0&__aasz=300x250&__aapf=0&__aaec=4&__aaup=1&__aaae=0&__aaat=0&__aaav=0&__aaas=0&__aaah=0&__aaph=0&__aapw=0&__aapc=0&__aap1=0&__aap2=0&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aaho=1&__aacb=1661404438456&__aaxf=167.88.7.162%2C%2010.1.1.156&__aaci=ss&paid=ss&avid=110110&caid=2172825&publisherId=3050&kv5=&plid=6117171&segment=&kv4=167.88.7.162&kv14=&kv1=300x250&siteId=411664&kv7=64&kv15=UNKNOWN&kv16=&kv17=&kv18=&kv24=WEB&kv22=&kv11=63070516df1bfd3905d50040&kv3=&kv55=1.0,1!seedtag.com,5773-7780-01,1!smartadserver.com,3050,1!centro.net,64,1&kv27=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&kv2=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&__aapu=https%3A%2F%2Fconfig.seedtag.com%2Fstandard-iframe%2Findex.v1.html&__aapr=https%3A%2F%2Fglamour.globo.com&__aatu=https%3A%2F%2Fglamour.globo.com
Requested by
Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=22.100
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.70.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-70-231.compute-1.amazonaws.com
Software
nginx /
Resource Hash
089937d36fb91b0cc9fee6301bdbe6728d16d09bb64a36ce24de0e181a0270fb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:01 GMT
cache-control
no-cache
content-type
text/javascript;charset=ISO-8859-1
server
nginx
content-encoding
gzip
expires
Thu, 01 Jan 1970 00:00:00 GMT
aid:63070516df1bfd3905d50040;cid:2172825;ts:1661404438456;vwmc:1;vwc:0
viewability-events-p2w.sitescout.com/viewability/ Frame F062 		0
452 B 		Script
General
Check archive.org
Download Go to
Full URL
https://viewability-events-p2w.sitescout.com/viewability/aid:63070516df1bfd3905d50040;cid:2172825;ts:1661404438456;vwmc:1;vwc:0
Requested by
Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=22.100
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
209.25.233.251 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:00 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
access-control-allow-origin
*
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
index.html
s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/ Frame E0EA 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4db180d7727a13fc07c89f714a1b3d7f5277d59a61c61068048997bc1eb077d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bb772c466fb6df497b37ef72aab4cbbb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3117
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
2979
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 04:22:04 GMT
expires
Fri, 26 Aug 2022 04:22:04 GMT
last-modified
Mon, 18 Jul 2022 20:43:15 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame D7F7 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumeOnsn_cve07S3NQEw6EQdpHtOMy2wRY2UxVRzpPBLHQsru2-F8WeXBBt4YDGYjbAvdJ8AJfEB6vw-fE25v-UlKebZ4exG9Wb-ekUKfQAONnvUWFdvy5HKbMcn_134nZLDxEFQjv4yTDeVRTrtgvW5OE7rlnipd0XhMKj1pC0pc1p5Lv9j94gzVv1J7VN5QLVHNhUzcHQKUx7KjCh_wHeoTxkLoj-2VsVvMf1K6RKoXZiMmneii8VfrB_ulnVrxxoUCo7nPJ8rCuqdlVsexkxKN5RjFXIhseaM4LMThLmHrmP-qUuG86SHv62gFB6PqXlEIWKkE3Q3eoMemX0txnQ38Dc7GLDN-a-ckOey9q11khLhny9Z00Lgeq4cfLLVQ&sai=AMfl-YSRhn8epBjZHyAipkZjAuogxI9crCuAbBCx-fM-a7d1pbNSvFK5cVefvlbvLg1sYIIxGZrIJW8iHv5kuImq7LEsYpBQa-VFLD-IeA&sig=Cg0ArKJSzDxTowbepj5VEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: bb772c466fb6df497b37ef72aab4cbbb.safeframe.googlesyndication.com
URL: https://bb772c466fb6df497b37ef72aab4cbbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bb772c466fb6df497b37ef72aab4cbbb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 05:14:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 6262
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
52 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Thu, 25 Aug 2022 05:14:01 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-chi-klot8100047-CHI
x-timer
S1661404441.189018,VS0,VE2

Redirect headers

accept-ranges
bytes
content-length
0
date
Thu, 25 Aug 2022 05:14:01 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-chi-klot8100047-CHI
x-timer
S1661404441.161711,VS0,VE2
x-vcl-time-ms
2
Pug
image2.pubmatic.com/AdServer/ Frame 9B7C
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=RyHUwfMiBie0bkVxGQUHYw
42 B
308 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=RyHUwfMiBie0bkVxGQUHYw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 25 Aug 2022 05:14:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Thu, 25 Aug 2022 05:14:01 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=RyHUwfMiBie0bkVxGQUHYw
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
pub
matching.truffle.bid/sync/ Frame CAF9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.47.120 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.120.47.161.5.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 25 Aug 2022 05:14:01 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
image2.pubmatic.com/AdServer/ Frame 95AA
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=81181572-18f0-40ef-b32f-bbf09c56b563
1 B
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=81181572-18f0-40ef-b32f-bbf09c56b563
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 25 Aug 2022 05:14:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 25 Aug 2022 05:14:01 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=81181572-18f0-40ef-b32f-bbf09c56b563
strict-transport-security
max-age=15724800; includeSubDomains
pubmatic
ad.mrtnsvr.com/sync/ Frame 5E27 		0
0
cookiesync
core.iprom.net/ Frame BC6E 		43 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 25 Aug 2022 05:14:01 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-0f4d8eba7cc2@version_1.522v2
X-core-time
0ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame 7B92
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
  • https://match.bnmla.com/usersync?dspid=6&uuid=3E9CCFB3269E467B9622CCC5F9172B9A
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D
  • https://match.bnmla.com/usersync?dspid=170&uuid=34D0F340BBB6452EA27D42C1AC0AC8BC
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=accd1af1-c842-451b-9d73-e43091cf9536
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=accd1af1-c842-451b-9d73-e43091cf9536
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 25 Aug 2022 05:14:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 25 Aug 2022 05:14:01 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=accd1af1-c842-451b-9d73-e43091cf9536
Server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 1FB2
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3E9CCFB3269E467B9622CCC5F9172B9A
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3E9CCFB3269E467B9622CCC5F9172B9A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 25 Aug 2022 05:14:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Thu, 25 Aug 2022 05:14:01 GMT
expires
Wed, 24 Aug 2022 05:14:01 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3E9CCFB3269E467B9622CCC5F9172B9A
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame 8610
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4
  • https://spl.zeotap.com/?zdid=1332&zcluid=59f616327039d82b
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1821a04c-d5bf-4814-527e-b33eb5d68ed3&reqId=d2788f05-3bcc-4821-40cb-c1a0b0daa10c&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEBK2-wYAkc2WHuoSZkW6RGU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1821a04c-d5bf-4814-527e-b33eb5d68ed3&reqId=d2788f05-3bcc-4821-40cb-c1a...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEBK2-wYAkc2WHuoSZkW6RGU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1821a04c-d5bf-4814-527e-b33eb5d68ed3&reqId=d2788f05-3bcc-4821-40cb-c1a0b0daa10c&zcluid=59f616327039d82b&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7401d7812e566332-ORD
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEBK2-wYAkc2WHuoSZkW6RGU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1821a04c-d5bf-4814-527e-b33eb5d68ed3&reqId=d2788f05-3bcc-4821-40cb-c1a0b0daa10c&zcluid=59f616327039d82b&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 8610
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4&addseg=10,33,39
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4&addseg=10,33,39
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
162.248.18.10 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Redirect headers

date
Thu, 25 Aug 2022 05:14:01 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4&addseg=10,33,39
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 8610
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:01 GMT
Frontend-ID
6
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:01 GMT
Frontend-ID
11
Location
/pubmatic/1/info2?sType=sync&sExtCookieId=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4&sInitiator=external&gdpr=0&gdpr_consent=
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame 8610 		43 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-112.ewr53.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:01 GMT
via
1.1 64269b4eda1211bca4d40d7ab2177910.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR53-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
gk3j1QXJCMF_tfkDTFX9zFPpAzyVsHpJsnH8rzB6t3NZ4Z6Gn-0Kew==
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 8610
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7412760816595641933
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7412760816595641933
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:01 GMT
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
284d2246-adbc-4775-9608-b9f5266ab34f
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7412760816595641933
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8610
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:16d9abf7-a0d1-4154-b85b-1fe4335d8615&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:16d9abf7-a0d1-4154-b85b-1fe4335d8615&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 15:48:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:16d9abf7-a0d1-4154-b85b-1fe4335d8615&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 25 Aug 2022 05:14:01 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame 9151 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 20:03:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
292211
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 21 Aug 2023 20:03:50 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7454 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuSTqS5KaYo14wEP9Ueke8r2hEiNEDJ8V0puVcMAy0uAPnQ2b7-vlBi_q4MZOK_lLP9o-bnqxuoOMAeuwSL85XF1SZ5zP3XaOGhqOvDDS_jMG8EsH_z3lHaHj_8sB4dUz8aXJmHaqpfItEvRFiWOUGeEQA18AFwQD-NJB-2dL6MrJz0PABo5Hym2t6I&sig=Cg0ArKJSzKwtHkaI2qAMEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=197&vt=11&dtpt=195&dett=2&cstd=0&cisv=r20220822.30147&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1305047.278396BETGENIUS/B28373530.344142128;dc_ver=90.265;sz=250x250;u_sd=1;gdpr=0;dc_adk=1221982917;ord=nrhpkp;click=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FIuAO_euH2T-0TzLjXRDJPwAAAIA9CiFAsm1IW9zL0j_a5sb0hCXjP8SWpVTGDiBx_7pedyaZkyQWBQdjAAAAAAH9XAGpDwAAmBwAAAIAAAAuGZ4WRVUlAAAAAABVU0QAQlJMAPoA-gBPgQAAAAABAgUCAAAAAKoAFCVQGgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%25217xVpdQiQ-ssZEK6y-LQBGMWqlQEgACgAMZqZmZmZme0_OglOWU0yOjU3MDdAjy9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjU3MDc%3D%2Fbn%3D92044%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fglamour.globo.com$2,https%3A%2F%2Fglamour.globo.com%2F$0;xdt=1;crlt=zTkeA1GAIu;gcsr=m;stc=1;chaa=1;sttr=166;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 05:14:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7454 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 25 Aug 2022 05:14:01 GMT
style.css
s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/ Frame E0EA 		4 KB
978 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5555daf03e1bdb04700bb3319f75f09dad61c03a176ef620bec9b21c1e4856b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3117
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
952
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 20:43:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Aug 2022 04:22:04 GMT
main.js
s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/ Frame E0EA 		7 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7035f084318d48a7745b05a838a56053e707c047d740b3fce3b949d50838c50c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3117
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1162
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 20:43:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Aug 2022 04:22:04 GMT
js
www.googletagmanager.com/gtag/ Frame E0EA 		107 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-81923200-60
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3ddfb1d431311b32ba4e9721a8e868f084dcd13bc2b0c5f355fda4633509cf4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:01 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42018
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 25 Aug 2022 05:14:01 GMT
t1.png
s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/ Frame E0EA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/t1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc6ffe27572c86880cfd200acca522ed693ae64f8b51583875d7dc98e5c63cb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:22:05 GMT
x-content-type-options
nosniff
age
3116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1970
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 20:43:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Aug 2022 04:22:05 GMT
t2.png
s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/ Frame E0EA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/t2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7d1d4d32b461f194f9dc371c28e192ad0097cfc45a02949f581ec41ca074e03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:22:05 GMT
x-content-type-options
nosniff
age
3116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2238
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 20:43:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Aug 2022 04:22:05 GMT
t3.png
s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/ Frame E0EA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/t3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ff7ed7c185081c0dac9ffeba28bc5b893b6a9ee42a3fff17071325904713ba0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:22:05 GMT
x-content-type-options
nosniff
age
3116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1820
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 20:43:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Aug 2022 04:22:05 GMT
t4.png
s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/ Frame E0EA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/t4.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
053e00d59d56ad7064037a78baa37943054fdf1bcfcefcb48d2ad7931360a4df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:22:05 GMT
x-content-type-options
nosniff
age
3116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2080
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 20:43:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Aug 2022 04:22:05 GMT
t5.png
s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/ Frame E0EA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/t5.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b896bcf42ba10e6b547f4e866ab400de32270f8a9aa407e40a84bba4f171d50a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:22:05 GMT
x-content-type-options
nosniff
age
3116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1845
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 20:43:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Aug 2022 04:22:05 GMT
t6.png
s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/ Frame E0EA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/t6.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb6156e8febaaac222eb4c2b7188364f9418fc88babcee88b83bdeaa00f0aa69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:22:05 GMT
x-content-type-options
nosniff
age
3116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1849
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 20:43:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Aug 2022 04:22:05 GMT
t7.png
s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/ Frame E0EA 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/t7.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e69df4d9338c3871db5fa6ca473d2c57d5613f0b9aa741f64eea6bf9fb788929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:22:05 GMT
x-content-type-options
nosniff
age
3116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1414
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 20:43:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Aug 2022 04:22:05 GMT
b1.png
s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/ Frame E0EA 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/b1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
801144fb20e8673dc03c55237ce3b9c78d394270a81bb25b2e9158aa1ca7abea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:22:05 GMT
x-content-type-options
nosniff
age
3116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5895
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 20:43:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Aug 2022 04:22:05 GMT
t8.png
s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/ Frame E0EA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/t8.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7aeccb132cebb05a8f7ae1a1b3a01c709a66a2625188df9efa1320ce6be7da56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:22:05 GMT
x-content-type-options
nosniff
age
3116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1781
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 20:43:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Aug 2022 04:22:05 GMT
t9.png
s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/ Frame E0EA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/t9.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f07ed9b1f339264af577ed2c79bff5e1b64076fa43ea6e80b3d1cb0101abd81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:22:05 GMT
x-content-type-options
nosniff
age
3116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2058
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 20:43:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Aug 2022 04:22:05 GMT
t10.png
s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/ Frame E0EA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/t10.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
220d8dc241d5709f9d46d5ce5a9b8904fa84df3c35c7f9c56933106442f81d19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:22:05 GMT
x-content-type-options
nosniff
age
3116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1610
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 20:43:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Aug 2022 04:22:05 GMT
b2.png
s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/ Frame E0EA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/b2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8219d68614c67f9c3e85e94d7970976e4843220ee88ecdee23071968c6072b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:22:05 GMT
x-content-type-options
nosniff
age
3116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2285
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 20:43:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Aug 2022 04:22:05 GMT
disclaimer.png
s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/ Frame E0EA 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/disclaimer.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
234031a00bf67eb675a89fea0f3ca21a9acd1898c9ce98adfe70e8cf2baf6081
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:22:05 GMT
x-content-type-options
nosniff
age
3116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2993
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 20:43:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Aug 2022 04:22:05 GMT
img.jpg
s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/ Frame E0EA 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/img.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb785482e2da829fdd7f67ea48253b2eefbb10b599128ec497114386af1345ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:22:05 GMT
x-content-type-options
nosniff
age
3116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27102
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 20:43:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Aug 2022 04:22:05 GMT
hash.png
s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/ Frame E0EA 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/hash.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c627f457cc09ca115a28c56855debecc37b05df25a91dd845da5001010bd6e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/1864159/5087246830/1658176994923/2022_Banners_Unidos_300x250_HTML_spa_NEW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:22:05 GMT
x-content-type-options
nosniff
age
3116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1533
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 20:43:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Aug 2022 04:22:05 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4BB2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttDWzP6c6Zr5tAHeccVOk1bAxAYTQhgEuBVZkYl4KvkDE3cFCIRhgQjWM-GDGC507qdEjQJcsSUejDUkIsJN66S78NFweaLMtBX37mRiJphLBHapFOR9BWAh-552-7Hxpw1l-Ij4SbxrBBR8KMlZOODOFSRQIedDe7bWWYPv3uDSpXteD6gOtR_5JorDAXk-DI5JUzeZOJ_PGs8PeNlRznoyHcOg&sai=AMfl-YTzAm4w336tRH-Ji3OHCpp1p8KGesCvKwG68UyrwpaAwaCV2ERAcq22thzb2bOUA-1hp1igwuGcQVFVnnAaTlz4F3VEm8fihx3IHcaWwNBj5siuvoof2dhMI9s&sig=Cg0ArKJSzPQjwyPvDnszEAE&cid=CAASJORoQNWxl17Ol2rND_0Yr55f4JrhTHCobUna9aJyM7QTdZK-Xg&id=lidar2&mcvt=1038&p=773,892,1023,1192&mtos=1038,1038,1038,1038,1038&tos=1038,0,0,0,0&v=20220824&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2347996017&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661404438838&rpt=1391&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame CDE6 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 20:03:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
292211
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 21 Aug 2023 20:03:50 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 548E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081701&jk=1651489435537402&bg=!UFOlUxfNAAYUOm8VNDo7ACkAdvg8Wr0WuNHJgieyP4uumL8GJO00wcMiOPpal7qASLGLx80efgqaogIAAAKoUgAAAANoAQeZAvAuPEHunzGBT-u_7j8tqmm_GtcGY5vUIDcwb0Uwlc4laQd7Az7Xx8n_QcthqM098D0xZ0NVhqw6HRXCmwGo50IVpU9gIFhLTnK9TWiwfTBc6F_tn3pCibjmyRcx6-b-8eOGtt0r-X0c3z2HnNHF0uuiN-3rhtGmNPSMDqOJP8DUBwbcLgi30Dn8S7-iqfDP0__v9hz5muAa6KD5_UaX3m3nw0B3i_fhJxYCzpKtFVX2MK7lRWHmoOL7HseR-4Hht-EtLXOCb7d6IJMMbeB3PfBXFkGiobZ3X6ZBWdPcpPA6Mlg3QtJV8WGTlVqLTGFfLKxHZFZ8VBWsvO8126TetLcwvh15H8ykLgxmECs8h950jByvsMja31HF6MzMYdy8VTYJ1ubaSran0-JPs69RQcb1pHJDUUPcRfYoWMoA-3UswfrQ_Dn5-Wv_yBLEwdKX5nT9XD8A2bpFm788KyfqJBQrb2RXFDLSRLPfDESzvqE99Tzox4_-J8GwJzxOkuO2KYk-6mFXlOmfuqaP2kZFd26qY6JUqDqIKHN_PnPZl4EUDap23eijpURNKLXjdJ9CApdgABpTVRrGYO8ye-9onqcgv7uJTw5aLB_bP-ty2LRmJqRy-5poPDjSSl_PyafAyiBy8QJ8v49qNwRYpuMqpiA59hbHfHbFc7Iv0ib0fIlsuFPJSHykjhcStiNh_8BfYWr3Hjsc4tSXH8RDSjBGYUu4QkdZnAms_cQD-EIXyy0P4Se1qE6B0Zxda_erh_i_N-ohZt3SpBaWK2okRsREMg_AdI4cZpcy7o8oCq_2IEqPvHOhckcuvPxKZNRvt4Ek_dKbGIYigt8Xjpz6r7BMiinKE4dzv0bikkM2QKS8dKihTTiaE5Zdt0n7brci9y7z2naK5gryTd0D2a1u3Js7AGMxJrebkIMN93CKpx5ncmP0hZ5a1ukf5VL7wIj3UeZ3EMWX_r-_PTWbobUkcCvbHtv9ioLR_HvHPGOkp_Oq1aHXRg
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 5897 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081701&jk=3572886188714534&bg=!UFOlUxfNAAYUOm8VNDo7ACkAdvg8WjvSfnbfHOpZQxq1ple6Ut3zJMlOfRJmJ_KLPE0LhaGMwTiu0gIAAAJ7UgAAAAJoAQcKAB_5mUP5bvXZWHWQ6rWnE5F_m586_lXXfC-XvLbmKnu-mQMHZ0j2j2uc2zu2lTfcXcgNYAizzRbm2VKsnnnNu8eNlXEOb_hQuq0lri4-O4QN7FSG1QEDUQRJP7zkvGGYaq75WMT6Iatahkg4XQMaXaEl-UVm03MAPxccCr1RMeRx-GWA9tJ8TLdIZhntHIUrKvcgsmokvj1MHHTamm4itf_3SZLOXLSj8m5GR4oTY7xY3gQw5qmik4qSJTt_QgdHP5WP-wOtofjKSzm-kgaSl760kpYqtm3CEnJIhfHRuK6POUCK5cL9vbKdfiRUV1BaF6mqgRF8fKUw9twbpLCjUiWcdcLdrvCi3qwmiKSZCtLmk9DE1xGGZ-Qis542Fg5aR053_JDFaoYbt3iWG2ivLeq3f321-32g-iLJsfItdaUm5pxn13VG0lJky9OQSzjFVuISxbfFE6uUvBg2PE36D11w_hyVgX8N1juB2efg1XIh8zHMh56vZUyqEqLwZXBQHM9MXMB8qf8e4sJrdIMVut9JOfwHBDQ3-AfrsnhGS1R_ReG78KX4NOg9tlu84LF8XaYuCI85A1JWS0xbycdS3ZEkqrvIZUnVOl4RnslGjBrsdAXOytEbsmbSv6gaohmhxMQdSgmEif5ab5h_XPcoMB3xqLfrAWdStjuuYk-8kIsqF_5nDLX39dyFojc43OfTOeahRI0UHU0YSyHqDU7nMdezYSebOlJAv0oIc0egac-MjCDPVhd1CciOJrv-L6oNMmzaeZqBQCmcQy6kMiqnIDVTjZqcHoE_WmrlI96zewA2VbQbvvJNsu7b8X5-5uzN-vhrcCeTgCgifViqE8ooApj3QN1e5qyA7Yo9i6dDTyFnQO_3P743g-j6tH5fIBlMQcFoWHV4aL_OmcdFJBX8a3WGJ3UbjzdwPkS3YfMVmYopiFtjX50dX9TlZgTqr3jWjTRW6NvMg6a72YfeMDYeEPPZTSsjjBViDqOdzacR8kmLm2GmaLgLRWWXS9kqLfHEjiLoz8IvVsHz_Qgf9Ou8G9pAheCErTExk3cRmKlIf_5Shyo-h0cYFdEwFA
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
AdServerServlet
vid.pubmatic.com/AdServer/ Frame D158 		27 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1661404438606,,&us_privacy=&cb=1661404440926&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fglamour.globo.com%252Flifestyle%252Fnoticia%252F2019%252F12%252Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fglamour.globo.com%252Flifestyle%252Fnoticia%252F2019%252F12%252Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&vwndref=http%3A%2F%2Fsandramaria.online.anamarialopez.site%2F&vc=2&js=1&sec=1&kltstamp=2022-8-25%205:14:1&ranreq=0.8709396382028056&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1661404438606,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:01 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://glamour.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
analytics.js
www.google-analytics.com/ Frame E0EA 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-81923200-60
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1318
date
Thu, 25 Aug 2022 04:52:03 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 25 Aug 2022 06:52:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9151 		0
27 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4yt_GAUHY8uIN5WZzwWLlaWABQAAAAA4AeAEAg&bg=!KSqlKm7NAAYUOm8VNDo7ACkAdvg8WtT-8HsOpLfO2kan9CCmFgKYLmH8rz1fv1_ELdwXyDU-q0YTzgIAAAEXUgAAAAJoAQeZAz61ohKbqL25D_MNrgGdo_dG5SL3nB0T39Goy7iu5jrqVHew4IbVo_uxahB17_LQ1-_Iu1j5sXfqcLQRiBgCh3RqwnKaCnEJoiuY-Ow2CC1Ud4qYrXI3_DxJenbswEGuZED4HkbIQztdNW4SWznc7y_1aTtwMj7EkxYTgIbGH52Io_l_xIDadoJRuctFmHx618oxEa1Wg4IcwyfjM8WnttjHcyHaYbZU0MzBOVEaS885nliQGJZKtvFnLOQStIrzBqSQQo3wiHWiQP4tg9bDd_Dw03e2uytSadTqPbrSRra75awqUsIf3gzzRBOxMq3NDR0vfcKYihocnlTskEyeN-IT06btXwTLBz9D5iQOAPpueEhJvcYGnyQ5BqpCzGApEWlFIqG6cZihmZQ7LMj75An72e5ituX4AE2SP5qc3AbP1fmtR_XViYE8A8javgErKDmSZp1JcQU3f7PGzBqNCzEgTSIYq3C-S9fHWliJoQGVgPnUgSc36hD6iA4rJTiNWnR37NVsZp4FujSic0MGeax5C-1GHitW_-H_3j25Yyu623XP0mt7IBjl3T1t6pItvIF6rm55UBT8SOGB0uX-3nqJYjF08FhDQlFdrIb4-RhatqsOlplRScw3NpUvxyjDDq55xjF9Is83JWOTfOvaEpQLp1HIdToMaYSS-9DPQbLOP-YI_oWrZT8jL4XAKYMAQEJaa6aluCe7Qu4TYc_FcNcHjWCDpVNzOhVPUqTLuN497Ht7k4-LH-UAM2mRJAszPXTBdQjvEB8fNSTpd6oYx_wgwC2QeJ81uYuw-JLuC0d4bW0RQSL68iB5pY1WpLrGxO-C1j-zqyCFEuKuA8x9hBSuPol3PvDfY7G3zQ-TxCOrU8Mx-D-XXgjC_8TAupnWkOHcBe7QxSXnANc4wRXlL0okyjCdePFg7R-KbdeMeG82AzW9It-UV5cVph9YwVI9wUmeklTKFJk58dkCTP3gRAra84H8S9zQwzNfUE30SNLa7W5WimpMI4cgE6ROhgF-iKYYczKtcwy5RPTa8zXCTBeN2tJfgfNkcxQcHdbQKFpiBeslnaSRZFRnfkCxbBDtQgrNqQe13ISH-jwvHh-MCQ
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D7F7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuSOl0HSgJJ_PjmnHUcbxQqHKSUIIaNOCjm8Yjjbzl2Rlq8_Vi9-dzuv-JKRlfS_6-DxCsm2WYH2S-InIOl13z2eVv4xWOaknM9Fknhk3iOgInHSmRh3TgENZgYjPwV7fGntsiLGIdWqNRnvNcDbq3J3Qq2n-0L0gX6Pf8BQHXxN8BwvMXZ6rGcWc0bkVY_r1UllfmOwqNGEfTytIh1Tkz6Yh6A48njGb9D586XlownKtWBE80iXhRJ0_eRsQhP_GND-A1tuChBkcSU-HNWH69AAmfhHZuYy--tFA9CVIp0jRdjR684C9QzopEdU4iWyf0M6VsfjlE_m5kvAOn_CzvzAOUHoQBu5AMhtH56MjZ69ooLx1vohYYVijYRmOnWiDbH&sai=AMfl-YT-zNoVF1aGCo7OfeiqaNlyyjy_KYxHMrttBBpKrsie7RFLaGojhy_bebiTXnHbBydq3u6Pc-FrPQeJwD7I9g5O__I5C86C6RoOow&sig=Cg0ArKJSzPKDnfYhEIyJEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bb772c466fb6df497b37ef72aab4cbbb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 05:14:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 25 Aug 2022 05:14:01 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F062 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js?cb=31069129
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
4ed66ac2511025f8973c2fca284b5dd627a879a1890764214bc2cee5c8634ae7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 05:14:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11154
x-xss-protection
0
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fglamour.globo.com%2F&domain=glamour.globo.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=94oQbHx4OHJDRmd0VUdLTlczUGhhRFdzMks0aExmdTlRUm4vKzhONkF0Yll1TmxNb011MG9NdXdZQ1NCYy9nWmYyMUljUFZnN21RUFM5YTFlNm4vclI2dEY4WG0wdTlkTkVxUlIrOWhCTmFsL2xzaTFXQUp3YzR5dk4zWH...
411 B
666 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=94oQbHx4OHJDRmd0VUdLTlczUGhhRFdzMks0aExmdTlRUm4vKzhONkF0Yll1TmxNb011MG9NdXdZQ1NCYy9nWmYyMUljUFZnN21RUFM5YTFlNm4vclI2dEY4WG0wdTlkTkVxUlIrOWhCTmFsL2xzaTFXQUp3YzR5dk4zWHlsWFRVaG1GWmZiSTVSM3RwTkpicGV4NFcyUjhVWlRNQ2tnVnpQR3BYY0YvdDd5ZGRpMEw2NnpBcGxISHZCWUJoTEhsZ003ZGljTlRPeHdCSU9pcHFtSTJIblRobXpwejdCNGRhTVNVV2tlNHozM1pXY0NuZnVRUmNaR3MxSEtPdXo4ZnZjVUJQVFFQdmZYYklkYjJUUkRUdVg0SjdZdz09fA&cppv=2
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
c3d1dd4a5f7cbcfa9ae1fa38991095ea98ffb79d581230c72cfa7b0b7d94236e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:00 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3474
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:01 GMT
location
https://mug.criteo.com/sid?cpp=94oQbHx4OHJDRmd0VUdLTlczUGhhRFdzMks0aExmdTlRUm4vKzhONkF0Yll1TmxNb011MG9NdXdZQ1NCYy9nWmYyMUljUFZnN21RUFM5YTFlNm4vclI2dEY4WG0wdTlkTkVxUlIrOWhCTmFsL2xzaTFXQUp3YzR5dk4zWHlsWFRVaG1GWmZiSTVSM3RwTkpicGV4NFcyUjhVWlRNQ2tnVnpQR3BYY0YvdDd5ZGRpMEw2NnpBcGxISHZCWUJoTEhsZ003ZGljTlRPeHdCSU9pcHFtSTJIblRobXpwejdCNGRhTVNVV2tlNHozM1pXY0NuZnVRUmNaR3MxSEtPdXo4ZnZjVUJQVFFQdmZYYklkYjJUUkRUdVg0SjdZdz09fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1563
content-length
541
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fglamour.globo.com%2F&domain=glamour.globo.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://glamour.globo.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 25 Aug 2022 05:14:00 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1160
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 9395 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_glamour.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 25 Aug 2022 05:14:01 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
i
adrta.com/ Frame F062 		15 B
172 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adrta.com/i?cb=51071412&__aasv=22.101&__aaii=8138701677818892249&__aait=1661404440750&__aasi=10106362776995446703&__aast=1661404440456&__aavi=1690743683345693367&__aavt=1661404440456&__aavz=0&__aaib=0&__aaai=1&__aaaa=0&__aafl=0&__aaaf=1&__aaag=8&__aahd=%7B%22chrome%22%3A%22na%22%7D&__aarf=7&__aart=474&__aacd=1&__aaax=0&__aaay=0&__aasz=300x250&__aapf=1&__aaec=4&__aaup=2&__aaat=0&__aaae=0&__aaav=0&__aaas=486&__aaah=0&__aapc=0&__aaph=0&__aapw=0&__aap1=0&__aap2=0&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aawm=1&__aaho=1&__aacb=1661404438456&__aaxf=167.88.7.162%2C%2010.1.1.156&__aas21=2602%3Affc8%3A1%3A1%3A%3A4&__aas23=2602%3Affc8%3A1%3A1%3A%3A4%2C%2010.2.1.218&__aaci=ss&paid=ss&avid=110110&caid=2172825&publisherId=3050&kv5=&plid=6117171&segment=&kv4=167.88.7.162&kv14=&kv1=300x250&siteId=411664&kv7=64&kv15=UNKNOWN&kv16=&kv17=&kv18=&kv24=WEB&kv22=&kv11=63070516df1bfd3905d50040&kv3=&kv55=1.0,1!seedtag.com,5773-7780-01,1!smartadserver.com,3050,1!centro.net,64,1&kv27=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&kv2=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&__aapu=https%3A%2F%2Fconfig.seedtag.com%2Fstandard-iframe%2Findex.v1.html&__aapr=https%3A%2F%2Fglamour.globo.com&__aatu=https%3A%2F%2Fglamour.globo.com
Requested by
Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=22.100
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.70.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-70-231.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0832fd95ee636ce4ee93987e86eacc95ae8284fa5944919afb4c39913df029e0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:01 GMT
cache-control
no-cache
server
nginx
content-type
text/javascript;charset=ISO-8859-1
content-length
15
expires
Thu, 01 Jan 1970 00:00:00 GMT
ev
s.seedtag.com/e/ 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/e/ev
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.335008b7b27c404c8cd9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 25 Aug 2022 05:14:01 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F062 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js?cb=31069129
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 25 Aug 2022 05:14:01 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=94oQbHx4OHJDRmd0VUdLTlczUGhhRFdzMks0aExmdTlRUm4vKzhONkF0Yll1TmxNb011MG9NdXdZQ1NCYy9nWmYyMUljUFZnN21RUFM5YTFlNm4vclI2dEY4WG0wdTlkTkVxUlIrOWhCTmFsL2xzaTFXQUp3YzR5dk4zWHlsWFRVaG1GWmZiSTVSM3RwTkpicGV4NFcyUjhVWlRNQ2tnVnpQR3BYY0YvdDd5ZGRpMEw2NnpBcGxISHZCWUJoTEhsZ003ZGljTlRPeHdCSU9pcHFtSTJIblRobXpwejdCNGRhTVNVV2tlNHozM1pXY0NuZnVRUmNaR3MxSEtPdXo4ZnZjVUJQVFFQdmZYYklkYjJUUkRUdVg0SjdZdz09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 25 Aug 2022 05:14:00 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1205
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 99A4 		674 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=51676019&p=160925&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
06796d03b1ceb7829355d134d9951a554bd9ab1e5643c55520adca27c0f9fe2f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
674
content-type
text/html; charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame 9395 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ed05b379e16f99e991942612551f789ce3f82404bd8e0dfa0b0b16a5e800e9ca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:14:01 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 13:55:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36646
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9443
Expires
Thu, 25 Aug 2022 15:24:47 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 04D0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://config.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
47653
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 15:59:48 GMT
expires
Thu, 24 Aug 2023 15:59:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 80F0 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
594ad4616a52085f2aebaa7e5110b784fcaacf2dce9bb56e99203cbfafe6d713
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AsjnMXwjuCfw49Ias_6Llw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://config.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-AsjnMXwjuCfw49Ias_6Llw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 05:14:01 GMT
expires
Thu, 25 Aug 2022 05:14:01 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sync
visitor.omnitagjs.com/visitor/ Frame 69A6 		49 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=2fe1084ffe44c28350116ec0a0a1c2d1&name=PUBMATIC&visitor=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
49
content-type
image/gif
date
Thu, 25 Aug 2022 05:14:01 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-usa02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
/
io.narrative.io/ Frame 99A4
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4
  • https://io.narrative.io/?io.narrative.guid.v2=bb6cea50-2434-11ed-aa3b-121f5922b911&companyId=673&id=pubmatic_id:16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=bb6cea50-2434-11ed-aa3b-121f5922b911&companyId=673&id=pubmatic_id:16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
HTTP/1.1
Server
44.193.106.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-106-97.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:14:02 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=bb6cea50-2434-11ed-aa3b-121f5922b911&companyId=673&id=pubmatic_id:16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4
Date
Thu, 25 Aug 2022 05:14:01 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
qmap
sync.crwdcntrl.net/ Frame 99A4 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4&gdpr=0&gdpr_consent=
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.205.219.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-219-62.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:01 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.0.231
content-type
image/gif
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 99A4
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D35311a1f-8b8c-4ce6-925a-329ee2037a4d%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7412760816595641933&pt=35311a1f-8b8c-4ce6-925a-329ee2037a4d%2C
95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7412760816595641933&pt=35311a1f-8b8c-4ce6-925a-329ee2037a4d%2C
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:01 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:01 GMT
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
ab0f99e2-a94f-44db-8bcd-2587a1f87cad
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7412760816595641933&pt=35311a1f-8b8c-4ce6-925a-329ee2037a4d%2C
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame 99A4 		35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.69.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-69-179.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:01 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
track
aktrack.pubmatic.com/ Frame D158 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1661404442&wa=0&vadsId=-1&e=95&vc=2
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.209.184.201 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-184-201.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:01 GMT
content-length
0
content-type
text/html
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame 04D0 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 20:03:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
292211
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 21 Aug 2023 20:03:50 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 80F0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081701&jk=4303816873566318&rc=
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
i
vid-io-iad.springserve.com/vd/ Frame FC79 		0
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=df050ed5&ps_id=487310&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.8.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-8-172.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Thu, 25 Aug 2022 05:14:01 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
access-control-allow-methods
GET, OPTIONS
track
aktrack.pubmatic.com/ Frame FC79 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1661404440&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Requested by
Host: glamour.globo.com
URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.209.184.201 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-184-201.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:01 GMT
content-length
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081802&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
18312ad4c69f92fb93a9ddacc7146a80672607335fa266944d9fd9bd81a9b596
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 05:14:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11045
x-xss-protection
0
conversion.js
d.tailtarget.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/conversion.js
Requested by
Host: sandramaria.online.anamarialopez.site
URL: http://sandramaria.online.anamarialopez.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 14:08:54 GMT
content-encoding
gzip
age
54308
x-guploader-uploadid
ADPycdvTrVcRtvgxao6fniyw9nNmyb__d_pmKE5i2BEGGJz3hukkKUWv3TJLHZ4M-JD7CG_e4CEgOTaBH8SmO9Dl_iwrRlVjA-AP
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6114
last-modified
Tue, 26 Apr 2022 18:06:37 GMT
server
UploadServer
etag
"6401ed812dd323a208e9e4ed7c74bb08"
x-goog-hash
crc32c=dtMtPQ==, md5=ZAHtgS3TI6II6eTtfHS7CA==
content-language
en
x-goog-generation
1650996397146701
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
6114
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 25 Aug 2022 14:08:54 GMT
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 83E1 		342 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:14:02 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 08:10:45 GMT
ETag
"1653552645"
X-HW
1661404442.dop185.ch4.shc,1661404442.dop185.ch4.t,1661404442.cds264.ch4.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
117960
generate_204
tpc.googlesyndication.com/ Frame 04D0 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Fbflqw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:02 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
social
ch-trc-events.taboola.com/editoraglobo-glamour/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/editoraglobo-glamour/log/3/social?route=US:CH:V&tvi2=-2&lti=deflated&ri=72c92cd5dffa4003d5f7ce5b1e34088c&sd=v2_3ebb683cbadb525e5cf0062e32899e40_0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92_1661404434_1661404434_CLiG9CEQoP9JGLWhr5utMCABKAEw4QE4kaQOQLO5Dkif2tgDUO8FWABgAGiG-t_Hg6eW5IQBcAE&ui=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92&pi=/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&wi=8695623456658807949&pt=text&vi=1661404434613&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22player-div%22%2C%22nm%22%3A%22video%22%2C%22c%22%3A1%2C%22m%22%3A%22video%22%7D%2C%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml%22%2C%22rref%22%3A%22http%3A%2F%2Fsandramaria.online.anamarialopez.site%2F%22%2C%22sref%22%3A%22http%3A%2F%2Fsandramaria.online.anamarialopez.site%2F%22%2C%22hdl%22%3A%22Melhores%20do%20ano%3A%20os%20memes%20mais%20engra%C3%A7ados%20de%202019%22%2C%22sec%22%3A%22Lifestyle%22%2C%22aut%22%3A%5B%22Reda%C3%A7%C3%A3o%20Glamour%22%5D%2C%22img%22%3A%22https%3A%2F%2Fs2.glbimg.com%2F5RKybay3Hp0rg_rXAqhNaKBPUrw%3D%2F1200x%2Fsmart%2Ffilters%3Acover()%3Astrip_icc()%2Fi.s3.glbimg.com%2Fv1%2FAUTH_ba3db981e6d14e54bb84be31c923b00c%2Finternal_photos%2Fbs%2F2021%2FH%2Fv%2FUxuVO2S9OWQxqj8R4ciQ%2F2019-12-02-melhores-memes-de-2019-11.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=05%3A14%3A02.054&id=126&llvl=2&cv=20220824-5-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 25 Aug 2022 05:14:02 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
PugMaster
image6.pubmatic.com/AdServer/ Frame 8A67 		47 B
226 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=73834003&p=156423&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
47
content-type
text/html; charset=UTF-8
async_usersync
ib.adnxs.com/ Frame 1FD2 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=4009&pub_id=1986072&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=4009&pub_id=1986072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:02 GMT
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
ed66f317-adb8-4728-9941-71d4527297bf
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 25 Aug 2022 05:14:02 GMT
base.js
d.tailtarget.com/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/base.js
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 15:23:21 GMT
content-encoding
gzip
age
49841
x-guploader-uploadid
ADPycdu3t6t6Jskcr5g5se5OCsGIodjlQnTgimwD6A_mpxAG9iXTJt_pvJTa0zp3Lnm7hXZVVEVB8HSxGLBQ6bKgak2yAoXyFL-M
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8332
last-modified
Tue, 26 Apr 2022 18:06:37 GMT
server
UploadServer
etag
"c39408c14b5169b6ec7d5cc816d58e43"
x-goog-hash
crc32c=+qpsKQ==, md5=w5QIwUtRabbsfVzIFtWOQw==
content-language
en
x-goog-generation
1650996397055202
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
8332
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 25 Aug 2022 15:23:21 GMT
match
events-ssc.33across.com/ Frame 840C 		68 B
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
date
Thu, 25 Aug 2022 05:14:02 GMT
via
1.1 google
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 294D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
47654
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 15:59:48 GMT
expires
Thu, 24 Aug 2023 15:59:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 81D6 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
20e773157ee0a83bbd90abc6f471291abf9cd594365c7f302066dedb1420168c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WgitQC_2Ta1N5r5y9-DG1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-WgitQC_2Ta1N5r5y9-DG1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 05:14:02 GMT
expires
Thu, 25 Aug 2022 05:14:02 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
p
sb.scorecardresearch.com/ 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=260856&ns_st_ec=1&ns_st_cn=1&ns_st_ev=end&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1661404442
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-90.jfk51.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:02 GMT
via
1.1 d3ab4cd494305c2d222c92f599e3c7c6.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
content-length
43
x-amz-cf-id
_cCjKZpq70GTO-9jUd4LpS97nXEJ7VUiBe1zPwN0WG8SVrOuqRMQfA==
x-cache
Miss from cloudfront
content-type
image/gif
u
b.t.tailtarget.com/ 		75 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/u?env=_ttq_tt_seedtag
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
58393c06d66571c2f17cf94e5c8837b6ea1ef7ed64d57eeb462415bb24465f0d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:02 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
cache-control
private, proxy-revalidate
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t
t.lkqd.net/ Frame FC9A 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Thu, 25 Aug 2022 05:14:02 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 25 Aug 2022 05:14:02 GMT
server
nginx
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 83E1 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1661404442257
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:14:02 GMT
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1661404442.dop231.ch4.shc,1661404442.dop231.ch4.t,1661404442.cds212.ch4.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
auto-user-sync
ads.stickyadstv.com/ Frame 83E1 		0
0
user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=null%26userId%3D$UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=null&userId=7412760816595641933
  • https://usersync.octillion.tv/fw?gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1554userId=cd078586-9b7a-4fab-9889-34e181b61ebd
43 B
558 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1554userId=cd078586-9b7a-4fab-9889-34e181b61ebd
Protocol
HTTP/1.1
Server
63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:02 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1661404442675040-256

Redirect headers

date
Thu, 25 Aug 2022 00:07:43 GMT
via
1.1 2ead2a81ff8cd9f180f8ec7fa0607b6e.cloudfront.net (CloudFront)
server
CloudFront
age
18379
x-cache
Hit from cloudfront
location
https://ads.stickyadstv.com/user-registering?dataProviderId=1554userId=cd078586-9b7a-4fab-9889-34e181b61ebd
x-amz-cf-pop
EWR53-C1
content-length
0
x-amz-cf-id
bWKI0-WcTDILF4KQAYAh9097DtIS5nmr-pkwhRStix7OFpOzI1QTPQ==
/
ads.stickyadstv.com/additional-scripts/ Frame 83E1 		301 B
816 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:02 GMT
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1661404442351053-146
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 83E1 		67 B
680 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&schain=1.0%2C1!vidoomy.com%2C61323%2C1%2C45195613461042953341181753840%2C%2C&vav=bf89171cb1d5a9ae512f3402d1e8de60&vaviv=9977465bcc1da79c24065dd5a2f7dc50&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:02 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1661404442362084-134
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame 294D 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 20:03:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
292212
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 21 Aug 2023 20:03:50 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 81D6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081802&jk=3466766554428734&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
user-matching
ads.stickyadstv.com/ Frame 83E1 		0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZmU1NGNjMjVjMjVkMzY5ODNhZGJkY2ZhN2YxZTVkZg==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZmU1NGNjMjVjMjVkMzY5ODNhZGJkY2ZhN2YxZTVkZg==&gdpr=0&gdpr_consent=
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:02 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZmU1NGNjMjVjMjVkMzY5ODNhZGJkY2ZhN2YxZTVkZg==&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1661404442449002-174
user-matching
ads.stickyadstv.com/ Frame 83E1 		0
0
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=fe54cc25c25d36983adbdcfa7f1e5df&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=fe54cc25c25d36983adbdcfa7f1e5df&ex=freewheel.tv&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:02 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
YX87EYGAASHJQN942RRJ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:02 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=fe54cc25c25d36983adbdcfa7f1e5df&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1661404442474090-308
b
b.t.tailtarget.com/ 		149 B
147 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/b?tA=TT-12765-5&tY=1&tS=1&tU=0100007F1A050763CE06391E02D2841C&tX=b.52&tZ=755646891&env=_ttq_tt_seedtag
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
492b37a11e1f789e32359e7f29e6ab41080e3f1ad5da6ab100d4f0e07e1fb86f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:02 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
generate_204
tpc.googlesyndication.com/ Frame 294D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?5UdkOA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:02 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame F062 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081701&jk=4303816873566318&bg=!w8ClwITNAAYUOm8VNDo7ACkAdvg8WjMldDz6KC6cPHhhJ6W6I53RqGevd_kKweyKYMpdSvQLDCqHBQIAAADFUgAAAAJoAQeZAwDClWDxWfFZ2qSCXEf3zSKJjz6A3WQ5X4pZI_haUOLGMvswe0Im0_EkiQp539RFG0kFbpDXNkXTGW-JJjUCZb86Irt2-SiKFYg_iNhPuWBEUqFyPM9iJpMMFU7Ttkuk7Mbvx8hSGZaF5gR8Pbi5LU0cP0Imu6O3K_bcGfbnxc9O_5gOmAFzORF0MW499hFEyUBIJqYxzFh3PVorw1ao74VmoNh7gaOMWdElbeQlVbiw7iiXdxaUUBrP0abHZCeViXHEfyycaGAhltiFDkBRcdVaA6YgRWAvm6OY3LiXJNX3FHw-lGIOelrSFhudm-POAwquaOJidlCSE8NQjo2eS36O5DQ0nUz5qdDQRj8hc1-z_hRRKsjeiIKK2Xpz7tMxOMBjxPKUezbq5Ncppp1cbgFtOfxtiZ9HBAUBRlqtS2_r9eFTAuKHIHCPMqTUAxZWbkm6zqHZociqONpjEX6ta4OQCA9aIPmvw48qClvr2IBsA65eCaGPCwaoCsUvAGYtXbDvxJ12-5nOI9uhT7LrUg2CYBc3gFxhxobi8aX5M9NIKoKUd8Oon4UH2gvRhIiybKgbgZWHi-kg3Ywcpa8ShbGlm_8txEXPtxfbnQO5UkTjssERHbjdn6XMDGaM_aRBLt7SCJ5G9oElG4eYBmr_O2842isdg6i3ncQcM5ruqf_cb04hhXhv5lql6RUHyAdsh_Zzfe70FXWwBB5bjxbB6hMjoVVOk3ASrtzQtLgVqkCDKxH5Fwx602ATi_t0xpujcmpCUbiPBpA052w2YBPXABgj4DzfdQhcC0v15vhj8G9hjSM_gy9AIqZCW0WtOU_vj3wtSunn8s74RvPQwSGeVmmFvKrAc6BfnkMLa1AP8JljYWYJTtFuzw8km1bZusD0cRyWJ_cGoO2Izu7PTOor7bcmroYpdqd73JPHzl4xb94oyh09CF7j_2Hykw5YngxUSJ9snlJ85zZiMITr9IPqQOVG8VCFsDPXxJVYN0GoV5emxSByJ9I7pDW1L62vJPp5iYw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://config.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
ca
tt-12765-5.seg.t.tailtarget.com/ 		82 B
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt-12765-5.seg.t.tailtarget.com/ca?tZ=333744800&env=_ttq_tt_seedtag
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
165b8685a31673ca432935c081b8e555b1e42d79c0c177de424d76eb8d50c044

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:02 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vpaid_6d8da985.js
vpaid.springserve.com/production/ Frame DD00 		506 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_6d8da985.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:400:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e8003ad291ba3bd8691f5b0754b18daa4f89147dd3f27f204c651cd8d5fbf8f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 06:17:45 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 16:39:44 GMT
server
AmazonS3
age
255378
etag
W/"9026fbc1fc8aafffe9b6d2458d235a3a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 71963481e8787829babadbbb735376ee.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
9YooyLg1X2K5uNfW2pmsLykVtaxbjKaZuqdx5kSKhuMfXZQ0Cs5KHg==
t
t.lkqd.net/ Frame FC9A 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Thu, 25 Aug 2022 05:14:02 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 25 Aug 2022 05:14:02 GMT
server
nginx
__tt.gif
t.tailtarget.com/ 		43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.tailtarget.com/__tt.gif?tA=TT-12765-5&tE=0&tF=&tI=_chicago_illinois_us_1661404442543_2807564194&tJ=&tU=0100007F1A050763CE06391E02D2841C&tX=b.52&tY=1&tZ=438212143
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:02 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, private, proxy-revalidate
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame DD00 		981 B
853 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1661404438606,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.132.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-212.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
46c73f7c5fe118297b0735a4274d8093e48c7cfea6a41cee655a25dfd354acf7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:02 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
607
expires
Thu, 25 Aug 2022 05:14:02 GMT
prebid
ib.adnxs.com/ut/v3/ Frame DD00 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
cc9ec6644a6ccb4a6a3204d91b8203b72bfbecb521bcb4b3084dc77dc9f6e755
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:02 GMT
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
4d091154-a116-4f13-8de5-445df6dbb769
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 4F33 		158 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1661404438606,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.132.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-212.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
081d455bd5ad34e6a70e34cf5222173a504db11c69cff556b99a87f328b06931

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:02 GMT
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 05:53:15 GMT
server
Apache
etag
"277a7-5e42219c4aaee-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38049
csync
sync.spotim.market/ Frame B97A 		0
400 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=448580&extuid=16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
0
Date
Thu, 25 Aug 2022 05:14:02 GMT
Etag
26228ea582814d32
Server
Adtelligent
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5B4B 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1661404438606,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.132.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-212.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=18340
content-encoding
gzip
content-length
13946
content-type
text/html
date
Thu, 25 Aug 2022 05:14:02 GMT
expires
Thu, 25 Aug 2022 10:19:42 GMT
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 4F33 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1661404438606,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.132.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-212.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:02 GMT
content-encoding
gzip
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=18340
accept-ranges
bytes
content-type
text/html
content-length
13946
expires
Thu, 25 Aug 2022 10:19:42 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081802&jk=3466766554428734&bg=!pqWlpeHNAAYUOm8VNDo7ACkAdvg8WkfB6wXS60XUd2PAieM77LflYbmifebWAzJ7dvPbHFOPGbLZcQIAAAB8UgAAAANoAQcKAKWmYxZoSzWNed7S3AO-HecCzFKILyG_ibWKfa2LoKq1jW5tBq1lrlM5jMfMg4pUOWIZu3LRDhyycnw0gy40-XYyFeQK-nvkM0JQV4PP1gPq_mHLazzzv6oTrmFirL7QBV0An_IdjJOSKWZP5IaODvowS0w4_aAZdj9LtWzidcIEMb0CYsHaR4gjyvazsv45U1wriTEAEtMV0hhImIuRBDOSP-jdWJiZAs_8s89D_XYufEsRhpsYONACzrAr4oxZayB9YcfFjehmvcBjZ5-r4AmAQ5ywdweyfbwVnpDub6lUQlVsXgPiD92XgOQ0LbM4D_Xa57SUDss54B3MaDAxd2FOUiRRMb00jKIVZmRVTi-N_suReyNX8CfLrxYmSZq2-V2mWSaQi5bUR-C1GEZYV6vMIU1NRSHkxCFAj-7eRE-yZoqkXn4VfDipUXW1G0m78agaN-JkctH63SIgCKtQ-Xyxc4QXnrQ7csJaPn9RX2yAQKW7LYo6Zc5tK7GuRlWpdbYfs6j1skVHAepk8s0AfHJ4PqFZJhemn_uIEwN3Bf6HRuh-5FGmXhpQM5QCxHnz6FCoU6icgI-yYamijQql45VVd3Cma9GtYxY5E5xufBG4DIdy2SF_z8P1lxXBqwkNLo4S-GqJ6-65ocKnUhglq4z-cB_EcQsl77mY-AzulrJrDBu1SbjHvezZ07LM5o3CAHv2MzvAQx3ksDEyyXb5xssNoHmK9kS4V_93Pu3cdROC5A6l4y4cN9RjuKuK1Blafm-fQSf1dMjxvbd14ah-6oZ6qc4_zMwDuKI1ybtK3pQ3Vxx_DnUv463OoOSrepVDWpwH5pA1R-Vpb2DfJBtKCjNZtTIEWiziVpmMRABZsAfsUSohOoFwSsF5uxdA2ECJiJA__WtwwgCY9rKhnsbc-l684p3WpbFo9ivVEfBlhfLe989UVYMhacWrPVr4r-d-q0sSXqD6hJoRMOt_cydoHuO-n2MslWQ9FusXgyTKwKbiR1CsM-mfTgwl5S_ToybINuPM5gAnGKr2P1sq7KRinvfUmDF-jk72jQo45BmL1mctS7Bmyf21XOmPUNcHQUrF9A0pDLlcnTY5ea-czq0zL49eIcvStVn1GL4Ju-4e-jnnxVtMEq-HqrxCbr9t2lRvd8kNsP_vyWG_qv_Ssj-rdeWqZ6Nwwej0vg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 4F33 		27 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1661404438606,,&us_privacy=&cb=1661404442947&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fglamour.globo.com%252Flifestyle%252Fnoticia%252F2019%252F12%252Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fglamour.globo.com%252Flifestyle%252Fnoticia%252F2019%252F12%252Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&vwndref=http%3A%2F%2Fsandramaria.online.anamarialopez.site%2F&vc=2&js=1&sec=1&kltstamp=2022-8-25%205:14:3&ranreq=0.04950697704879259&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1661404438606,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:03 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://glamour.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
track
aktrack.pubmatic.com/ Frame 4F33 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1661404444&wa=0&vadsId=-1&e=95&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.209.184.201 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-184-201.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:03 GMT
content-length
0
content-type
text/html
i
vid-io-iad.springserve.com/vd/ Frame DD00 		0
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=2662e5aa&ps_id=357265&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.8.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-8-172.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Thu, 25 Aug 2022 05:14:03 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
access-control-allow-methods
GET, OPTIONS
track
aktrack.pubmatic.com/ Frame DD00 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1661404442&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.209.184.201 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-184-201.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:03 GMT
content-length
0
content-type
text/html
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 132D 		342 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:14:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 08:10:45 GMT
ETag
"1653552645"
X-HW
1661404443.dop076.ch4.shc,1661404443.dop076.ch4.t,1661404443.cds264.ch4.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
117960
SPug
simage4.pubmatic.com/AdServer/ Frame 99A4 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160925&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:36:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
t
t.lkqd.net/ Frame FC9A 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Thu, 25 Aug 2022 05:14:03 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 25 Aug 2022 05:14:03 GMT
server
nginx
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 132D 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1661404443874
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:14:03 GMT
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1661404443.dop096.ch4.shc,1661404443.dop096.ch4.t,1661404443.cds212.ch4.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
auto-user-sync
ads.stickyadstv.com/ Frame 132D 		0
0
user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://usersync.octillion.tv/fw?gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1554userId=cd078586-9b7a-4fab-9889-34e181b61ebd
43 B
558 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1554userId=cd078586-9b7a-4fab-9889-34e181b61ebd
Protocol
HTTP/1.1
Server
63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:04 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1661404444072014-296

Redirect headers

date
Thu, 25 Aug 2022 00:07:43 GMT
via
1.1 2ead2a81ff8cd9f180f8ec7fa0607b6e.cloudfront.net (CloudFront)
server
CloudFront
age
18380
x-cache
Hit from cloudfront
location
https://ads.stickyadstv.com/user-registering?dataProviderId=1554userId=cd078586-9b7a-4fab-9889-34e181b61ebd
x-amz-cf-pop
EWR53-C1
content-length
0
x-amz-cf-id
-fX-fBQ5tQteSymriGtxyBIuVdBzBJeGqgXjRgW8Hcck2egZYhAbyQ==
/
ads.stickyadstv.com/additional-scripts/ Frame 132D 		301 B
816 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:03 GMT
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1661404443924026-145
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 132D 		67 B
680 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&schain=1.0%2C1!vidoomy.com%2C61323%2C1%2C45195613461042953341677298472%2C%2C&vav=45c312c45e80db46f80a050da61fb0ca&vaviv=03d9f38913dce1624f24bd8b269210de&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:04 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1661404443978003-300
user-matching
ads.stickyadstv.com/ Frame 132D 		0
0
user-matching
ads.stickyadstv.com/ Frame 132D 		0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZmU1NGNjMjVjMjVkMzY5ODNhZGJkY2ZhN2YxZTVkZg==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZmU1NGNjMjVjMjVkMzY5ODNhZGJkY2ZhN2YxZTVkZg==&gdpr=0&gdpr_consent=
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:04 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZmU1NGNjMjVjMjVkMzY5ODNhZGJkY2ZhN2YxZTVkZg==&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1661404444011059-177
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=fe54cc25c25d36983adbdcfa7f1e5df&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=fe54cc25c25d36983adbdcfa7f1e5df&ex=freewheel.tv&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:04 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BDRQ6XP22JVTXZYH80V8
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:04 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=fe54cc25c25d36983adbdcfa7f1e5df&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1661404444059041-316
vpaid_6d8da985.js
vpaid.springserve.com/production/ Frame 1030 		506 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_6d8da985.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:400:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e8003ad291ba3bd8691f5b0754b18daa4f89147dd3f27f204c651cd8d5fbf8f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 06:17:45 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 16:39:44 GMT
server
AmazonS3
age
255380
etag
W/"9026fbc1fc8aafffe9b6d2458d235a3a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 71963481e8787829babadbbb735376ee.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
K7_tVWsazeoiSShDPUNsX1_JP3hsE4f38DIYemuUJB-77PuXGN_ELA==
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 1030 		981 B
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1661404438606,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.132.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-212.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bfc48055faccbdb1ca361e7b07c4f0ba6b36f9a28c04991afd4bee391fcfeaf3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:04 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
606
expires
Thu, 25 Aug 2022 05:14:04 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 1030 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b4f08ca416b77da721f5941ccee6154534722c920f073c2262560811337ed0f6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:04 GMT
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
5215aa69-4ab7-4866-ae40-e9a9f247237e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
t
t.lkqd.net/ Frame FC9A 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Thu, 25 Aug 2022 05:14:04 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 25 Aug 2022 05:14:04 GMT
server
nginx
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 7173 		158 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1661404438606,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.132.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-212.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
081d455bd5ad34e6a70e34cf5222173a504db11c69cff556b99a87f328b06931

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:04 GMT
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 05:53:15 GMT
server
Apache
etag
"277a7-5e42219c4aaee-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38049
showad.js
ads.pubmatic.com/AdServer/js/ Frame 79A4 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1661404438606,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.132.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-212.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=18338
content-encoding
gzip
content-length
13946
content-type
text/html
date
Thu, 25 Aug 2022 05:14:04 GMT
expires
Thu, 25 Aug 2022 10:19:42 GMT
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7173 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1661404438606,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.132.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-212.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:04 GMT
content-encoding
gzip
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=18338
accept-ranges
bytes
content-type
text/html
content-length
13946
expires
Thu, 25 Aug 2022 10:19:42 GMT
glamour
horizon-track.globo.com/event/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://horizon-track.globo.com/event/glamour
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/1aa2241f8aedf804f59cfeb4a5846422.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.211.79.33 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
33.79.211.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryRM6AV25TMTGUDjjv

Response headers
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 7173 		27 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1661404438606,,&us_privacy=&cb=1661404444299&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fglamour.globo.com%252Flifestyle%252Fnoticia%252F2019%252F12%252Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fglamour.globo.com%252Flifestyle%252Fnoticia%252F2019%252F12%252Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&vwndref=http%3A%2F%2Fsandramaria.online.anamarialopez.site%2F&vc=2&js=1&sec=1&kltstamp=2022-8-25%205:14:4&ranreq=0.10719562063771493&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0,1!vidoomy.com,61323,1,1661404438606,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:04 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://glamour.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
track
aktrack.pubmatic.com/ Frame 7173 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1661404445&wa=0&vadsId=-1&e=95&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.209.184.201 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-184-201.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:05 GMT
content-length
0
content-type
text/html
i
vid-io-iad.springserve.com/vd/ Frame 1030 		0
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=fdafe490&ps_id=357265&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.8.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-8-172.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Thu, 25 Aug 2022 05:14:05 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
access-control-allow-methods
GET, OPTIONS
track
aktrack.pubmatic.com/ Frame 1030 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1661404444&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.209.184.201 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-184-201.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:05 GMT
content-length
0
content-type
text/html
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 25 Aug 2022 05:14:05 GMT
server
nginx
t
t.lkqd.net/ Frame FC9A 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Thu, 25 Aug 2022 05:14:05 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
ad
v.lkqd.net/ Frame 1061 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1142899&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fglamour.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C61323%2C1%2C&c5=&c6=61323&rnd=6980455&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a5cd5eef4caf0d44a6ecbaaea0dfc5361ea5396e8181bedad9c3b07376e3f65c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:05 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1401
vpaid.js
ad.lkqd.net/vpaid/ Frame 1982 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:05 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1661404445.cds261.ch4.hn,1661404445.cds058.ch4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
usync.html
ad.lkqd.net/cookie-sync/ Frame CC80 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Thu, 25 Aug 2022 05:14:05 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1661404445.cds261.ch4.hn,1661404445.cds008.ch4.c
ad
v.lkqd.net/ Frame 1982 		90 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1142899&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fglamour.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C61323%2C1%2C&c5=&c6=61323&rnd=6980455&m=&rtv=1&thost=glamour.globo.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
c7895efe970f056547399fbbb74be266cde9adf1231b14c2a9db027cf74d0e43

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 25 Aug 2022 05:14:05 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
6189
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1142899&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fglamour.globo.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C61323%2C1%2C&c5=&c6=61323&rnd=6980455&m=&rtv=1&thost=glamour.globo.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Thu, 25 Aug 2022 05:14:05 GMT
server
nginx
245558
search.spotxchange.com/vast/2.0/ Frame E2E8 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/245558?VPAID=JS&content_page_url=http%3A%2F%2Fglamour.globo.com%2F&cb=1464888438&player_width=400&player_height=225&regs[gdpr]=0&device[geo][lat]=41.8879&device[geo][lon]=-88.1995&schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C9666681421989333300081602300%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.35.249.143 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
/
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:05 GMT
x-spotx-timing-transform
0.001301
x-spotx-timing-spotmarket
0.009092
x-spotx-timing-page-require
0.000349
x-fe
164
x-spotx-timing-page-misc
0.005944
x-spotx-timing-page-cookie
0.000022
x-spotx-timing-page
0.017376
pragma
no-cache
x-spotx-timing-page-context
0.000409
last-modified
Thu, 25 Aug 2022 05:14:05 GMT
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
x-spotx-timing-spotmarket-primary
0.009092
access-control-allow-methods
POST, GET, PATCH, DELETE, OPTIONS
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
x-spotx-timing-page-exception
0.000001
x-spotx-timing-spotmarket-secondary
0.000000
x-spotx-timing-page-uri
0.000012
x-spotx-timing-page-mux
0.000247
access-control-allow-headers
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
245554
search.spotxchange.com/vast/2.0/ Frame E2E8 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/245554?VPAID=JS&content_page_url=http%3A%2F%2Fglamour.globo.com%2F&cb=1066119452&player_width=400&player_height=225&regs[gdpr]=0&device[geo][lat]=41.8879&device[geo][lon]=-88.1995&schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C4620558041989333300081602300%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.35.249.143 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
/
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:05 GMT
x-spotx-timing-transform
0.000248
x-spotx-timing-spotmarket
0.003707
x-spotx-timing-page-require
0.000300
x-fe
046
x-spotx-timing-page-misc
0.003211
x-spotx-timing-page-cookie
0.000020
x-spotx-timing-page
0.007971
pragma
no-cache
x-spotx-timing-page-context
0.000281
last-modified
Thu, 25 Aug 2022 05:14:05 GMT
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
x-spotx-timing-spotmarket-primary
0.003707
access-control-allow-methods
POST, GET, PATCH, DELETE, OPTIONS
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
x-spotx-timing-page-exception
0.000001
x-spotx-timing-spotmarket-secondary
0.000000
x-spotx-timing-page-uri
0.000006
x-spotx-timing-page-mux
0.000197
access-control-allow-headers
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame E2E8 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C12968688391989333300081602300,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
c2cd094ba79101b5fac388eef14fc283f1a8c67ce8abb26b4ba4fdfdabf36a5a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:05 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1661404445918033-317
/
x.vindicosuite.com/ Frame E2E8 		65 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.vindicosuite.com/?l=560976&t=x&rnd=1183789066&u=http%3A%2F%2Fglamour.globo.com%2F&r=http%3A%2F%2Fglamour.globo.com%2F&ip=167.88.7.162&mediaduration=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.236.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
204.236.186.35.bc.googleusercontent.com
Software
23bedf3be08dfe44fdd8a269043fb77218e182a5c5c86c11a38548e544aeab08 /
Resource Hash
5f91da25c24e6fb0fc2f6b18964b6bb696253b1d13fa9fa32ca8d27f60ec9fee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:05 GMT
via
1.1 google
server
23bedf3be08dfe44fdd8a269043fb77218e182a5c5c86c11a38548e544aeab08
p3p
CP="NOI DSP COR DEVa TAIa OUR BUS UNI NAV"
access-control-allow-origin
https://glamour.globo.com
cache-control
no-store,no-cache,must-revalidate,post-check=0,pre-check=0
access-control-allow-credentials
true
content-type
text/xml;charset=ISO-8859-1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Dec 1994 16:00:00 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame E2E8 		1009 B
867 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=http%3A%2F%2Fglamour.globo.com%2F&schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C7653609811989333300081602300%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.132.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-212.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d681e1f0663b5856aa70a3520b31fe6defdd755980cdfb3bd4e6e7923a7172e5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:05 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://glamour.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
622
expires
Thu, 25 Aug 2022 05:14:05 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame E2E8 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C198933330008160230083800280%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
9150b803e739c0b86ec5aca82dfd9d1275769b6288c57e16ed203919a4a18ad5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:06 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1661404446049031-304
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame E2E8 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C1989333300081602300883573661%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
50712b530faf8a00dba0c5576f668fcd96630784caca25eff2692ef6fe15a035

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:05 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1661404445918063-317
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame E2E8 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C19893333000816023001545371389%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
48b658acf6fe70605cd96707476eb2925202a50eb6ec2d02391f337cc09d019e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:05 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1661404445926063-257
vast.xml
video-ads.rubiconproject.com/video/24386/416676/2350390/203/ Frame E2E8 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/24386/416676/2350390/203/vast.xml?&p_aso.video.api=2&adtype=video&p_aso.video.maxduration=120&p_aso.video.protocols=5&rp_schain=1.0%2C1%21vidoomy.com%2C61323%2C1%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.3.125.24 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-125-24.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash
0520f9436ff654fccdd9d3c04c3393205ba92ff4c424dc694002163611e4a251

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:05 GMT
Content-Encoding
gzip
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By
PHP/5.4.16
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/xml
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
943
Expires
Thu, 25 Aug 2022 05:14:05 GMT
t
t.lkqd.net/ Frame DA29 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Thu, 25 Aug 2022 05:14:06 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 25 Aug 2022 05:14:05 GMT
server
nginx
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 25 Aug 2022 05:14:06 GMT
server
nginx
t
t.lkqd.net/ Frame DA29 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Thu, 25 Aug 2022 05:14:06 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
truncated
/ Frame 1982 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/gif
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame D866 		342 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:14:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 08:10:45 GMT
ETag
"1653552645"
X-HW
1661404446.dop194.ch4.shc,1661404446.dop194.ch4.t,1661404446.cds264.ch4.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
117960
t
t.lkqd.net/ Frame DA29 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://glamour.globo.com
date
Thu, 25 Aug 2022 05:14:06 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 25 Aug 2022 05:14:06 GMT
server
nginx
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame D866 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1661404446328
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:14:06 GMT
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1661404443.dop096.ch4.shc,1661404443.dop096.ch4.t,1661404446.cds212.ch4.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://usersync.octillion.tv/fw?gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1554userId=cd078586-9b7a-4fab-9889-34e181b61ebd
43 B
558 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1554userId=cd078586-9b7a-4fab-9889-34e181b61ebd
Protocol
HTTP/1.1
Server
63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:06 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1661404446465054-277

Redirect headers

date
Thu, 25 Aug 2022 00:07:43 GMT
via
1.1 2ead2a81ff8cd9f180f8ec7fa0607b6e.cloudfront.net (CloudFront)
server
CloudFront
age
18383
x-cache
Hit from cloudfront
location
https://ads.stickyadstv.com/user-registering?dataProviderId=1554userId=cd078586-9b7a-4fab-9889-34e181b61ebd
x-amz-cf-pop
EWR53-C1
content-length
0
x-amz-cf-id
9p2h9IQQNIX3SIasKGZLcqEQ3X5MDH9rQ6qqcWZWJK5qzngG3eY28w==
/
ads.stickyadstv.com/additional-scripts/ Frame D866 		301 B
816 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:06 GMT
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1661404446382030-283
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame D866 		10 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&schain=1.0%2C1!vidoomy.com%2C61323%2C1%2C12968688391989333300081602300%2C%2C&vav=a718c1a1dd9a61b31851da1bb56fd679&vaviv=78483097bd96ed2ca97c807aa4a9f529&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
ba185eccb6b33851fccd9c4ea1c82650a9846e9a65d9950408869de9e52410a9

Request headers

Accept
application/xml, text/xml
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:06 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://glamour.globo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1661404446391027-173
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZmU1NGNjMjVjMjVkMzY5ODNhZGJkY2ZhN2YxZTVkZg==&gdpr=0&gdpr_consent=
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZmU1NGNjMjVjMjVkMzY5ODNhZGJkY2ZhN2YxZTVkZg==&gdpr=0&gdpr_consent=
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:06 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZmU1NGNjMjVjMjVkMzY5ODNhZGJkY2ZhN2YxZTVkZg==&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1661404446409094-281
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=fe54cc25c25d36983adbdcfa7f1e5df&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=fe54cc25c25d36983adbdcfa7f1e5df&ex=freewheel.tv&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:06 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
MRKS0VP3MF76P47F6MC4
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:06 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=fe54cc25c25d36983adbdcfa7f1e5df&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1661404446453006-250
vast
vast.adsafeprotected.com/ Frame D866 		34 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vast.adsafeprotected.com/vast?anId=923116&advId=ap9ihth&campId=50ywu04&chanId=elh9o4z&placementId=pz46u3nc&pubId=b0a2ucv&bidurl=glamour.globo.com&impId=277d3fab-132b-4958-a7b7-39b24d06c88f&planId=freewheel&adsafe_par&originalVast=https://insight.adsrvr.org/enduser/vast/?t=1&iid=277d3fab-132b-4958-a7b7-39b24d06c88f&crid=pz46u3nc&wp=22.0000&aid=1&wpc=USD&sfe=153e851e&puid=fe54cc25c25d36983adbdcfa7f1e5df&tdid=f392b494-04f1-4190-8b81-965c828ca97a&pid=2sl3z2r&ag=elh9o4z&adv=ap9ihth&sig=1NDFTezijrQjuvtFXg8UxS0nz7_Jt8OT7FcevDneJpU4.&bp=22&cf=3657910&fq=0&td_s=glamour.globo.com&rcats=y29&mcat=&mste=&mfld=4&mssi=&mfsi=&uhow=96&agsa=&rgz=60185&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=872257&did=VID-RAQ-00160&rcxt=Other&lat=41.887900&lon=-88.199500&tmpc=18.95&daid=&vp=0&osi=&osv=&sft=2&bx=120&bv=1&vvp=&mk=Google&mdl=Chrome%20-%20Windows&vpb=PreRoll&dc=95&vcc=EJAcGJAcMgQIAggJOgQIAQgCQAFIAVACiAECoAGQA6gB4QHIAQHQAQPoAQLwAQH4AQGAAgOKAgQIAggFmgIECAEIAqACAqgCAsACAw..&sv=freewheel&pidi=1550&advi=381589&cmpi=2523142&agi=12504723&cridi=25087380&svi=134&tid=1&cmp=50ywu04&vrtd=14,15&rurl=https%3a%2f%2fglamour.globo.com%2flifestyle%2fnoticia%2f2019%2f12%2fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&tsig=LGKQhbIbEqqrgf8QRuNsm_A21X0CY5uhmQoxRW3FWLg.&c=Cg1Vbml0ZWQgU3RhdGVzEghJbGxpbm9pcxoDNjAyIgdDaGljYWdvMAI4AkgAUAZYAYABAIgBApABALABALoBBQjcARgCyQFmZmZmZiZEQA..&dur=CkcKJWNoYXJnZS1hbGxJYXNWaWRlb1ZpZXdhYmlsaXR5VHJhY2tpbmciHgin__________8BEg1pYXMtcmVwb3J0aW5nKgIIAQ..&durs=cxun9u&crrelr=&said=892_1661404446391027-173_1&ict=Unknown&auct=3&im=1&mc=62249854-e622-47ff-86ff-cff66e75556b&tail=1&vrw=1
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.232.249 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
02d9fda86feb83e01174fde5b8264fe8dfec541a64ffa5d0afba3f7bdcc6a972

Request headers

Accept
application/xml, text/xml
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:07 GMT
content-encoding
gzip
vary
Origin
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://glamour.globo.com
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
content-length
4964
vpaid.2022.04.25-15.52-2acd3d8.js
static.adsafeprotected.com/ias/v1/ Frame FD5E 		179 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/ias/v1/vpaid.2022.04.25-15.52-2acd3d8.js
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:dc00:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4eb117f5f1fc90466bb7aeb543b00203b3373b23cecd6980b6317dbba275230d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
5pHe_uQZnSorIb3h0rU.d92Jgb7kHfOE
content-encoding
gzip
etag
W/"47ecb75488e5a1efdf427dddd979916d"
age
161057
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 03 May 2022 16:46:10 GMT
server
AmazonS3
date
Tue, 23 Aug 2022 08:29:51 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 d671204b8bf6c2b9056c338588204020.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
d2HE5pVd1vizfiIxTpODaRAFVxk_B5pLLSDabdHBQ6xr81ITJh4QcQ==
/
ping.seedtag.com/ 		0
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ping.seedtag.com/
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.335008b7b27c404c8cd9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:07 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server
nginx
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
all
csm.us.criteo.net/ Frame 3F1E 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=_13HViSUVsDCZkZ8N7ah-wpkNFKKCAsWemyjyPH3mX98ATKXb21o2E_ozo4a8sx6n3WMhvINfietu6WgYKIRlfAQVABeAvdfhhvzShCjY008R34fbdpv3Hy3sMYaRFT6e_r544OswK2fs0RQlclE-_X4QFlqMtC-ImKaP8IMFkK3IGOcEwek-PvAVVHa9n0sY3Jm21rPpJZOgJ58nFtLciEd8UgiBA_U-9ce46JN4I-OQdWuO6nXx86C5OvkSKdHxtP2AQ&sds=2&rev=82533&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YwcFFgAGgokIaAY0AAAnMNxKp9bCD7dQ1Ixnqw&u=%7CdPGRhl%2B7%2BMWgpPFIpCJqMtCJIuSB7aEzylITgSDLOdw%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MTceYYGR9Jp5gwJSFuY1ZhN1_Ei2GJq8gd_G0tw1r14hnbYpVmvZEeZ3grlLUx-z4YYgXcAXP-xm45dOpRMTQ2S5iczFkxYc4DVGYC46ATP-k6EYWtuYZ03Fn2IUxSqnA_ihx5X8BFdchR5NyXI4oYxBTP2vLFJ5UMkfKCLc84eaNK2weWxmJ71gTfmFr8odm5bxqiOQJ--htYWPUtQ7RKgLoSbTX6T59wBkzS5n5CjsxYsz6Cs9dCgWg904mlqCZzn9F_BGivAe1umNo23lypsKXgoF0-WcHUiCJBaJJm13slpbs8eEc1FyD8sMMR46ul6bAZOhIsMZyQwgNT9Rc1vQ9KulDUKYGLE_O4T_q71i1dk-CTLivbkQd8NiriMGMz4oD1Uj0l3d6g9UZ3wHDOqD9RBRmTkxUKli2P7duAyr0zhZFthEV5c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTXExFgUHY4mFGrSMoPMPsM6AuAecge-wXNqkqap0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN6ABrN3-6APIAQngAgCoAwGqBNQCT9DBe3BZCAmn095o1iZouRKGQHDII5v-6LFV0nXaKTdGgkpaKzANBAqC5gW_mk3z7OXElD4oa-YJ4kAMQMRerD2-_XB52qxxOfsLXCsJT8BaFEmWq3WE0JKS_jgO8WM1wCJRDc7rXco8ACI66A4Y-E4Ade9Fqbg24omZB7vHKkQ14Qvpyn6PkoIfi_Kj5dKUoyuX_O8V-4jFqjJxaWdz1eZ7jZ29K2rqOBvCQcPLXW_3RT_qtEmNLkS0LfmikJe0lJOdPFjmR2lDGN2dlyOsT3XGggo6FntlmBPAEH8q8IIu4RBn2gPpBGXWW47nZMqdEB0p-Gk2u16ro0T9lzyza6zdWOY2QeAUSt5LoG80ZKFlx1mb_EHkmYjuD7g3PGE8Xow-dROFmlJXWaCak2gL4Cozx_xj2hyqt6qcKSqXc9GZQZSbSwZFA30QjYN6gRTPlZXkvOAEAYAG8svvvtjL7-1JoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1BBFSwNw0F-QD9vVwmK83CozIVhQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 25 Aug 2022 05:14:06 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
vpaid.2022.04.25-15.52-2acd3d8.js
static.adsafeprotected.com/ias/v1/ Frame FD5E 		179 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/ias/v1/vpaid.2022.04.25-15.52-2acd3d8.js
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/ias/v1/vpaid.2022.04.25-15.52-2acd3d8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:dc00:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4eb117f5f1fc90466bb7aeb543b00203b3373b23cecd6980b6317dbba275230d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
5pHe_uQZnSorIb3h0rU.d92Jgb7kHfOE
content-encoding
gzip
etag
W/"47ecb75488e5a1efdf427dddd979916d"
age
161058
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 03 May 2022 16:46:10 GMT
server
AmazonS3
date
Tue, 23 Aug 2022 08:29:51 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 d671204b8bf6c2b9056c338588204020.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
BkFfJ4b0AkCrkvbst9UrrypHxpGzdVXYKMcoxU286JcduGIeXdUd-g==
jsvid
pixel.adsafeprotected.com/ Frame FD5E 		235 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jsvid?videoId=52432c0388da95659d1ea2b5a586c64c&adsafe_par=&bidurl=glamour.globo.com&impId=277d3fab-132b-4958-a7b7-39b24d06c88f&planId=freewheel&xmapp=0&xmtp=v&xsId=d20f7744-5569-4af0-9a75-811c9f7a3f3d&advId=ap9ihth&anId=923116&campId=50ywu04&chanId=elh9o4z&placementId=pz46u3nc&pubId=b0a2ucv&logTestResults=false
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/ias/v1/vpaid.2022.04.25-15.52-2acd3d8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.190.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-190-218.compute-1.amazonaws.com
Software
/
Resource Hash
db2a242e49812eeaf79e3718024737c5c48117e79771be73279d0659093d9337

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:08 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
vpaid.2022.04.25-15.52-2acd3d8.js
static.adsafeprotected.com/ias/v1/ Frame 2BA2 		179 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/ias/v1/vpaid.2022.04.25-15.52-2acd3d8.js
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/ias/v1/vpaid.2022.04.25-15.52-2acd3d8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:dc00:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4eb117f5f1fc90466bb7aeb543b00203b3373b23cecd6980b6317dbba275230d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
5pHe_uQZnSorIb3h0rU.d92Jgb7kHfOE
content-encoding
gzip
etag
W/"47ecb75488e5a1efdf427dddd979916d"
age
161058
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 03 May 2022 16:46:10 GMT
server
AmazonS3
date
Tue, 23 Aug 2022 08:29:51 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 d671204b8bf6c2b9056c338588204020.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
jF14LwivW95PC3aqxJDdGn8hVJ_pXJ_8V2W5nQMeaJTQzFFDtPue7g==
sca.17.5.12.js
static.adsafeprotected.com/ Frame 8346 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:dc00:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 06:50:21 GMT
content-encoding
gzip
age
6128628
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 d671204b8bf6c2b9056c338588204020.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
EWR52-C1
content-type
application/javascript
x-amz-cf-id
QuM0FOUDtx7dMR7W8izzYCE21AF6_5kXvKOrx6KWg-Qq8P9OLqoESw==
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=923116&asId=bf0de160-5e62-12b5-25a4-2e34b2d27e38&tv=%7Bc:mhd7Te,pingTime:-2,time:347,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:545,beZ:548,mfA:563,cmA:568,inA:568,inZ:595,prA:595,prZ:664,si:705,poA:706,poZ:822,cmZ:822,mfZ:822,loA:877,loZ:883,ltA:891,ltZ:891%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:400.225,dom:body%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l.v,w:400,h:225,t:158%7D%5D,vv:3.8.0,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:347,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:158,wc:0.0.1600.1200,ac:1645.960.400.225,am:v,cc:1645.960.400.225,piv:0,obst:0,th:0,reas:l.v,bkn:%7Bpiv:%5B321~0%5D,as:%5B321~400.225%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jsvid,dtt:0,fm:tfuPKzL+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c21%7C1c31%7C1c32%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j1%7C1j21%7C1j22%7C1k%7C1l1%7C1l2%7C1l31%7C1l32%7C1l33%7C1l34%7C1l35%7C1l36%7C1l37%7C1l38%7C1l39%7C1l3a%7C1l3b%7C1l3c%7C1l3d%7C1l3e%7C1l3f%7C1l3g%7C1l4%7C1l51%7C1l521%7C1l611%7C1l612%7C1l6131%7C1l614%7C1l621%7C1l63%7C1l641%7C1l642%7C1l643%7C1l644%7C1l65%7C1l66%7C1l7%7C1m%7C1n111%7C1n112%7C1n12%7C1o11%7C1o12%7C1o13%7C1o141%7C1o15%7C1p%7C1q%7C1r%7C1s*.923116%7C1s1,idMap:1s*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:env,slid:%5Blkqdad919134,1661404445738978157071%5D,sinceFw:185,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:66a7:18bc:d1f9:4f18 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:08 GMT
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
jsvid
pixel.adsafeprotected.com/ Frame FD5E 		235 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jsvid?videoId=6857fc724ee9c18345461ea41a998a52&adsafe_par=&bidurl=glamour.globo.com&impId=277d3fab-132b-4958-a7b7-39b24d06c88f&planId=freewheel&xmapp=0&xmtp=v&xsId=464961d0-5f73-43ed-a7bb-8b141907f174&advId=ap9ihth&anId=923116&campId=50ywu04&chanId=elh9o4z&placementId=pz46u3nc&pubId=b0a2ucv&logTestResults=false
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/ias/v1/vpaid.2022.04.25-15.52-2acd3d8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.190.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-190-218.compute-1.amazonaws.com
Software
/
Resource Hash
29458ffabb5db1d6a9a1252bc31593f960ffd70db8f6c4694f69f9401a31534b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:08 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
2_source_150741_722075.mp4
s-static.innovid.com/media/encoded/07_22/545777/ 		0
0
2_source_150741_722075.mp4
s-static.innovid.com/media/encoded/07_22/545777/ 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://s-static.innovid.com/media/encoded/07_22/545777/2_source_150741_722075.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.132.246 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://glamour.globo.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
TsITPaOWl7K3NiAc0xFLvveo6LUF4fir
Last-Modified
Tue, 19 Jul 2022 15:59:55 GMT
Server
AmazonS3
x-amz-request-id
WVGWA04C3E8HFA5Y
ETag
"65d211ac58dda72b3ee5fad50200eb50"
Content-Type
video/mp4
Content-Range
bytes 0-2063750/2063751
Date
Thu, 25 Aug 2022 05:14:08 GMT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
2063751
x-amz-id-2
tCXE6rDjR03GWAQ/AAFm7FILrHkyOEVUuxB1hZHRWGB+Y0U3RvvUzdTEdh472mUy5WnnHSUdcOc=
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=923116&asId=bf0de160-5e62-12b5-25a4-2e34b2d27e38&tv=%7Bc:mhd806,pingTime:-10,time:773,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNC4wLjUxMTIuMTAxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1661404449037%7C%7Cbc5ecc325e52bd169e2584753af3f37e%7C%7C5804921a8d3c64b26a083c50aad655e9%7C%7Cf6b081a33f211acbe37d8c1b2c249fb8%7C%7Cfb01bb472451f7f9c10a7fea16196950%7C%7C0cb92d74db85fb94073cd70be203a45c%7C%7C6dfae15a6df6a5263e8b52768b130257%7C%7C3c98d96eb85b2e155402b8eca3359fed%7C%7C1629390669%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:66a7:18bc:d1f9:4f18 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:09 GMT
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 8852 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:dc00:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 06:50:21 GMT
content-encoding
gzip
age
6128629
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 d671204b8bf6c2b9056c338588204020.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
EWR52-C1
content-type
application/javascript
x-amz-cf-id
muam2ftsUg9I17GO9Zbw6wPOBC01ceoxbO326e5frGN-57GGTd1AoQ==
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=923116&asId=bf0de160-5e62-12b5-25a4-2e34b2d27e38&tv=%7Bc:mhd836,pingTime:-2.1,time:959,type:a,clog:%5B%7Bpiv:0,vs:o,r:l.v,w:400,h:225,t:158%7D%5D,ve:%7BvEventCount:7,vEvents:%5B%7Bt:507,tp:adLoaded,sl:o,ad_duration:15,width:400,height:225,volume:0%7D,%7Bt:519,tp:resizeAd,sl:o,ad_duration:15,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:519,tp:resizeAd,sl:o,ad_duration:15,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:519,tp:resizeAd,sl:o,ad_duration:15,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:520,tp:volumeChanged,sl:o,ad_duration:15,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:520,tp:adStarted,sl:o,ad_duration:15,width:400,height:225,volume:0%7D,%7Bt:526,tp:volumeChanged,sl:o,ad_duration:15,width:400,height:225,volume:0,viewMode:normal%7D%5D%7D,vv:3.8.0,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:959,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:158,wc:0.0.1600.1200,ac:1645.960.400.225,am:v,cc:1645.960.400.225,piv:0,obst:0,th:0,reas:l.v,bkn:%7Bpiv:%5B933~0%5D,as:%5B933~400.225%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jsvid,dtt:595,fm:tfuPKzL+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c21%7C1c31%7C1c32%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j1%7C1j21%7C1j22%7C1k%7C1l1%7C1l2%7C1l31%7C1l32%7C1l33%7C1l34%7C1l35%7C1l36%7C1l37%7C1l38%7C1l39%7C1l3a%7C1l3b%7C1l3c%7C1l3d%7C1l3e%7C1l3f%7C1l3g%7C1l4%7C1l51%7C1l521%7C1l611%7C1l612%7C1l6131%7C1l614%7C1l621%7C1l63%7C1l641%7C1l642%7C1l643%7C1l644%7C1l65%7C1l66%7C1l7%7C1m%7C1n111%7C1n112%7C1n12%7C1o11%7C1o12%7C1o13%7C1o141%7C1o15%7C1p%7C1q%7C1r%7C1s*.923116%7C1s1,idMap:1s.489d6461-c5f6-99a1-2ccc-f9e0cc0373fc.111_923116%7C1s*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:env,slid:%5Blkqdad919134,1661404445738978157071%5D,sinceFw:185,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:66a7:18bc:d1f9:4f18 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:09 GMT
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=923116&asId=489d6461-c5f6-99a1-2ccc-f9e0cc0373fc&tv=%7Bc:mhd83B,pingTime:-2,time:200,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1335,beZ:1336,mfA:1341,cmA:1348,inA:1348,inZ:1358,prA:1358,prZ:1396,si:1407,poA:1408,poZ:1468,cmZ:1468,mfZ:1468,loA:1507,loZ:1514,ltA:1534,ltZ:1534%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:400.225,dom:body%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l.v,w:400,h:225,t:70%7D%5D,ve:%7BvEventCount:7,vEvents:%5B%7Bt:-371,tp:adLoaded,sl:o,ad_duration:15,width:400,height:225,volume:0%7D,%7Bt:-279,tp:resizeAd,sl:o,ad_duration:15,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-275,tp:resizeAd,sl:o,ad_duration:15,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-273,tp:resizeAd,sl:o,ad_duration:15,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-272,tp:volumeChanged,sl:o,ad_duration:15,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-272,tp:adStarted,sl:o,ad_duration:15,width:400,height:225,volume:0%7D,%7Bt:-264,tp:volumeChanged,sl:o,ad_duration:15,width:400,height:225,volume:0,viewMode:normal%7D%5D%7D,vv:3.8.0,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:201,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:70,wc:0.0.1600.1200,ac:1645.960.400.225,am:v,cc:1645.960.400.225,piv:0,obst:0,th:0,reas:l.v,bkn:%7Bpiv:%5B184~0%5D,as:%5B184~400.225%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jsvid,dtt:0,fm:tfuPKzL+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c21%7C1c31%7C1c32%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j1%7C1j21%7C1j22%7C1k%7C1l1%7C1l2%7C1l31%7C1l32%7C1l33%7C1l34%7C1l35%7C1l36%7C1l37%7C1l38%7C1l39%7C1l3a%7C1l3b%7C1l3c%7C1l3d%7C1l3e%7C1l3f%7C1l3g%7C1l4%7C1l51%7C1l521%7C1l611%7C1l612%7C1l6131%7C1l614%7C1l621%7C1l63%7C1l641%7C1l642%7C1l643%7C1l644%7C1l65%7C1l66%7C1l7%7C1m%7C1n111%7C1n112%7C1n12%7C1o11%7C1o12%7C1o13%7C1o141%7C1o15%7C1p%7C1q%7C1r%7C1s*.923116%7C1s1%7C1s2,idMap:1s.bf0de160-5e62-12b5-25a4-2e34b2d27e38.29_923116%7C1s*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:env,slid:%5Blkqdad919134,1661404445738978157071%5D,sinceFw:125,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:66a7:18bc:d1f9:4f18 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:09 GMT
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
996.json
id5-sync.com/g/v2/ Frame 5897 		450 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/996.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 25 Aug 2022 05:14:08 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://glamour.globo.com
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
transfer-encoding
chunked
envelope
api.rlcdn.com/api/identity/ Frame 5897 		0
0
rid
match.adsrvr.org/track/ Frame 5897 		108 B
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 25 Aug 2022 05:14:09 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://glamour.globo.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sat, 24 Sep 2022 05:14:09 GMT
pixel.png
unified.adsafeprotected.com/ Frame 2BA2 		35 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjozMDMsInNpdGVfdXVpZCI6ImFmZGRlZjVkLWMyMDQtNDBhOS1iNGZiLTk2NWExNDVkMDY5NiIsImJpZF9yZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vZ2xhbW91ci5nbG9iby5jb20vbGlmZXN0eWxlL25vdGljaWEvMjAxOS8xMi9tZWxob3Jlcy1kby1hbm8tb3MtbWVtZXMtbWFpcy1lbmdyYWNhZG9zLWRlLTIwMTkuZ2h0bWwifX0sImNiIjoxNjYxNDA0NDQ5NjI2LCJpYXNfc2luZ2xldGFnIjpmYWxzZSwiaGVhZGVycyI6eyJoZWFkZXI4IjoiaWFzbyJ9LCJjdXN0b20iOnsiY3VzdG9tMSI6IjkyMzExNiIsImN1c3RvbTExIjoiMjAyMi4wNC4yNS0xNS41Mi0yYWNkM2Q4IiwieHNpZCI6IjQ2NDk2MWQwLTVmNzMtNDNlZC1hN2JiLThiMTQxOTA3ZjE3NCIsInBwYXRoIjoiaHR0cHM6Ly91bmlmaWVkLmFkc2FmZXByb3RlY3RlZC5jb20ifX0=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.232.249 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:09 GMT
content-length
35
vary
Origin
content-type
image/gif
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?videoId=6857fc724ee9c18345461ea41a998a52&adsafe_par=&bidurl=glamour.globo.com&impId=277d3fab-132b-4958-a7b7-39b24d06c88f&planId=freewheel&xmapp=0&xmtp=v&xsId=464961d0-5f73-43ed-a7bb-8b141907f174&advId=ap9ihth&anId=923116&campId=50ywu04&chanId=elh9o4z&placementId=pz46u3nc&pubId=b0a2ucv&logTestResults=false&adsafe_url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&adsafe_type=abq&adsafe_url=http%3A%2F%2Fsandramaria.online.anamarialopez.site%2F&adsafe_type=c&adsafe_jsinfo=,id:489d6461-c5f6-99a1-2ccc-f9e0cc0373fc,c:mhd81v,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-6479488885-whcxj,rg:va,pt:2-5-15,wc:0.0.1600.1200,ac:1645.960.400.225,am:v,cc:1645.960.400.225,piv:0,obst:0,th:0,reas:l.v,mu:10000,br:c,an:n,oam:0,vc:jv3,scm:publ2.grpm2,mtim:6,mot:0,app:0,maw:0,fm:tfuPKMv+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c21%7C1c31%7C1c32%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j1%7C1j21%7C1j22%7C1k%7C1l1%7C1l2%7C1l31%7C1l32%7C1l33%7C1l34%7C1l35%7C1l36%7C1l37%7C1l38%7C1l39%7C1l3a%7C1l3b%7C1l3c%7C1l3d%7C1l3e%7C1l3f%7C1l3g%7C1l4%7C1l51%7C1l521%7C1l611%7C1l612%7C1l6131%7C1l614%7C1l621%7C1l63%7C1l641%7C1l642%7C1l643%7C1l644%7C1l65%7C1l66%7C1l7%7C1m%7C1n111%7C1n112%7C1n12%7C1o11%7C1o12%7C1o13%7C1o141%7C1o15%7C1p%7C1q%7C1r%7C1s*.923116%7C1s1%7C1s2,idMap:1s*,baur:ab,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:env,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:jsvid,et:72,oid:bf6fd571-2434-11ed-a867-daa2c546e554,v:19.8.344,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0,x_vv:3.8.0,x_vanstag:cm,x_xcamp:50ywu04,x_xplac:pz46u3nc,x_ximp:277d3fab-132b-4958-a7b7-39b24d06c88f,x_xpc:iaso
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.190.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-190-218.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:09 GMT
x-server-name
app10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
pixel.png
unified.adsafeprotected.com/ Frame FD5E 		35 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjozMDMsInNpdGVfdXVpZCI6ImFmZGRlZjVkLWMyMDQtNDBhOS1iNGZiLTk2NWExNDVkMDY5NiIsImJpZF9yZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vZ2xhbW91ci5nbG9iby5jb20vbGlmZXN0eWxlL25vdGljaWEvMjAxOS8xMi9tZWxob3Jlcy1kby1hbm8tb3MtbWVtZXMtbWFpcy1lbmdyYWNhZG9zLWRlLTIwMTkuZ2h0bWwifX0sImNiIjoxNjYxNDA0NDQ5NjI5LCJpYXNfc2luZ2xldGFnIjpmYWxzZSwiaGVhZGVycyI6eyJoZWFkZXI4IjoiaWFzbyJ9LCJjdXN0b20iOnsiY3VzdG9tMSI6IjkyMzExNiIsImN1c3RvbTExIjoiMjAyMi4wNC4yNS0xNS41Mi0yYWNkM2Q4IiwieHNpZCI6ImQyMGY3NzQ0LTU1NjktNGFmMC05YTc1LTgxMWM5ZjdhM2YzZCIsInBwYXRoIjoiaHR0cHM6Ly91bmlmaWVkLmFkc2FmZXByb3RlY3RlZC5jb20ifX0=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.232.249 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:09 GMT
content-length
35
vary
Origin
content-type
image/gif
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?videoId=52432c0388da95659d1ea2b5a586c64c&adsafe_par=&bidurl=glamour.globo.com&impId=277d3fab-132b-4958-a7b7-39b24d06c88f&planId=freewheel&xmapp=0&xmtp=v&xsId=d20f7744-5569-4af0-9a75-811c9f7a3f3d&advId=ap9ihth&anId=923116&campId=50ywu04&chanId=elh9o4z&placementId=pz46u3nc&pubId=b0a2ucv&logTestResults=false&adsafe_url=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&adsafe_type=abq&adsafe_url=http%3A%2F%2Fsandramaria.online.anamarialopez.site%2F&adsafe_type=c&adsafe_jsinfo=,id:bf0de160-5e62-12b5-25a4-2e34b2d27e38,c:mhd7Qb,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-6479488885-628jl,rg:va,pt:2-5-15,wc:0.0.1600.1200,ac:1645.960.400.225,am:v,cc:1645.960.400.225,piv:0,obst:0,th:0,reas:l.v,mu:10000,br:c,an:n,oam:0,vc:jv3,scm:publ2.grpm2,mtim:18,mot:0,app:0,maw:0,fm:tfuPKzL+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c21%7C1c31%7C1c32%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j1%7C1j21%7C1j22%7C1k%7C1l1%7C1l2%7C1l31%7C1l32%7C1l33%7C1l34%7C1l35%7C1l36%7C1l37%7C1l38%7C1l39%7C1l3a%7C1l3b%7C1l3c%7C1l3d%7C1l3e%7C1l3f%7C1l3g%7C1l4%7C1l51%7C1l521%7C1l611%7C1l612%7C1l6131%7C1l614%7C1l621%7C1l63%7C1l641%7C1l642%7C1l643%7C1l644%7C1l65%7C1l66%7C1l7%7C1m%7C1n111%7C1n112%7C1n12%7C1o11%7C1o12%7C1o13%7C1o141%7C1o15%7C1p%7C1q%7C1r%7C1s*.923116%7C1s1,idMap:1s*,baur:ab,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:env,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:jsvid,et:160,oid:bf11afe2-2434-11ed-b262-064048860f0a,v:19.8.344,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0,x_vv:3.8.0,x_vanstag:cm,x_xcamp:50ywu04,x_xplac:pz46u3nc,x_ximp:277d3fab-132b-4958-a7b7-39b24d06c88f,x_xpc:iaso
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.190.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-190-218.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:09 GMT
x-server-name
app11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
analytics.js
s.pixsrvcs.com/2/848488/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pixsrvcs.com/2/848488/analytics.js?dt=8484881567613756606000&di=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&ui=fe54cc25c25d36983adbdcfa7f1e5df&sr=7169&pp=872257&si=5040465&pc=7585793&ti=1661404446391027-173&pv={predictionid}&to=1&de=2&md=2
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.208.45.24 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:09 GMT
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
2912
Expires
0
1x1.gif
s.innovid.com/ 		0
0
skeleton.gif
static.adsafeprotected.com/
Redirect Chain
  • https://unified.adsafeprotected.com/vevent/impression/1107969/64714900?ias_xadur=00:00:14:973&ias_xmtp=v&omidPartner=[OMIDPARTNER]&ias_xappb=[APPBUNDLE]&xsId=dc1624d1e07cc8124bb858433a9c5e89f0397f2e
  • https://pixel.adsafeprotected.com/rfw/st/1107969/64714900/skeleton.gif?xsId=dc1624d1e07cc8124bb858433a9c5e89f0397f2e&bundleId=%5BAPPBUNDLE%5D&xmtp=v&adsafe_jsinfo=mtp%3Av
  • https://static.adsafeprotected.com/skeleton.gif?xsId=dc1624d1e07cc8124bb858433a9c5e89f0397f2e&bundleId=%5BAPPBUNDLE%5D&xmtp=v
43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?xsId=dc1624d1e07cc8124bb858433a9c5e89f0397f2e&bundleId=%5BAPPBUNDLE%5D&xmtp=v
Protocol
H2
Server
2600:9000:2140:dc00:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 09:42:46 GMT
via
1.1 d671204b8bf6c2b9056c338588204020.cloudfront.net (CloudFront)
age
415884
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
EWR52-C1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
VNDZ7s0x1vJBqSPhmYN2Uibr1gkLIVcNA1M47hSDU2yKE85fTfX-9g==

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:09 GMT
x-server-name
app05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.gif?xsId=dc1624d1e07cc8124bb858433a9c5e89f0397f2e&bundleId=%5BAPPBUNDLE%5D&xmtp=v
cache-control
no-cache
content-length
0
server
nginx
B28136695.341381657;dc_pre=CImyuvCd4fkCFVisnwodC9oDlQ;dc_trk_aid=533566089;dc_trk_cid=174908236;ord=1661404447507;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_cons...
ad.doubleclick.net/ddm/trackimp/N1726419.2666012TRADEDESK/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1726419.2666012TRADEDESK/B28136695.341381657;dc_trk_aid=533566089;dc_trk_cid=174908236;ord=1661404447507;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;...
  • https://ad.doubleclick.net/ddm/trackimp/N1726419.2666012TRADEDESK/B28136695.341381657;dc_pre=CImyuvCd4fkCFVisnwodC9oDlQ;dc_trk_aid=533566089;dc_trk_cid=174908236;ord=1661404447507;dc_lat=;dc_rdid=;...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1726419.2666012TRADEDESK/B28136695.341381657;dc_pre=CImyuvCd4fkCFVisnwodC9oDlQ;dc_trk_aid=533566089;dc_trk_cid=174908236;ord=1661404447507;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Protocol
H3
Server
142.250.65.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:09 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N1726419.2666012TRADEDESK/B28136695.341381657;dc_pre=CImyuvCd4fkCFVisnwodC9oDlQ;dc_trk_aid=533566089;dc_trk_cid=174908236;ord=1661404447507;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xvzljdslq
mcdonalds.smart.link/imp/ 		0
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcdonalds.smart.link/imp/xvzljdslq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:ee17:: -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:09 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
insight.adsrvr.org/enduser/video/ 		0
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=start&imp=277d3fab-132b-4958-a7b7-39b24d06c88f&ag=elh9o4z&crid=pz46u3nc&cf=3657910&fq=0&t=1&td_s=glamour.globo.com&rcats=y29&mcat=&mste=&mfld=4&mssi=&mfsi=&sv=freewheel&uhow=96&agsa=&wp=22.0000&rgz=60185&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=872257&rlangs=en&mlang=&did=VID-RAQ-00160&rcxt=Other&tmpc=18.95&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=PreRoll&c=Cg1Vbml0ZWQgU3RhdGVzEghJbGxpbm9pcxoDNjAyIgdDaGljYWdvMAI4AkgAUAZYAYABAIgBApABALABALoBBQjcARgCyQFmZmZmZiZEQA..&dur=CkcKJWNoYXJnZS1hbGxJYXNWaWRlb1ZpZXdhYmlsaXR5VHJhY2tpbmciHgin__________8BEg1pYXMtcmVwb3J0aW5nKgIIAQ..&durs=cxun9u&crrelr=&npt=&mk=Google&mdl=Chrome%20-%20Windows&ict=Unknown&said=892_1661404446391027-173_1&auct=3&sfe=153e851f&vp=0&ast=[ASSETURI]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:09 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		43 B
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSendReport&adId=2651785570&viewKey=1661404446391027-173&sessionId=bb642685e5c0db6294e46e36c84d4398&zoneId=7585793&exAdId=3306210_50ywu04_0_pz46u3nc&impId=1&dealId=VID-RAQ-00160&cb=4203144&loc=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&seatId=1550&supportsFlash=false&supportsJavascript=true&componentId=vpaid-adapter&ibpiv=7c482263edcd3ab6294680e906b5a26e&displayPercentage=0&time=0&tagsArray=&ibp=b708fbc32592df04d122fa41f1648fd33244c135d91db8842d4054abcb7d58a38d0d709b4a54fdb1ad7ba1af1148bbfa7b225eb69247f6e977b379902372aff818f1004ae3cb81f1569aa978b68dae6dfa1c4f4efcb802fe07b771b96255a79c&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:09 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1661404446391027-173
/
insight.adsrvr.org/enduser/video/ 		0
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=creativeView&imp=277d3fab-132b-4958-a7b7-39b24d06c88f&ag=elh9o4z&crid=pz46u3nc&cf=3657910&fq=0&t=1&td_s=glamour.globo.com&rcats=y29&mcat=&mste=&mfld=4&mssi=&mfsi=&sv=freewheel&uhow=96&agsa=&wp=22.0000&rgz=60185&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=872257&rlangs=en&mlang=&did=VID-RAQ-00160&rcxt=Other&tmpc=18.95&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=PreRoll&c=Cg1Vbml0ZWQgU3RhdGVzEghJbGxpbm9pcxoDNjAyIgdDaGljYWdvMAI4AkgAUAZYAYABAIgBApABALABALoBBQjcARgCyQFmZmZmZiZEQA..&dur=CkcKJWNoYXJnZS1hbGxJYXNWaWRlb1ZpZXdhYmlsaXR5VHJhY2tpbmciHgin__________8BEg1pYXMtcmVwb3J0aW5nKgIIAQ..&durs=cxun9u&crrelr=&npt=&mk=Google&mdl=Chrome%20-%20Windows&ict=Unknown&said=892_1661404446391027-173_1&auct=3&sfe=153e851f&vp=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:09 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
1x1.gif
s.innovid.com/ 		0
0
uuid
rtr.innovid.com/placement/15s400/ 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtr.innovid.com/placement/15s400/uuid?cb=45d4d61e-2181-99ff-66d8-f2d2b71e2ff8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f16:b8a:8e00:8730:7e48:c66:3404 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:09 GMT
cache-control
no-cache
content-length
0
expires
-1
pixel.png
unified.adsafeprotected.com/ 		35 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU0VDT05EQVJZX0lNUFJFU1NJT04iLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJjdXN0b20iOnsiY3VzdG9tMSI6IjkyMzExNiIsImN1c3RvbTIiOiIyLjAiLCJjdXN0b20zIjoiMi4wIiwiY3VzdG9tNyI6IiIsImN1c3RvbTgiOiIiLCJ4c2lkIjoiNDY0OTYxZDAtNWY3My00M2VkLWE3YmItOGIxNDE5MDdmMTc0In0sImhlYWRlcnMiOnsiaGVhZGVyMTAiOiJwejQ2dTNuYyIsImhlYWRlcjExIjoiSW5ub3ZpZCBBZHMiLCJoZWFkZXIxMiI6InJ0ci5pbm5vdmlkLmNvbSIsImhlYWRlcjgiOiJpYXNvIiwiaGVhZGVyOSI6IiJ9LCJjYiI6IjE2NjE0MDQ0NDc1MTA4Njc4MzgiLCJhZER1cmF0aW9uIjotMX0=&advEntityId=&pubEntityId=&key1=ROKU_ADS_APP_ID&key2=$APP_STOREURL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.232.249 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:09 GMT
content-length
35
vary
Origin
content-type
image/gif
freewheel
vae-bid.adsrvr.org/bid/feedback/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vae-bid.adsrvr.org/bid/feedback/freewheel?t=1&iid=277d3fab-132b-4958-a7b7-39b24d06c88f&crid=pz46u3nc&wp=22.0000&aid=1&wpc=USD&sfe=153e851e&puid=fe54cc25c25d36983adbdcfa7f1e5df&tdid=f392b494-04f1-4190-8b81-965c828ca97a&pid=2sl3z2r&ag=elh9o4z&adv=ap9ihth&sig=1NDFTezijrQjuvtFXg8UxS0nz7_Jt8OT7FcevDneJpU4.&bp=22&cf=3657910&fq=0&td_s=glamour.globo.com&rcats=y29&mcat=&mste=&mfld=4&mssi=&mfsi=&uhow=96&agsa=&rgz=60185&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=872257&did=VID-RAQ-00160&rcxt=Other&lat=41.887900&lon=-88.199500&tmpc=18.95&daid=&vp=0&osi=&osv=&sft=2&bx=120&bv=1&vvp=1&mk=Google&mdl=Chrome%20-%20Windows&vpb=PreRoll&c=Cg1Vbml0ZWQgU3RhdGVzEghJbGxpbm9pcxoDNjAyIgdDaGljYWdvMAI4AkgAUAZYAYABAIgBApABALABALoBBQjcARgCyQFmZmZmZiZEQA..&dur=CkcKJWNoYXJnZS1hbGxJYXNWaWRlb1ZpZXdhYmlsaXR5VHJhY2tpbmciHgin__________8BEg1pYXMtcmVwb3J0aW5nKgIIAQ..&durs=cxun9u&crrelr=&said=892_1661404446391027-173_1&ict=Unknown&auct=3&im=1&mc=62249854-e622-47ff-86ff-cff66e75556b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.166.129 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 05:14:09 GMT
cache-control
must-revalidate, no-cache
server
Kestrel
content-type
image/gif
transfer-encoding
chunked
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel.png
unified.adsafeprotected.com/ 		35 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU0VDT05EQVJZX0lNUFJFU1NJT04iLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJjdXN0b20iOnsiY3VzdG9tMSI6IjkyMzExNiIsImN1c3RvbTIiOiIyLjAiLCJjdXN0b20zIjoiMi4wIiwiY3VzdG9tNyI6IiIsImN1c3RvbTgiOiIiLCJ4c2lkIjoiZDIwZjc3NDQtNTU2OS00YWYwLTlhNzUtODExYzlmN2EzZjNkIn0sImhlYWRlcnMiOnsiaGVhZGVyMTAiOiJwejQ2dTNuYyIsImhlYWRlcjExIjoiVGhlIFRyYWRlIERlc2s6SW5ub3ZpZCBBZHMiLCJoZWFkZXIxMiI6Imluc2lnaHQuYWRzcnZyLm9yZyIsImhlYWRlcjgiOiJpYXNvIiwiaGVhZGVyOSI6IiJ9LCJjYiI6IjE2NjE0MDQ0NDc1MTU2ODAwMzAiLCJhZER1cmF0aW9uIjotMX0=&advEntityId=&pubEntityId=&key1=ROKU_ADS_APP_ID&key2=$APP_STOREURL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.232.249 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 05:14:09 GMT
content-length
35
vary
Origin
content-type
image/gif
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		43 B
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsDisplayStarted&adId=2651785570&viewKey=1661404446391027-173&sessionId=bb642685e5c0db6294e46e36c84d4398&zoneId=7585793&exAdId=3306210_50ywu04_0_pz46u3nc&impId=1&dealId=VID-RAQ-00160&cb=1715749&loc=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&seatId=1550&supportsFlash=false&supportsJavascript=true&componentId=vpaid-adapter&ibpiv=7c482263edcd3ab6294680e906b5a26e&listenerId=fe54cc25c25d36983adbdcfa7f1e5df&dealType=cd&ibp=b708fbc32592df04d122fa41f1648fd33244c135d91db8842d4054abcb7d58a38d0d709b4a54fdb1ad7ba1af1148bbfa7b225eb69247f6e977b379902372aff818f1004ae3cb81f1569aa978b68dae6dfa1c4f4efcb802fe07b771b96255a79c&campaignId=2649611922&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:09 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1661404446391027-173
analytics.gif
s.update.stickyadstv.com/2/848488/ 		49 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.update.stickyadstv.com/2/848488/analytics.gif?dt=8484881527175831722000&di=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&ui=fe54cc25c25d36983adbdcfa7f1e5df&sr=7169&pp=872257&si=5040465&pc=7585793&ti=1661404446391027-173&pv={predictionid}&to=1&de=2&md=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.198.103.0 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:09 GMT
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin
*
Content-Length
49
Expires
0
user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?px=7169&listenerId=fe54cc25c25d36983adbdcfa7f1e5df
  • https://usersync.octillion.tv/fw?
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1554userId=cd078586-9b7a-4fab-9889-34e181b61ebd
43 B
558 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1554userId=cd078586-9b7a-4fab-9889-34e181b61ebd
Protocol
HTTP/1.1
Server
63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 05:14:09 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1661404449928039-169

Redirect headers

date
Thu, 25 Aug 2022 00:07:43 GMT
via
1.1 2ead2a81ff8cd9f180f8ec7fa0607b6e.cloudfront.net (CloudFront)
server
CloudFront
age
18386
x-cache
Hit from cloudfront
location
https://ads.stickyadstv.com/user-registering?dataProviderId=1554userId=cd078586-9b7a-4fab-9889-34e181b61ebd
x-amz-cf-pop
EWR53-C1
content-length
0
x-amz-cf-id
8TcZH9HaNmFvx2NXI2XB66T7EIi51xnriDdDvXLDhUQsbR0tnydNiA==
postback
s.pixsrvcs.com/2/2.66.1/848488/AXiQ1TcABZT_G1a0/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.pixsrvcs.com/2/2.66.1/848488/AXiQ1TcABZT_G1a0/postback?oz_pl=1&pv=%7Bpredictionid%7D&to=1&de=2&md=2&dt=8484881567613756606000&di=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&si=5040465&pc=7585793&ci=848488&ui=fe54cc25c25d36983adbdcfa7f1e5df&sr=7169&pp=872257&ti=1661404446391027-173&_x=1
Requested by
Host: s.pixsrvcs.com
URL: https://s.pixsrvcs.com/2/848488/analytics.js?dt=8484881567613756606000&di=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&ui=fe54cc25c25d36983adbdcfa7f1e5df&sr=7169&pp=872257&si=5040465&pc=7585793&ti=1661404446391027-173&pv={predictionid}&to=1&de=2&md=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.208.45.24 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://glamour.globo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 25 Aug 2022 05:14:09 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.pixsrvcs.com/2/2.66.1/ 		161 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pixsrvcs.com/2/2.66.1/main.js
Requested by
Host: s.pixsrvcs.com
URL: https://s.pixsrvcs.com/2/848488/analytics.js?dt=8484881567613756606000&di=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&ui=fe54cc25c25d36983adbdcfa7f1e5df&sr=7169&pp=872257&si=5040465&pc=7585793&ti=1661404446391027-173&pv={predictionid}&to=1&de=2&md=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.208.45.24 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://glamour.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 05:14:09 GMT
Content-Encoding
br
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
51462
Expires
Sun, 03 May 2054 06:43:19 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame CB70 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.132.198 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-198.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 25 Aug 2022 05:14:10 GMT
ETag
"623de86a-cf34"
Expires
Fri, 26 Aug 2022 05:14:12 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
pd
us-u.openx.net/w/1.0/ Frame 8DCB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=de65e540-1353-4e70-af8f-72c6944458e2&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
447
content-type
text/html
date
Thu, 25 Aug 2022 05:14:10 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame FF9A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 25 Aug 2022 05:14:10 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 7272 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BDAB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4985/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.132.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-212.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://glamour.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=71298
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 25 Aug 2022 05:14:10 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 26 Aug 2022 01:02:28 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 9E09 		0
0
truncated
/ 		477 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
dvtp_src.js
cdn.doubleverify.com/ Frame C7C3 		0
0
t
t.lkqd.net/ Frame DA29 		0
0
t
t.lkqd.net/ Frame DA29 		0
0
postback
s.pixsrvcs.com/2/2.66.1/848488/AXiQ1TcABZT_G1a0/ 		0
0
p
sb.scorecardresearch.com/ Frame 1982 		0
0
p
sb.scorecardresearch.com/ Frame 1982 		0
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 25 Aug 2022 05:14:10 GMT
server
nginx
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://glamour.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://glamour.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 25 Aug 2022 05:14:10 GMT
server
nginx
postback
s.pixsrvcs.com/2/2.66.1/848488/AXiQ1TcABZT_G1a0/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
wtfismyip.com
URL
https://wtfismyip.com/json
Domain
api.vturb.com.br
URL
https://api.vturb.com.br/hermes/sandramaria.online.anamarialopez.site/63000bbd8573c5000adaac4a/56d95ac5-0166-4614-aed7-379b717e54f2/24f84c2c-07e6-46c7-a827-968d29b4404c
Domain
cdn.converteai.net
URL
https://cdn.converteai.net/8ddefba4-aac6-4899-a661-0c2a387c3a1d/62f552ec9811e2000a36756e/h264_360p_750.m3u8
Domain
cdn.converteai.net
URL
https://cdn.converteai.net/8ddefba4-aac6-4899-a661-0c2a387c3a1d/62f552ec9811e2000a36756e/audio_media.m3u8
Domain
r.nexac.com
URL
https://r.nexac.com/e/getdata.xgi?dt=br&pkey=gpwn29rvapq62&ru=https://beacon.krxd.net/data.gif?_kuid%3DPCeFolNw%26_kdpid%3D2dd640a6-6ebd-4d4f-af30-af8baa441a0d%26dlxid%3D%3Cna_id%3E%26dlxdata%3D%3Cna_da%3E
Domain
r.nexac.com
URL
https://r.nexac.com/e/getdata.xgi?dt=br&pkey=gpwn29rvapq62&ru=https://beacon.krxd.net/data.gif?_kuid%3DPCeFolNw%26_kdpid%3D2dd640a6-6ebd-4d4f-af30-af8baa441a0d%26dlxid%3D%3Cna_id%3E%26dlxdata%3D%3Cna_da%3E
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
Domain
s-static.innovid.com
URL
https://s-static.innovid.com/media/encoded/07_22/545777/2_source_150741_722075.mp4
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Domain
s.innovid.com
URL
https://s.innovid.com/1x1.gif?project_hash=1gtq8e&client_id=7615&video_id=938898&channel_id=2990453&publisher_id=1271&placement_tag_id=0&project_state=2&r=1661404447507&placement_hash=15s400&device_id=&action=play&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D277d3fab-132b-4958-a7b7-39b24d06c88f%26ivc_creativeid%3Dpz46u3nc%26ivc_placementid%3Delh9o4z%26ivc_dealid%3DVID-RAQ-00160%26ivc_publisherid%3D872257%26ivc_site%3Dglamour.globo.com%26ivc_supplyvendor%3Dfreewheel%26ivc_campaignid%3D50ywu04%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D277d3fab-132b-4958-a7b7-39b24d06c88f%26ivc_ttdid%3Df392b494-04f1-4190-8b81-965c828ca97a%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26vrw%3D1%26ivfvva%3D1%26iv_geo_dma%3D602%26iv_geo_country%3DUS%26iv_geo_city%3DChicago%26iv_geo_state%3DIL%26iv_geo_zip%3D60185%26iv_geo_lat%3D41.8879%26iv_geo_lon%3D-88.1995
Domain
s.innovid.com
URL
https://s.innovid.com/1x1.gif?project_hash=1gtq8e&client_id=7615&video_id=938898&channel_id=2990453&publisher_id=1271&placement_tag_id=0&project_state=2&r=1661404447507&placement_hash=15s400&device_id=&action=init&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D277d3fab-132b-4958-a7b7-39b24d06c88f%26ivc_creativeid%3Dpz46u3nc%26ivc_placementid%3Delh9o4z%26ivc_dealid%3DVID-RAQ-00160%26ivc_publisherid%3D872257%26ivc_site%3Dglamour.globo.com%26ivc_supplyvendor%3Dfreewheel%26ivc_campaignid%3D50ywu04%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D277d3fab-132b-4958-a7b7-39b24d06c88f%26ivc_ttdid%3Df392b494-04f1-4190-8b81-965c828ca97a%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26vrw%3D1%26ivfvva%3D1%26iv_geo_dma%3D602%26iv_geo_country%3DUS%26iv_geo_city%3DChicago%26iv_geo_state%3DIL%26iv_geo_zip%3D60185%26iv_geo_lat%3D41.8879%26iv_geo_lon%3D-88.1995
Domain
js-sec.indexww.com
URL
https://js-sec.indexww.com/um/ixmatch.html
Domain
contextual.media.net
URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2410EL&prvid=77&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Domain
cdn.doubleverify.com
URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=21728770&cmp=DV485761&sid=Verve&plc=Verve-IQM_20210404001_VidJS&adsrv=0&advid=3891363&dvtagver=6.1.src&ppid=302&DVP_PP_IMP_ID=1989333300081602300&DVP_DV_TT=1&DVP_DV_CT=2&tagtype=video&DVP_C1=&DVP_C2=&DVP_PUB=430&DVP_SITE=1142899&DVP_CRT=919134&DVP_PP_BUNDLE_ID=&DVP_PP_AUCTION_IP=167.88.7.162&DVPX_PP_AUCTION_UA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F104.0.5112.101%20Safari%2F537.36&turl=http%3A%2F%2Fglamour.globo.com%2F
Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
s.pixsrvcs.com
URL
https://s.pixsrvcs.com/2/2.66.1/848488/AXiQ1TcABZT_G1a0/postback?oz_pl=1&pv=%7Bpredictionid%7D&to=1&de=2&md=2&dt=8484881567613756606000&di=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&si=5040465&pc=7585793&ci=848488&ui=fe54cc25c25d36983adbdcfa7f1e5df&sr=7169&pp=872257&ti=1661404446391027-173&_x=1
Domain
sb.scorecardresearch.com
URL
https://sb.scorecardresearch.com/p?C1=1&C2=23229166&C3=platform&C5=01&C7=http://glamour.globo.com/
Domain
sb.scorecardresearch.com
URL
https://sb.scorecardresearch.com/p?c1=2&c2=23229166&c3=platform&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1661404445&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&ns_ts=1661404445
Domain
s.pixsrvcs.com
URL
https://s.pixsrvcs.com/2/2.66.1/848488/AXiQ1TcABZT_G1a0/postback?pv=%7Bpredictionid%7D&to=1&de=2&md=2&dt=8484881567613756606000&di=https%3A%2F%2Fglamour.globo.com%2Flifestyle%2Fnoticia%2F2019%2F12%2Fmelhores-do-ano-os-memes-mais-engracados-de-2019.ghtml&si=5040465&pc=7585793&ci=848488&ui=fe54cc25c25d36983adbdcfa7f1e5df&sr=7169&pp=872257&ti=1661404446391027-173&sid=AXiQ1TcABZT_G1a0&oz_sc=0c0725eb03446afa620083ca&oz_df=1661404450363&oz_l=256&cv=3

Verdicts & Comments Add Verdict or Comment

488 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| cdaaas object| HorizonClient object| utag_data function| globalWebdeps object| glb object| settings string| tenantId string| mobileSearchPrefix object| AMP_CONFIG object| AMP_EXP object| AMP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| oidcSettings object| SETTINGS object| bstn boolean| BASTIAN_UBER_HEADLINE object| BASTIAN_INFO object| ScrollSpy object| globoPage object| regeneratorRuntime object| localStorageCache object| editoraGloboAuthenticationLib function| setImmediate function| clearImmediate object| WM function| comScore object| ns_p object| loadTimes function| convertRecAb function| Bastian object| horizonResources object| $jscomp function| __extends object| Horizon object| glb_realtime_map object| pvm function| $ function| jQuery function| HorizonSendEvent function| HorizonSchedulePageLoadEvent object| commentsEl boolean| utag_condload boolean| inQa boolean| isMultiContent boolean| isElectionPage boolean| isVotePage boolean| alreadyRolledOut boolean| isMultiContentRedeGlobo boolean| shouldAppendJs string| profilingJs number| nvgId boolean| nvgAsync object| nvg object| s object| adunit_produto object| produtos_novos object| ad_units object| pbjs object| scriptPreBid object| tag object| prebidData number| FAILSAFE_TIMEOUT number| FAILSAFE_TIMEOUT_LAZY object| headerBiddingSlotsCalled object| desktop_positions_list object| desktop_positions_list_homes undefined| mobile_positions_list object| mobile_positions_list_full object| mobile_positions_list_homes object| ad_positions_full object| tentativasBLL object| userStorage undefined| adunit_autoesporte undefined| url_limpa string| adunit undefined| adunit_umsoplaneta number| fLen string| text string| dtpub object| headerBiddingSlots object| utag function| getJs function| printarPublicidade function| callAdServer function| callPrebid function| whenAvailableCookie function| cadunUserData function| callAdserverLazy function| callPrebidLazy function| printarOutstream function| printarPublicidadesMateria function| printarPublicidadesScroll function| advertisingGlobalLoader function| advertisingGlobalRefresh boolean| __tealium_twc_switch function| Krux function| bannerLazyLoading string| ga_editoria string| ga_editorias_secundarias string| nomeProdutoPiano string| tipoConteudoPiano string| ambienteUtilizadoPiano boolean| conteudoExclusivo string| divId_ajustado object| _taboola object| GlobalIvcNamespace function| ivc object| _gaq object| jQuery18307562327937745024 string| glbid object| nvg13574 function| nvgGetSegment function| ltgc string| prmstr object| prmarr object| tmparr object| nvg_hosts object| naveggReady object| tv4 object| dmp object| cq object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| _comscore object| commonSignals function| commonTracker function| sendCommonHit function| JsonpService function| Util function| CacheService object| Cadun function| EventService object| GloboIDSDK object| _cdn object| Snowplow object| COMSCORE function| udm_ boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx undefined| _tb_vpmd boolean| _tb_vautop function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter function| GloboAB object| globoAB object| pbjsChunk object| _pbjsGlobals function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| _pmk function| TBWidgetFacebook function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| yi object| _pm_mcg number| taboola_view_id string| nam object| placementData boolean| _tb_vd_pg object| cmTag object| webpackJsonp boolean| hasPaywall object| tp object| PaywallAnalytics object| tinyCpnt object| dataLayer object| Piano object| responseVariables object| _cm_wfCounters object| _hjSettings function| hj object| gptadslots object| googletag function| _hasClass function| addClass string| GoogleAnalyticsObject function| ga string| gtagRename function| gtag object| SWG object| swgEntitlements function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _typeof boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion function| ___tp object| google_tag_data object| gaplugins object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| BlockAdBlock object| blockAdBlock object| ggeac object| google_js_reporting_queue object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal object| WP3 function| Zepto function| __onGCastApiAvailable object| WM_PLAYER_VIDEO_TAG_TEST_AUDIO object| WM_PLAYER_VIDEO_TAG_TEST_MUTE object| Clappr object| vttjs function| WebVTT object| PianoESPConfig object| cX object| regrasTiny string| _GALimite string| _GAContagem boolean| executouPageview object| glbBannersConsumer object| glbBannerBottomFixed string| nomeExperienciaBotao string| buttonValorImg string| buttonValorUrl object| gaData function| cxCCE_callQueueExecute object| cxTest undefined| google_measure_js_timing string| nvg_i number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| ima object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| google object| module$exports$ima$dai$api$StreamEvent object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id undefined| cXJsonpCBl78lazso77oan178 object| ox_esp function| __esp_getUID2Async object| __uid2 object| _seedtagq function| lotameIsCompatible function| sync16589_c function| sync16589_d undefined| sync16589_e undefined| sync16589_f undefined| sync16589_g function| sync16589_h object| sync16589_j function| sync16589_k function| sync16589_l object| sync16589_ object| sync16589_la function| sync16589_a function| sync16589_b function| sync16589_i function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_aa function| sync16589_q function| sync16589_r function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_ba function| sync16589_ca function| sync16589_v function| sync16589_da function| sync16589_w function| sync16589_x function| sync16589_y function| sync16589_ea function| sync16589_z function| sync16589_A function| sync16589_B function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_fa function| sync16589_J function| sync16589_K function| sync16589_ga function| sync16589_ha function| sync16589_L function| sync16589_M function| sync16589_ia function| sync16589_ja function| sync16589_ka function| sync16589_N function| sync16589_O function| sync16589_P function| sync16589_Q function| sync16589_R function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_X function| sync16589_Z function| sync16589_Y function| sync16589__ function| sync16589_0 function| sync16589_1 function| sync16589_2 function| sync16589_4 function| sync16589_5 function| sync16589_ma function| sync16589_3 function| sync16589_7 function| sync16589_6 function| sync16589_na function| sync16589_8 function| sync16589_oa function| sync16589_9 function| sync16589_pa function| sync16589_$ function| sync16589_qa object| lotame_sync_16589 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_127 object| Criteo object| Criteo_identitytag_127 function| fbq function| _fbq object| p object| webpackJsonp1661348335283 object| teadsscript function| requestAnimationFrame1 function| cancelAnimationFrame1 function| getVPAIDAd boolean| _seedtagLoaded object| _seedtag object| teads object| lkqd object| TTTagManager function| TTTagManagerError object| _ttq_tt_seedtag string| n object| cmds object| _tt_seedtag object| ttcNamespace object| tbopt object| GoogleGcLKhOms string| version string| _ttcNamespace string| _ttqNamespace function| TTConversionBase function| ttConversionBaseE object| _ttconversionHolder object| ttqNamespace function| TTBase function| ttBaseE object| _ttqHolder object| google_image_requests

374 Cookies

Domain/Path Name / Value
glamour.globo.com/lifestyle/noticia/2019/12 Name: _gada_ses.34ef
Value: *
glamour.globo.com/lifestyle/noticia/2019/12 Name: _gada_id.34ef
Value: 5dc02c34-7e08-4ed8-85ed-b68d1cb3a2ee.1661404434.1.1661404434.1661404434.9a093d9b-a255-4b1c-a4ff-5fa62cc68e39
glamour.globo.com/lifestyle/noticia/2019/12 Name: privAu
Value: 0
id.globo.com/auth/realms/globo.com/ Name: AUTH_SESSION_ID
Value: 0f34e788-7645-4b27-aeda-100f4c0bcd3d.mig-rhsso-prod-tds7
id.globo.com/auth/realms/globo.com/ Name: AUTH_SESSION_ID_LEGACY
Value: 0f34e788-7645-4b27-aeda-100f4c0bcd3d.mig-rhsso-prod-tds7
.taboola.com/editoraglobo-glamour/ Name: taboola_session_id
Value: v2_3ebb683cbadb525e5cf0062e32899e40_0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92_1661404434_1661404434_CLiG9CEQoP9JGLWhr5utMCABKAEw4QE4kaQOQLO5Dkif2tgDUO8FWABgAGiG-t_Hg6eW5IQBcAE
.mrtnsvr.com/sync Name: userId
Value: 7qjBOxjtp
.globo.com/ Name: glb_uid
Value: "zr4dkwbhg7_W38GnFX4gh4GOq83jyD03eXWhY52tdVE="
.scorecardresearch.com/ Name: UID
Value: 1D22fda99611c60317cad2d1661404433
.navdmp.com/ Name: nid
Value: 1146a7ae8451ff34a654a2927810|0|265
.globo.com/ Name: nav13574
Value: 1146a7ae846efec8802ccb4d5c10|2_238
glamour.globo.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.globo.com/ Name: pbjs_sharedId
Value: 485f07d1-d4d9-43f3-a6ad-a01c830c71cf
.krxd.net/ Name: _kuid_
Value: PCeFolNw
.globo.com/ Name: GLBEXP
Value: pvjbIrYg2PSIphGn+kDp3uLngYHjkQR0sE21AzDkd8U=
glamour.globo.com/ Name: _tb_sess_r
Value: http%3A//sandramaria.online.anamarialopez.site/
.globo.com/ Name: kppid
Value: 8162043013768284160
.globo.com/ Name: hsid
Value: 0fca0967-9c39-4fac-a6f3-92622f52c6d3
id.globo.com/ Name: GCLB
Value: "3f8a1f47530ec181"
.criteo.com/ Name: uid
Value: 8c70ec81-2319-4d1a-a663-78be1b2e2a11
.adnxs.com/ Name: uuid2
Value: 7412760816595641933
.demdex.net/ Name: demdex
Value: 73695970147860647833402558171235663564
.rubiconproject.com/ Name: khaos
Value: L78LAY60-1Y-88US
.dpm.demdex.net/ Name: dpm
Value: 73695970147860647833402558171235663564
.yahoo.com/ Name: A3
Value: d=AQABBBIFB2MCEEcoPVQedaVcE6yEboRfAD8FEgEBAQFWCGMQYwAAAAAA_eMAAA&S=AQAAAvP84yl4McgwTME1RKb1PgE
.doubleclick.net/ Name: IDE
Value: AHWqTUn6Id1kc_RGzBZsm67vPfCQ6WATcrXUWKzXa780wg2XNe5bYiiEPSs12BnpISA
.sitescout.com/ Name: ssi
Value: ac1d511e-fbb5-4e95-88e5-6c2164118e5c#1661404434670
.taboola.com/ Name: t_gid
Value: 0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92
glamour.globo.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005%22%7D
.globo.com/ Name: _pc_randomCookieForPiano
Value: cookieB
.globo.com/ Name: _pprv
Value: %7B%22consent%22%3A%7B%220%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%221%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%222%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%223%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%224%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%225%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%226%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%227%22%3A%7B%22mode%22%3A%22opt-in%22%7D%7D%7D
.adsrvr.org/ Name: TDID
Value: f392b494-04f1-4190-8b81-965c828ca97a
.globo.com/ Name: _pctx
Value: %7Bu%7DN4IgDghg5gpgagSxgdwJIBMQC4QBsDsAHLhAJ6kAeYAxgAzIDMUpALiADQgCuAzjAE49sAOy65cnXgIDKLCC17YQEYQHthHEDwQsYGJQBZ8AVgBsARmP4ATBfynC16%2BYOmAnCAC%2BQA
.globo.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22l78layyx74zpmnnn%22%7D
.tremorhub.com/ Name: tv_UISTB
Value: <taboolaUserId>
.tremorhub.com/ Name: tvssa
Value: 1661404435616
.tremorhub.com/ Name: tvid
Value: 3f972114ac3847b7be822442042c77eb
.globo.com/ Name: utag_main
Value: v_id:0182d36bccc5001767b92f18422803074006a06c00b08$_sn:1$_ss:0$_st:1661406235638$ses_id:1661404433606%3Bexp-session$_pn:1%3Bexp-session
.spotxchange.com/ Name: audience
Value: b7a4120e-2434-11ed-a1bf-1184b4c80503
.globo.com/ Name: _ga_WE4K4RF1F3
Value: GS1.1.1661404435.1.0.1661404435.0.0.0
.piano.io/ Name: __cf_bm
Value: 6SXNdckjZsLdk5zgeRlwinMq_TFjYFYc9qSOK1bDN4c-1661404435-0-AcPxoxTXCCCi65JbmdXTQzZ91aozVsROXv4dP9DozvFwDGY0X+FGWPF7jBBcTJ/hQWYqdgJ/xCmkyhJcMnhcdhA=
.globo.com/ Name: __tbc
Value: %7Bkpex%7DTlwaTGtUwC3VREsZpImPkMfPbbuwTpYBN6vagxqE9-847ORi9OmpYL4tM2zPp7-Z
.globo.com/ Name: cX_P
Value: l78layyx74zpmnnn
.globo.com/ Name: __pat
Value: -10800000
.globo.com/ Name: __pvi
Value: %7B%22id%22%3A%22v-l78layz5ylyhostp%22%2C%22domain%22%3A%22.globo.com%22%2C%22time%22%3A1661404435873%7D
.globo.com/ Name: xbc
Value: %7Bkpex%7DmP0Gp8zI2D4j5iCwEGr2XPZlppFkJX8xjWkU7AOmMtYDqufitD9X9VkQZRGb6LwF5IHSG_4wTrdM49JSamY89AJtoCYgB3yJz2oPZYbpNZU7Wu7Dc4-E8-41iCX3quAUg7F47KbZZkI--FVQ1pfxTVc6Zfz3VrueAfKGKcuHMJIO9zVhXso-h33KTdtdxSRtSKAa0x5cOqgpGNQ2T28-XeAyPyuqFkpMiMWmEoORLn8mIOzPgqUVK0HdQad0plR7Oe9bQYw1hMAbGFxqBNpJDgBmDBuc0z2YbhAXhR3VnQ-ICD-BAf6vRR2edtTlDuW0OtZjo--bNBimCTAa-34tV0DnQhGunWwO2V9mrNg_2GO6as3m0LTUf12bzJT1m4NyRQKHvW57QkaHXcsl_CNoskm4K9N8-RM8oGk_MbO23KPdSc8DhnJ3l9ZuQBCavelkOr1NiDkPfWx8kewebxxDH7Lz-A3OJEpMllJkIsNdZk4
.globo.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.globo.com/ Name: _ga
Value: GA1.2.1455757629.1661404436
.globo.com/ Name: _gid
Value: GA1.2.1987327054.1661404436
.globo.com/ Name: _gat_ga_glamour
Value: 1
glamour.globo.com/ Name: __adblocker
Value: false
.globo.com/ Name: _hjSessionUser_2732676
Value: eyJpZCI6ImQwNDQ4NDE3LTRkMTEtNWY0YS1iMzc5LTJiZTkxMDFmMDBhOSIsImNyZWF0ZWQiOjE2NjE0MDQ0MzYwNDUsImV4aXN0aW5nIjpmYWxzZX0=
.globo.com/ Name: _hjFirstSeen
Value: 1
glamour.globo.com/ Name: _hjIncludedInSessionSample
Value: 0
.globo.com/ Name: _hjSession_2732676
Value: eyJpZCI6IjgzZjE1NzA5LTU3NWItNDQzYy1iYzFlLTk4ZDU4YWZmOTJmMSIsImNyZWF0ZWQiOjE2NjE0MDQ0MzYxOTIsImluU2FtcGxlIjpmYWxzZX0=
.globo.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.globo.com/ Name: cX_S
Value: l78lazglc87wzg79
.cxense.com/ Name: gckp
Value: 7xygm6bp36ndmtwgd8hng9ks
.globo.com/ Name: cX_G
Value: cx%3A1uz8tplz1ggg2gn0l1bi1nth2%3A39o47ugrswdho
.openx.net/ Name: i
Value: 51953fca-dbc8-4bf1-89e4-af32181021ed|1661404436
.globo.com/ Name: __gads
Value: ID=30e736b72b0b0c66:T=1661404436:S=ALNI_MaoCUdUbaCtpccQN07eTXRHlmnhJQ
.globo.com/ Name: __gpi
Value: UID=00000793bc6ce933:T=1661404436:RT=1661404436:S=ALNI_MYbg5l38fELvCgU8LxQ4747Wc03gw
.globo.com/ Name: lotame_domain_check
Value: globo.com
.lijit.com/ Name: ljt_reader
Value: FNAZaQZHODOZrd-dQ5WMojSM
.pubmatic.com/ Name: KRTBCOOKIE_1235
Value: 23226-0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92:$UID
.contextweb.com/ Name: V
Value: Q6k5Ho6QyMMh
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: b5d33276fafbeb80
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: d6209c4c7aab699785eb5fd9e4013074
.globo.com/ Name: _cc_id
Value: d6209c4c7aab699785eb5fd9e4013074
.smartadserver.com/ Name: pid
Value: 1526083351859992907
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.globo.com/ Name: panoramaId_expiry
Value: 1661490837268
.bidswitch.net/ Name: tuuid
Value: ce95d937-04dc-4d9f-a5f7-40c522420de0
.bidswitch.net/ Name: c
Value: 1661404437
.bidswitch.net/ Name: tuuid_lu
Value: 1661404437
.mfadsrvr.com/ Name: tuuid
Value: ac760d52-1f1a-400d-96a6-ce79bebf6dfd
.mfadsrvr.com/ Name: c
Value: 1661404437
.mfadsrvr.com/ Name: tuuid_lu
Value: 1661404437
.openx.net/ Name: pd
Value: v2|1661404437|vMgakWgyiK
.omnitagjs.com/ Name: ayl_visitor
Value: 5070ff59403a910c44a27bea31752fcb
.3lift.com/ Name: tluid
Value: 2850636057255575426400
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-0d2b4646-3d15-49a0-4f06-5fd873817560.1Ktx3DapIqBexzpAqKPc1XaSpRlmk8WGIfCY9awTx18
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ADStGRj0VSaBPBl_Yc4F1YKdYB6I.rvORAZERVl3nzueLBdzsHd%2FvQXSV71LrExorxydLwgM
.globo.com/ Name: _pubcid
Value: adb2cfbd-24d8-4438-86a0-a35d6de93305
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YwcFFQACNb5MfABN
.openx.net/ Name: univ_id
Value: 537072971|f392b494-04f1-4190-8b81-965c828ca97a|1661404437676838
.mookie1.com/ Name: id
Value: 10602036474860944696
.mookie1.com/ Name: mdata
Value: 1|10602036474860944696|1661404437709
.mookie1.com/ Name: ov
Value: 3a049bd8842665bf27c65492f721e01f
.lijit.com/ Name: ljtrtb
Value: eJwFwckNgEAIAMBe%2BJNwBrQbWLSC9WXs3ZkXTOAEuoQ1uLFiJdrdgZXsqBpOM941hvtZu4iyDoHvB6ETDzs%3D
.adx.opera.com/ Name: UID
Value: a429fed715ba4a0f91ad3a054cc22465
.teads.tv/ Name: tt_viewer
Value: 68c09383-5e89-4719-b475-c0c924b13cf4
ads.stickyadstv.com/ Name: UID
Value: fe54cc25c25d36983adbdcfa7f1e5df
ads.stickyadstv.com/ Name: sessionId
Value: bb642685e5c0db6294e46e36c84d4398
.tapad.com/ Name: TapAd_TS
Value: 1661404437893
.tapad.com/ Name: TapAd_DID
Value: 35311a1f-8b8c-4ce6-925a-329ee2037a4d
.admixer.net/ Name: am-uid
Value: b2babc02caac49d6a21d1daadc38396f
.seedtag.com/ Name: st_uid
Value: e479ec4b-6b05-4d78-9801-a3eeda9e10f4
.seedtag.com/ Name: st_ssp
Value: Y291bnRyeV9uYW1lPVVuaXRlZCBTdGF0ZXMmY291bnRyeV9pc28yPVVTJmNvdW50cnlfaXNvMz1VU0EmcmVnaW9uX25hbWU9SWxsaW5vaXMmcmVnaW9uX2lzbzI9SUwmY2l0eV9uYW1lPUNoaWNhZ28mbG9uZ2l0dWRlPS04OC4xOTk1JmxhdGl0dWRlPTQxLjg4NzkmbWV0cm89NjAyJnppcD02MDE4NQ==
s.seedtag.com/ Name: gv
Value: -
.lkqd.net/ Name: lkqdidts
Value: 1661404438
.lkqd.net/ Name: sr103
Value: 1||1661404438
.lkqd.net/ Name: lkqdid
Value: sTNI9fkRROA
glamour.globo.com/ Name: cto_bidid
Value: qqPWFV9CTGwlMkZFenpmSlpOS1RhbEpUU1hOOWJHNVFhTHp6bnZBb3Q3cXQyRWhKejdCQml3OVl5ZmtkMElhbU9VenZ1M1hTbHlram1WNXVVNGZJWXVGdEJGdHp2JTJCdVN4cEdVSVowTTlBTnRTYk5OSnclM0Q
glamour.globo.com/ Name: cto_bundle
Value: p9u1Zl9YdEJ3SHgyeWJiY0hxSTV3N0xNSDBvdkdmdUJleExQNFpGTWNVOEZPQjlDZldrYXJWcXdHZldheSUyQlNOV3J5ajg0V1NlZWNPa0kzTElXTlFSYmpSN09JNDcyNmdMcDYybW1mcXFiRkkyd1Axb3NFT1BjbHNSc0U4a2dJd28xQWlteHMlMkYyTmNGWlMzVzNnJTJGY0U1V1dvcGclM0QlM0Q
.lkqd.net/ Name: sr93
Value: 1|DStGRj0VSaBPBl_Yc4F1YKdYB6I|1661404438
.mookie1.com/ Name: syncdata_TAP
Value: 1
.adhaven.com/ Name: uid
Value: 4c_5d3bfd0b-5cc9-4162-b30d-c3160311b330
.turn.com/ Name: uid
Value: 4133760157365559211
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjSzMDAzsjA2NLewMDY3MzA1EuIz1A0ODDO3MK2scjWuKgEAnDQ40SQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjSzMDAzsjA2NLewMDY3MzA1EuIz1A0ODDO3MK2scjWuKgEAnDQ40SQAAAA
.vidoomy.com/ Name: vidoomy-uids
Value: eyJ1aWRzIjp7IllBSCI6eyJ1aWQiOiJ5LVQ0Z3ViRXhFMnVIbDExeUpxaUEwRUlxYnY4TmxfRUw2bUN1X0ZGay1-QSIsImV4cGlyZXMiOjE2NjM5OTY0Mzh9fX0=
.33across.com/ Name: 33x_ps
Value: u%3D211953387054738%3As1%3D1661404438347%3Ats%3D1661404438347
.csync.loopme.me/ Name: viewer_token
Value: 49a415b1-b09f-4e1b-9d32-f3f5e3270315
.agkn.com/ Name: ab
Value: 0001%3A0qBCh%2BullUf%2BANGvtn%2BzM3NpWRVkd8cv
.krushmedia.com/ Name: krm_usr
Value: 22e6ac08-c7ee-4333-a411-38f9eccaa61c
.krushmedia.com/ Name: krm_r
Value: 57
.casalemedia.com/ Name: CMID
Value: YwcFFiEqvqgxgytikig15QAA
.casalemedia.com/ Name: CMPS
Value: 468
.casalemedia.com/ Name: CMPRO
Value: 468
.360yield.com/ Name: tuuid
Value: 7a6a2a8e-bcf4-4ed3-9df8-974d3b475beb
.360yield.com/ Name: tuuid_lu
Value: 1661404438
.mathtag.com/ Name: uuid
Value: b9936307-0516-4500-b3ae-7b63940e6617
.tynt.com/ Name: uid
Value: 8hgt7mMHBRYD10muDZ7G1A==
.lkqd.net/ Name: sr90
Value: 1|4c_5d3bfd0b-5cc9-4162-b30d-c3160311b330|1661404438
.lkqd.net/ Name: sr94
Value: 1|4133760157365559211|1661404438
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1661404438471%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1661404438471%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1661404438471%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1661404438471%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1661404438471%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1661404438471%7D%5D
.mookie1.com/ Name: syncdata_IOW
Value: 1
.mookie1.com/ Name: syncdata_NEU
Value: 1
.lkqd.net/ Name: sr54
Value: 1|49a415b1-b09f-4e1b-9d32-f3f5e3270315|1661404438
.lkqd.net/ Name: sr102
Value: 1|22e6ac08-c7ee-4333-a411-38f9eccaa61c|1661404438
.globo.com/ Name: _fbp
Value: fb.1.1661404438529.404171807
.lkqd.net/ Name: sr6
Value: 1||1661404438
.lkqd.net/ Name: sr25
Value: 1||1661404438
.lkqd.net/ Name: sr45
Value: 1||1661404438
.lkqd.net/ Name: sr55
Value: 1||1661404438
.lkqd.net/ Name: sr86
Value: 1||1661404438
.lkqd.net/ Name: sr97
Value: 1||1661404438
.zemanta.com/ Name: zuid
Value: 4BFK5PS6DwFZltdDeQ6H
.amazon-adsystem.com/ Name: ad-id
Value: A7Z-qomvlEXBld754hCshLs
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.facebook.com/ Name: fr
Value: 020BxsS7XkumoHJEE..BjBwUW...1.0.BjBwUW.
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4
.richaudience.com/ Name: pdid
Value: 05f21773-f47a-411e-9835-1zz1661404438
.quantserve.com/ Name: mc
Value: 63070516-b779a-0b428-ab479
.adform.net/ Name: C
Value: 1
.adotmob.com/ Name: uid
Value: 080e220407f59d2375b542c5
.adotmob.com/ Name: uuid
Value: 080e220407f59d2375b542c5
.adotmob.com/ Name: partners
Value: AYL%3A1661404438829
.richaudience.com/ Name: cmpsync
Value: 1
.sabio.us/ Name: sbid
Value: 3186156469227133224
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd984cS0Cb2DtjNhbesFSQgw8lNcUWD4yHDcG6BNbG11Yq22t1JBw-hWJYXyCcqsrMC4Q2
.lkqd.net/ Name: sr52
Value: 1|YwcFFQACNb5MfABN|1661404438
.lkqd.net/ Name: sr53
Value: 1|Q6k5Ho6QyMMh|1661404438
.lkqd.net/ Name: sr22
Value: 1|f392b494-04f1-4190-8b81-965c828ca97a|1661404438
ads.stickyadstv.com/ Name: pxId
Value: 7169
.lkqd.net/ Name: sr59
Value: 1|CAESEI9GgYVgUKMu2vY45oqh87k|1661404438
.e-volution.ai/ Name: v_usr
Value: 13726d7f-6977-4550-a7db-0cdae1a573f6
.creativecdn.com/ Name: u
Value: v9oQfujxQcoR0TJPtVBy
.creativecdn.com/ Name: ts
Value: 1661404438
.bidr.io/ Name: bito
Value: AAD9KU7GDgoAABMQ-KCgjw
.bidr.io/ Name: bitoIsSecure
Value: ok
.lkqd.net/ Name: sr76
Value: 1|m2LBm51kwJqAM8ablDDcnM9lw5SAMJOYmmg8JMNc|1661404438
.adform.net/ Name: uid
Value: 2938986838554184882
.vindicosuite.com/ Name: cug
Value: bTkgXnNsK9-KiD
.vindicosuite.com/ Name: ct
Value: 1661404438
.lkqd.net/ Name: sr39
Value: 1|3186156469227133224|1661404438
.lkqd.net/ Name: sr13
Value: 1|49a415b1-b09f-4e1b-9d32-f3f5e3270315|1661404438
.rlcdn.com/ Name: pxrc
Value: CJeKnJgGEgUI6EcQAA==
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YwcFFQACNb5MfABN&KRTB&22978-YwcFFQACNb5MfABN&KRTB&23194-YwcFFQACNb5MfABN&KRTB&23209-YwcFFQACNb5MfABN
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-DStGRj0VSaBPBl_Yc4F1YKdYB6I
.smaato.net/ Name: SCM
Value: b4a6277b
.tidaltv.com/ Name: tidal_ttid
Value: 836fed23-7215-42d7-a9cd-46dcadc71f24
.lkqd.net/ Name: sr80
Value: 1|AAD9KU7GDgoAABMQ-KCgjw|1661404439
.simpli.fi/ Name: suid
Value: 3E9CCFB3269E467B9622CCC5F9172B9A
.adgrx.com/ Name: ADGRX_UID
Value: b9bcf920-2434-11ed-9deb-2ee29163ff26
.acuityplatform.com/ Name: auid
Value: 688269761907
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBQTRtPhOQmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUE0bT4TkI90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.aniview.com/ Name: aniC
Value: 57064f8d-a433-4deb-abfa-d29f4601b0af
sync.aniview.com/ Name: aniC
Value: 57064f8d-a433-4deb-abfa-d29f4601b0af
.deepintent.com/ Name: CDIUSER
Value: di_aabd891a9a2b4d83a138e
.mxptint.net/ Name: mxpim
Value: R1B342_F5267841_E6DDDAF5.1.000000000000000063070517
.tribalfusion.com/ Name: ANON_ID
Value: ains6Et3er76AxvPABpPqadnrRTc5fdEmSikaLXywOOZbXbR0TGeseNsu1hHUtgcrRZcuZbZbMyqABZcEZbPWMZaE6J
.owneriq.net/ Name: si
Value: Q7146908391105684336P
.owneriq.net/ Name: pmc
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:b9936307-0516-4500-b3ae-7b63940e6617&KRTB&16736-uid:b9936307-0516-4500-b3ae-7b63940e6617&KRTB&23019-uid:b9936307-0516-4500-b3ae-7b63940e6617&KRTB&23208-uid:b9936307-0516-4500-b3ae-7b63940e6617
.w55c.net/ Name: wfivefivec
Value: iEZ61Qhz1Or5bN5
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.ipredictive.com/ Name: cu
Value: 4c12d306-7bd7-45ec-a97a-8304a6a92f40|1661404439195
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-688269761907
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-2938986838554184882&KRTB&23263-2938986838554184882
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-f392b494-04f1-4190-8b81-965c828ca97a&KRTB&22918-f392b494-04f1-4190-8b81-965c828ca97a&KRTB&23031-f392b494-04f1-4190-8b81-965c828ca97a
.smaato.net/ Name: SCMaps
Value: b4a6277b
.id5-sync.com/ Name: id5
Value: c5b6f160-6c9b-4cef-8149-8b96aca1db9d#1661404437370#4
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4133760157365559211&KRTB&23150-4133760157365559211
.pippio.com/ Name: did
Value: 6f1hTk3sV2OUo7zu
.pippio.com/ Name: didts
Value: 1661404439
.pippio.com/ Name: nnls
Value:
.mfadsrvr.com/ Name: bsw_uid
Value: ce95d937-04dc-4d9f-a5f7-40c522420de0
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-dc4f063f-f7b8-45c6-a293-d1cc572e3038&KRTB&23340-dc4f063f-f7b8-45c6-a293-d1cc572e3038
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-b9bcf920-2434-11ed-9deb-2ee29163ff26&KRTB&23275-b9bcf920-2434-11ed-9deb-2ee29163ff26
pool.admedo.com/ Name: tuuid
Value: f968a81c-24b9-43f6-bccc-4d204b63a3c4
pool.admedo.com/ Name: c
Value: 1661404439
pool.admedo.com/ Name: tuuid_lu
Value: 1661404439
.smaato.net/ Name: SCMv
Value: b4a6277b
.technoratimedia.com/ Name: tads_uid
Value: 34D0F340BBB6452EA27D42C1AC0AC8BC
.technoratimedia.com/ Name: tads_uid_cd
Value: 20220825011359-0400
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: tads_uidp_73
Value: AAD9KU7GDgoAABMQ-KCgjw
.lkqd.net/ Name: sr7
Value: 1|RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005|1661404439
.globo.com/ Name: __qca
Value: P0-1780876739-1661404438907
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R1B342_F5267841_E6DDDAF5&KRTB&23092-R1B342_F5267841_E6DDDAF5
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7412760816595641933&KRTB&23339-7412760816595641933
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-aLjWWm6-11tz6dFaZ-rLXTy_1FVz6oRZabKDRwhB&KRTB&19420-aLjWWm6-11tz6dFaZ-rLXTy_1FVz6oRZabKDRwhB&KRTB&22979-aLjWWm6-11tz6dFaZ-rLXTy_1FVz6oRZabKDRwhB&KRTB&23403-aLjWWm6-11tz6dFaZ-rLXTy_1FVz6oRZabKDRwhB
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-ac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:3E9CCFB3269E467B9622CCC5F9172B9A
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESENLEqg5jVyahLHe9rFjerEc&KRTB&16514-CAESENLEqg5jVyahLHe9rFjerEc&KRTB&23025-CAESENLEqg5jVyahLHe9rFjerEc&KRTB&23386-CAESENLEqg5jVyahLHe9rFjerEc
.lkqd.net/ Name: sr85
Value: 1|18072662273532428326|1661404439
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:iEZ61Qhz1Or5bN5
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 0d749414-1602-47ab-9a57-366ee9ff7807
beacon.lynx.cognitivlabs.com/ Name: ss
Value: VtAv9ArUjD1EIP%2FJDGQeTDTk7pJNveZUZCd4MO40XFkwrrRSho%2FeIAYwrrKB7pUyA8vZiS%2BANHFwPQk9a1vGhQ%3D%3D
.richaudience.com/ Name: avcid-sma-uid
Value: 1526083351859992907
.casalemedia.com/ Name: CMRUM3
Value: 2d6307051705a0&e6630705172760&0b6307051705a0&ce6307051705a0&286307051705a0&116307051705a0&27630705170b40&f16307051705a0
.casalemedia.com/ Name: CMST
Value: YwcFF2MHBRcA
.pubmatic.com/ Name: KRTBCOOKIE_286
Value: 5193-Q7146908391105684336&KRTB&22521-Q7146908391105684336
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-4c12d306-7bd7-45ec-a97a-8304a6a92f40&KRTB&23011-4c12d306-7bd7-45ec-a97a-8304a6a92f40&KRTB&23355-4c12d306-7bd7-45ec-a97a-8304a6a92f40
.richaudience.com/ Name: avcid-apn-uid
Value: 7412760816595641933
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&19888082-e9cc-4ab6-84f9-76d4f32355e5"
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2689:u=1:x=1:i=1661404439:t=1661490839:v=2:sig=AQHNXPJ-QU830X24a52VOXsq3NuDCQKC"
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAD9KU7GDgoAABMQ-KCgjw
.postrelease.com/ Name: visitor
Value: 9adff691-ed5d-479d-b514-d1110f5a2550
.postrelease.com/ Name: status
Value: 1
.sharethrough.com/ Name: stx_user_id
Value: 377b48f0-670c-49fd-a073-96b607aa17f0
.onetag-sys.com/ Name: OTP
Value: 1eo9jUQpnoIYoddd-cZ0_X0-nCVCo1LHUx8KEgShFdY
.seedtag.com/ Name: st_cs
Value: dfSi5xh38ARY9gKM3YXJNf4bByYkqeLmOxg3jHAQJEeyxDyasYYqhZPcmPkV/W+5YAMy/eDD/Gm4eh3KduDu1vl+LDsGnP2Ha0Fmx+unRkWq3OqVONheB6VV9iz2y14qPAbucu7apzPDTgxDf0wyTu5fMNqDB+EJUFNl7RLpfOjI3i5re9IPOSBNi52qo2cb5Tq9bP4Xw35KMAgZu4TCuL15FdT/hS4YbHtI3nspDyndxoxML0lfD+DTG1edyfCXGtsEgJNc9pBIEjhYURlUuUv9NM8zoGNcsEPEaRK2ZnnuJyYp3QAjXtcWaPCG8ZecxBGlukCuJx2WTar3mNjtuw+YtJCG57oMC5QEB1ERWcj5UvOnmpvwkWN/rvgMuZlCwCXTznw1DFQSFQZu4nLYxhPzn4F3KXLaEzfWflGJZOsofMzNBWqYpwpslnDg+9GegImC155bqCjFW2VQTxo8PE91e7F5WaDmxDJzgnUfgcz/I2X3Y8k9oE9IQ0fxhW25Sp1ujHCrljeX4bGTmJ5Wl01QScXejjg4Jka//clRtNwEbVHxtFtSAP0OoE+cPLCfMpDrUAMDNu+IpQ3JnLWGXjQStGHNOqdsUWT/57cXmIA=
.seedtag.com/ Name: st_csd
Value: 1661404439442:1661404439442
.gumgum.com/ Name: vst
Value: u_5349e29e-e573-463a-8042-728d103ee39b
.lkqd.net/ Name: sr109
Value: 1|b4a6277b|1661404439
.lkqd.net/ Name: sr23
Value: 1|836fed23-7215-42d7-a9cd-46dcadc71f24|1661404439
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAEzq8HA9WfNwNAS1JfAAAAAAA&KRTB&22713-AAAEzq8HA9WfNwNAS1JfAAAAAAA&KRTB&22715-AAAEzq8HA9WfNwNAS1JfAAAAAAA
.spotim.market/ Name: vmuid
Value: 26228ea582814d32
.spotim.market/ Name: a488792
Value: y-T4gubExE2uHl11yJqiA0EIqbv8Nl_EL6mCu_FFk-~A
.spotim.market/ Name: a271858
Value: 7412760816595641933
.spotim.market/ Name: a309017
Value: ${USER_ID}
.aniview.com/ Name: 2_C_55
Value: 7412760816595641933
sync.aniview.com/ Name: 2_C_55
Value: 7412760816595641933
.aniview.com/ Name: 2_C_2
Value: b7a4120e-2434-11ed-a1bf-1184b4c80503
sync.aniview.com/ Name: 2_C_2
Value: b7a4120e-2434-11ed-a1bf-1184b4c80503
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-ce95d937-04dc-4d9f-a5f7-40c522420de0
.spotim.market/ Name: a482928
Value: bbe78f5c-cbd0-47ef-b8be-a7cffd6cd09d
.smartadserver.com/ Name: csync
Value: 76:CAESEHtnxbRFVyOM6Nn2N7ZkwhA|86:7412760816595641933|107:0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92|135:TAM_OK
.pippio.com/ Name: pxrc
Value: CJeKnJgGEgQIAhAAEgYI3awrEAA=
.analytics.yahoo.com/ Name: IDSYNC
Value: "1982~26s5:192z~26s5:190u~26s5:18z8~26s5:196m~26s5:175w~26s5"
.aniview.com/ Name: 2_C_72
Value: ac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553
sync.aniview.com/ Name: 2_C_72
Value: ac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553
.spotim.market/ Name: a708476
Value: RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005
.spotim.market/ Name: a558187
Value: 6mON_wj9cjVVAHwHbQc8chvp3hRGSuH1Uhy8wk7geOI
.dotomi.com/ Name: DotomiTest
Value: 367b5a0bc1350c8f
.w55c.net/ Name: matchgoogle
Value: 5
.eqads.com/ Name: EQUser
Value: UID=8f017596-d5fb-4ecf-818b-c1ced2c63d0e
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%22142%22%3A%2220220825%22%7D
.emxdgt.com/ Name: uid
Value: 54361661404439995180b7
.lkqd.net/ Name: sr12
Value: 1|ce95d937-04dc-4d9f-a5f7-40c522420de0|1661404439
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1fq0|2N.0.AAAEzq8HA9WfRQNXsbifAAAAAAA|4is.0.CAESELlVgrr-X_DkIcRpsEM6dd0|7bq.0.1|5Ql.0.0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92
ads.stickyadstv.com/ Name: uid-bp-30833
Value: 1
.owneriq.net/ Name: p2
Value: gguuid
.owneriq.net/ Name: gguuid
Value: 1
.outbrain.com/ Name: obuid
Value: 7046f4eb-3b11-4e7f-99a5-6258d41f6aa6
.fwmrm.net/ Name: _uid
Value: "eb2a1_7135677735229362965"
.lkqd.net/ Name: sr43
Value: 1|ce95d937-04dc-4d9f-a5f7-40c522420de0|1661404440
.sportradarserving.com/ Name: zuuid
Value: d666fe2e-869f-4d4b-87b8-12e8f1df79be
.sportradarserving.com/ Name: c
Value: 1661404440
.sportradarserving.com/ Name: zuuid_lu
Value: 1661404440
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GTvg+Uts!]taa8i_iqf!oN/@E'zz<*Z2$N:*$u_`hLesH`t@ToMMvDTfhvS%N:9C$xZc<QG=%9sk@3@'s>T)8<4'
.ladsp.com/ Name: cr
Value: 1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7c4996e8-b3c4-49d8-8119-65a3c89fecf6-005%22%7D
.emxdgt.com/ Name: apn_id
Value: 7412760816595641933
.spotxchange.com/ Name: sl
Value: eyJnIjpmYWxzZSwicyI6IjI0OTI4NiIsInNwIjo3LCJpIjp0cnVlLCJscCI6NjY1MywiZ2NzIjoiIiwicGwiOltdLCJzaWQiOiJiOTNiOWE4MS0yNDM0LTExZWQtOGM1Yi0xMWVhYjIyYjAzMDMiLCJzb2wiOjcsInNsIjowfQ==
.smartadserver.com/ Name: Trk0
Value: Value=1383108&Creation=25%2f08%2f2022+05%3a14%3a00
.socdm.com/ Name: SOC
Value: YwcFGMCo8XoAAPz4KwsAAAAA
.lkqd.net/ Name: sr46
Value: 1|ce95d937-04dc-4d9f-a5f7-40c522420de0|1661404440
ads.stickyadstv.com/ Name: uid-bp-36033
Value: eb2a1_7135677735229362965
ads.stickyadstv.com/ Name: MRM_UID
Value: eb2a1_7135677735229362965
.adrta.com/ Name: __aavi
Value: 1690743683345693367
.adrta.com/ Name: __aavt
Value: 1661404440456
.adrta.com/ Name: __aasi
Value: 10106362776995446703
.adrta.com/ Name: __aast
Value: 1661404440456
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1661404440
.rubiconproject.com/ Name: audit
Value: 1|J92RfcZg83ZjhglXkdhvAXMW+JCyzWzJdETHUhd4UASEop7TpkX1L6TDhKGCHsVDSxtOSBWxKFJBK03vAHceEPr3WPd2E0YenpU6Ba30WRJdnSoRwMVlFZE7jmj16+GK+fGjVWLbzJSjN0JEdN7yIw==
.quantserve.com/ Name: d
Value: EAwBFQH4JoEO-TCqqJMA
.ladsp.com/ Name: smn_uid
Value: hGsZU4TDo4fO-w90WpE23A7Hf7SQmiQ
.ladsp.com/ Name: lum
Value: CM7Pr5utMBIFCAEQqAE
.casalemedia.com/ Name: CMTS
Value: 032
.mfadsrvr.com/ Name: ssh
Value: !google,1661404440!bidswitch,1661404439!taboola,1661404437
.connextra.com/ Name: CxtId
Value: 4720632d-db32-44a7-8165-b5eda4528dbd
.connextra.com/ Name: WynnBet
Value: A%7Cpostimpression%7C1%7C202208250614%7C7%7CDDM_APN_SB_US_IN_Display_Impression_Pixel_1x1%7CDDM_SB_US_IN_Display_Impression_Pixel_1x1%7C%7C%7CwR2Cd68vTBOHZZSDKSRg1Q
ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEG0Wq4BRZBhjS2gABp9kSa0
.aniview.com/ Name: 2_C_5
Value: L78LAY60-1Y-88US
sync.aniview.com/ Name: 2_C_5
Value: L78LAY60-1Y-88US
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwj-rpbi1JiDOxAFEhQKBXRhcGFkEgsIuuLt59SYgzsQBRIVCgZjYXNhbGUSCwjAnbLo1JiDOxAFEhsKDHNoYXJldGhyb3VnaBILCPb-ievUmIM7EAUYASABKAIyCwjC-r-f65iDOxAFOAFaCXN0aWNreWFkc2AC
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY2MTQwNDQzOTA1NSwiMzQiOjE2NjE0MDQ0NDA3NTIsIjIiOjE2NjE0MDQ0NDA3NTIsIjMiOjE2NjE0MDQ0Mzk1ODksIjM5IjoxNjYxNDA0NDM4NzM2LCIxNyI6MTY2MTQwNDQ0MDc1MiwiNiI6MTY2MTQwNDQ0MDc1MiwiNyI6MTY2MTQwNDQzODczNiwiMjkiOjE2NjE0MDQ0NDAyMDksIjgiOjE2NjE0MDQ0NDA3NTIsIjc0IjoxNjYxNDA0NDM5NTg5LCI3NSI6MTY2MTQwNDQzODczNn0
.go.sonobi.com/ Name: __uis
Value: fe9dd889-665a-426c-864c-a01eef9241c6
.go.sonobi.com/ Name: HAPLB8S
Value: s8530|YwcFD
.rlcdn.com/ Name: rlas3
Value: XGQGLLnkGSEMt53jn1RxYzZiXXOcdmJT19UNZAeIuT0=
.tidaltv.com/ Name: sync-his
Value: H4sIAAAAAAAAADM0NjIysDI0tNA1NABic2MgbalraGQOAKef6cUZAAAA
ads.stickyadstv.com/ Name: uid-bp-892
Value: f392b494-04f1-4190-8b81-965c828ca97a
.dyntrk.com/ Name: dyn_u
Value: 05030002_63070518da3cd
.id5-sync.com/ Name: 3pi
Value: 464#1661404437507#558304800|2#1661404437844#602762765#7412760816595641933|434#1661404440892#-2108710946|3#1661404438568#1084938677#b9936307-0516-4500-b3ae-7b63940e6617|264#1661404438880#163968967#f392b494-04f1-4190-8b81-965c828ca97a|155#1661404439255#346970712#AAD9KU7GDgoAABMQ-KCgjw|796#1661404439723#2124013248|429#1661404440454#541688926
.id5-sync.com/ Name: callback
Value:
ads.stickyadstv.com/ Name: uid-bp-717
Value: y-ItZDHJdE2oOnPKGc.qGRG.LCS3ggetcoEc1ftiqu~A
.addthis.com/ Name: ouid
Value: 6307051900016308d8af95deb75f6b0f5f5ca4a44c7590ba4ab3
.addthis.com/ Name: um
Value: 2KN.'ac1d511e-fbb5-4e95-88e5-6c2164118e5c-63070512-5553'
.addthis.com/ Name: uid
Value: 630705198c8d72e2
.fiftyt.com/ Name: fifid
Value: fa8a1ec6-5c6b-45d4-425a-77cb572b3e4d
.fiftyt.com/ Name: cs
Value: MTY2MTQwNDQ0MXxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fHwoCr1UaRIY24q0dg_RRObRZ4zHMeDulcxdTmloLuV_
ads.playground.xyz/ Name: connect.sid
Value: s%3ABMIVel4YyhvFZ1RnY7719NMwK95aeKEV.Wz3M5Kyq16c2Q9BKzEbmsdf8sOqBmeKinIfDga2SNy4
.bnmla.com/ Name: rx_sspurl_10738
Value: https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3Daccd1af1-c842-451b-9d73-e43091cf9536
.bnmla.com/ Name: rx_uuid
Value: accd1af1-c842-451b-9d73-e43091cf9536
.bnmla.com/ Name: rx_maxage_10738
Value: 1662700441
.inmobi.com/ Name: idsp_c
Value: 81181572-18f0-40ef-b32f-bbf09c56b563
.semasio.net/ Name: SEUNCY
Value: 689C11171101F420
.fiftyt.com/ Name: fppm
Value: 20220825051401
.bnmla.com/ Name: rx_sspid_10738
Value: 170
.onaudience.com/ Name: cookie
Value: 59f616327039d82b
.onaudience.com/ Name: done_redirects219
Value: 1
.adsby.bidtheatre.com/ Name: __kuid
Value: 16d9abf7-a0d1-4154-b85b-1fe4335d8615.430618441
.adfarm1.adition.com/ Name: UserID1
Value: 7135677739533858959
.c.appier.net/ Name: _auid
Value: RyHUwfMiBie0bkVxGQUHYw
.zeotap.com/ Name: zc
Value: 1821a04c-d5bf-4814-527e-b33eb5d68ed3
.zeotap.com/ Name: zsc
Value: Y%F5%8Dz%02%D8%02F%14%DE%1Cn%DEcp%98%09%15%C0%04a%7C4%D2W%0As%ED%24h%B5.C%BF%B1%D4k%AE%9EX%0D%C0%B5r%BA%7B%28%99%F5%1F%1E%F8%0B%AB%08d%25%12%BF%AA%F3%7B%84%CBN%8C%21ej%FA%A2%40%60%B6%87%9C%95%27E%8C%A9%95%25
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-RyHUwfMiBie0bkVxGQUHYw&KRTB&23130-RyHUwfMiBie0bkVxGQUHYw
.pubmatic.com/ Name: PugT
Value: 1661404441
.pubmatic.com/ Name: DPSync3
Value: 1662595200%3A228_197_201_236_221_226_245_219%7C1661990400%3A164_248%7C1661472000%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1662681600%3A35%7C1661990400%3A15_223_2_38%7C1666569600%3A69%7C1662249600%3A63%7C1663977600%3A224%7C1662595200%3A222_239_54_104_189_57_99_81_220_166_13_71_243_231_234_3_56_233_8_55_22_249_178_21_165_204_240_176_5_238_48_96_7
.pubmatic.com/ Name: PUBMDCID
Value: 2
.pubmatic.com/ Name: pp
Value: 156498
.pubmatic.com/ Name: PMDTSHR
Value: cat:
.globo.com/ Name: cto_bundle
Value: HKF29V9BT28yMkZPMzNBYUZ5ZHVGTm92TSUyRjFvOVZVZWlGaUpwWWdKSmsxMCUyQmZ3NHo1JTJCVFdBaGY2U2hIb0JlT2RKeXNwalowVDhJSldaTmY1UUV6aWVaMGM5b1VTVDlvWm14RW5kamV0RllQWnIwSUpEMmVjWjBJeXJrcm1ZbXNBUmtNNmJKdlpTbDd0NHY2Q2U3ZGxNYVlLc0ElM0QlM0Q
.glamour.globo.com/ Name: cto_bundle
Value: HKF29V9BT28yMkZPMzNBYUZ5ZHVGTm92TSUyRjFvOVZVZWlGaUpwWWdKSmsxMCUyQmZ3NHo1JTJCVFdBaGY2U2hIb0JlT2RKeXNwalowVDhJSldaTmY1UUV6aWVaMGM5b1VTVDlvWm14RW5kamV0RllQWnIwSUpEMmVjWjBJeXJrcm1ZbXNBUmtNNmJKdlpTbDd0NHY2Q2U3ZGxNYVlLc0ElM0QlM0Q
.globo.com/ Name: cto_bidid
Value: 8tL6Al8lMkJuRElzaW1tb3IyZzl0c3h1WWpLejREaXpubG5VNXJPdkIyTnBKeXVyOGRUR3M1UUNsJTJGRWtNMSUyQnZSa0hFJTJCVVgzNWNqS2R5emIxRExGQmZnY3RmNE1YcUFZT1FxMTh3bTdnNFBzS09MMDU4JTNE
.glamour.globo.com/ Name: cto_bidid
Value: 8tL6Al8lMkJuRElzaW1tb3IyZzl0c3h1WWpLejREaXpubG5VNXJPdkIyTnBKeXVyOGRUR3M1UUNsJTJGRWtNMSUyQnZSa0hFJTJCVVgzNWNqS2R5emIxRExGQmZnY3RmNE1YcUFZT1FxMTh3bTdnNFBzS09MMDU4JTNE
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!5693-2!5693
io.narrative.io/ Name: io.narrative.guid.v2
Value: bb6cea50-2434-11ed-aa3b-121f5922b911
glamour.globo.com/ Name: tt_c_vmt
Value: 1661404442
glamour.globo.com/ Name: tt_c_c
Value: referral
glamour.globo.com/ Name: tt_c_s
Value: referral
glamour.globo.com/ Name: tt_c_m
Value: referral
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1661426042116
glamour.globo.com/ Name: _ttuu.s
Value: 1661404442181
.t.tailtarget.com/ Name: u
Value: fwAAAWMHBRoeOQbOHITSAgB=
.t.tailtarget.com/ Name: _ssc
Value: y
glamour.globo.com/ Name: tt.u
Value: 0100007F1A050763CE06391E02D2841C
.t.tailtarget.com/ Name: ttbprf
Value: _chicago_illinois_us_1661404442543_2807564194
.t.tailtarget.com/ Name: ttc
Value: 1
.t.tailtarget.com/ Name: ttnprf
Value:
glamour.globo.com/ Name: tt.nprf
Value:
ads.stickyadstv.com/ Name: uid-bp-951
Value: 7412760816595641933
.tt-12765-5.seg.t.tailtarget.com/ Name: ttca
Value: _1661404442
.t.tailtarget.com/ Name: n
Value: 1661404442
.spotim.market/ Name: a448580
Value: 16C6B2FF-0EE7-4B1A-8B8C-570683EC57C4
.pubmatic.com/ Name: SPugT
Value: 1661369804
.adnxs.com/ Name: icu
Value: ChgI1dN1EAoYAyADKAMwnIqcmAY4A0ADSAMKGAjD83gQChgBIAEoATCVipyYBjgBQAFIARCcipyYBhgD
.vindicosuite.com/ Name: cup
Value: CAEQmaj2AzJJIgwI%2B9oCELqUuLAMGAEiDAj22gIQupS4sAwYASIMCO%2FaAhC6lLiwDBgBIgwIldgD%0D%0AELqUuLAMGAIwADgAQAFY%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FAToAUgBYAIgBAZABAA%3D%3D%0D%0A

32 Console Messages

Source Level URL
Text
network error URL: http://sandramaria.online.anamarialopez.site/img/67f736e03050b4d0ed3779b0edbf88c7_w_2666-64.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://sandramaria.online.anamarialopez.site/img/67f736e03050b4d0ed3779b0edbf88c7_w_2669-64.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://sandramaria.online.anamarialopez.site/img/67f736e03050b4d0ed3779b0edbf88c7_w_1789-64.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://sandramaria.online.anamarialopez.site/img/67f736e03050b4d0ed3779b0edbf88c7_w_2128-64.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://sandramaria.online.anamarialopez.site/img/67f736e03050b4d0ed3779b0edbf88c7_w_2066-64.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://sandramaria.online.anamarialopez.site/img/67f736e03050b4d0ed3779b0edbf88c7_w_2190-64.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://sandramaria.online.anamarialopez.site/img/67f736e03050b4d0ed3779b0edbf88c7_w_2681-64.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://fonts.gstatic.com/
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://horizon-track.globo.com/event/glamour
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://globo-mab.globo.com/mab/bastian-advwblt-r5:glamour:desktop:multicontent:dinamico/chooseAndIncrement
Message:
Failed to load resource: the server responded with a status of 422 ()
network error URL: https://globo-mab.globo.com/mab/bastian-advwblt-r5:glamour:desktop:multicontent:ep/chooseAndIncrement
Message:
Failed to load resource: the server responded with a status of 422 ()
network error URL: https://r.nexac.com/e/getdata.xgi?dt=br&pkey=gpwn29rvapq62&ru=https://beacon.krxd.net/data.gif?_kuid%3DPCeFolNw%26_kdpid%3D2dd640a6-6ebd-4d4f-af30-af8baa441a0d%26dlxid%3D%3Cna_id%3E%26dlxdata%3D%3Cna_da%3E
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://horizon-track.globo.com/event/glamour
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://r.nexac.com/e/getdata.xgi?dt=br&pkey=gpwn29rvapq62&ru=https://beacon.krxd.net/data.gif?_kuid%3DPCeFolNw%26_kdpid%3D2dd640a6-6ebd-4d4f-af30-af8baa441a0d%26dlxid%3D%3Cna_id%3E%26dlxdata%3D%3Cna_da%3E
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
other warning URL: https://3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1(Line 11)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAD9KU7GDgoAABMQ-KCgjw
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://usermatch.krxd.net/um/v2?partner=liveramp_identity
Message:
Failed to load resource: the server responded with a status of 400 ()
other warning URL: https://www.googletagservices.com/dcm/impl_v90.js(Line 88)
Message:
Unrecognized feature: 'attribution-reporting'.
security error URL: https://ads.pubmatic.com/AdServer/js/showad.js?(Line 1)
Message:
Mixed Content: The page at 'https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml' was loaded over HTTPS, but requested an insecure frame 'http://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=7qjBOxjtp'. This request has been blocked; the content must be served over HTTPS.
javascript warning URL: https://cdn.tinypass.com/api/tinypass.min.js
Message:
The PerformanceObserver does not support buffered flag with the entryTypes argument.
network error URL: https://e1.emxdgt.com/put?d=d41&uid=0e21371b-a7c8-4fb7-a815-33750dd5bad4-tucta008a92
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://horizon-track.globo.com/event/glamour
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://glamour.globo.com/lifestyle/noticia/2019/12/melhores-do-ano-os-memes-mais-engracados-de-2019.ghtml
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://glamour.globo.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: net::ERR_FAILED
worker error URL: blob:https://glamour.globo.com/62239aaa-a88e-4f3a-8ef9-a3013bd1fcc3
Message:
Mixed Content: The page at 'blob:https://glamour.globo.com/62239aaa-a88e-4f3a-8ef9-a3013bd1fcc3' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://glamour.globo.com/62239aaa-a88e-4f3a-8ef9-a3013bd1fcc3
Message:
Mixed Content: The page at 'blob:https://glamour.globo.com/62239aaa-a88e-4f3a-8ef9-a3013bd1fcc3' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
3093e7cdf78a1cee8aac9a79b8d82123.safeframe.googlesyndication.com
33across-match.dotomi.com
9a8ad29c57a9771f53bfb78c6a2b0069.safeframe.googlesyndication.com
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
a.vidoomy.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.lkqd.net
ad.mrtnsvr.com
ad.turn.com
adrta.com
ads.playground.xyz
ads.pubmatic.com
ads.rubiconproject.com
ads.stickyadstv.com
ads.us.criteo.com
ads.vidoomy.com
adservice.google.com
aktrack.pubmatic.com
amazon-tam-match.dotomi.com
ampcid.google.com
ap.lijit.com
api-2-0.spot.im
api.rlcdn.com
api.vturb.com.br
apps.sascdn.com
aud.pubmatic.com
b.t.tailtarget.com
b1sync.zemanta.com
b914bae64ee38a1f51ab4d193a1b562e.safeframe.googlesyndication.com
bb772c466fb6df497b37ef72aab4cbbb.safeframe.googlesyndication.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bttrack.com
buy.tinypass.com
c.amazon-adsystem.com
c.eu1.dyntrk.com
c.us1.dyntrk.com
c1.adform.net
c2.piano.io
c2shb.pubgw.yahoo.com
cat.va.us.criteo.com
cd.navdmp.com
cdn.adnxs.com
cdn.ampproject.org
cdn.converteai.net
cdn.cxense.com
cdn.doubleverify.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.krxd.net
cdn.navdmp.com
cdn.stickyadstv.com
cdn.taboola.com
cdn.tinypass.com
cdnjs.cloudflare.com
ce.lijit.com
ced-ns.sascdn.com
ch-match.taboola.com
ch-trc-events.taboola.com
ch-vid-events.taboola.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
cocoon.globo.com
comcluster.cxense.com
config.seedtag.com
connect.facebook.net
consumer.krxd.net
contextual.media.net
core.iprom.net
cr-p1.ladsp.com
creativecdn.com
cs.emxdgt.com
cs.krushmedia.com
cs.lkqd.net
cs.seedtag.com
csm.us.criteo.net
csync.loopme.me
csync.smartadserver.com
d.tailtarget.com
d.turn.com
de.tynt.com
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e1.emxdgt.com
eb2.3lift.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
event.clientgear.com
events-ssc.33across.com
experience.tinypass.com
fastlane.rubiconproject.com
fastly.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
gadasource.storage.googleapis.com
glamour.globo.com
globo-ab.globo.com
globo-mab.globo.com
gocm.c.appier.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
hcodemedia-d.openx.net
hde.tynt.com
horizon-schemas.globo.com
horizon-track.globo.com
horizon.globo.com
htlb.casalemedia.com
ib.adnxs.com
id.cxense.com
id.globo.com
id.rlcdn.com
id.sharedid.org
id5-sync.com
identification.hotmart.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.converteai.net
imasdk.googleapis.com
img.imageboss.me
imprchmp.taboola.com
insight.adsrvr.org
inv-nets.admixer.net
io.narrative.io
ipv6.adrta.com
ivccf.ivcbrasil.org.br
jadserve.postrelease.com
js-sec.indexww.com
launcher.hotmart.com
lb.eu-1-id5-sync.com
loadm.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
matching.truffle.bid
mcdonalds.smart.link
media.sabio.us
mug.criteo.com
mweb.ck.inmobi.com
mwzeom.zeotap.com
node-p2w-1utzoa.sitescout.com
nxd.adhaven.com
nym1-ib.adnxs.com
oa.openxcdn.net
oajs.openx.net
odr.mookie1.com
onetag-sys.com
p.glbimg.com
p.rfihub.com
p1cluster.cxense.com
pagead2.googlesyndication.com
ping.seedtag.com
pippio.com
pix.adrta.com
pix.us.criteo.net
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
player.aniview.com
pm.w55c.net
pmp.mxptint.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid-match.dotomi.com
prebid.media.net
prod.uidapi.com
pubmatic-match.dotomi.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
q.adrta.com
r.bidswitch.net
r.nexac.com
recomendacao.globo.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rtb.va.us.criteo.com
rtr.innovid.com
rules.quantcount.com
s-static.innovid.com
s.ad.smaato.net
s.amazon-adsystem.com
s.glbimg.com
s.innovid.com
s.pixsrvcs.com
s.seedtag.com
s.spotim.market
s.tribalfusion.com
s.update.stickyadstv.com
s.uuidksinc.net
s0.2mdn.net
s2.glbimg.com
s3.amazonaws.com
s3.glbimg.com
s8t.teads.tv
sandramaria.online.anamarialopez.site
sb.scorecardresearch.com
script.hotjar.com
scripts.converteai.net
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssl.connextra.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.criteo.net
static.hotjar.com
static.infoglobo.com.br
stats.g.doubleclick.net
su.addthis.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aniview.com
sync.crwdcntrl.net
sync.e-volution.ai
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.navdmp.com
sync.outbrain.com
sync.richaudience.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.spotim.market
sync.springserve.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
sync.tidaltv.com
t.adx.opera.com
t.lkqd.net
t.pubmatic.com
t.seedtag.com
t.tailtarget.com
t.teads.tv
taboola-supply-partners.tremorhub.com
tag.navdmp.com
tags.bluekai.com
tags.crwdcntrl.net
tags.t.tailtarget.com
tags.tiqcdn.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tracking-api.hotmart.com
trc-events.taboola.com
trc.taboola.com
tt-12765-5.seg.t.tailtarget.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
um2.eqads.com
ums.acuityplatform.com
unified.adsafeprotected.com
ups.analytics.yahoo.com
us-u.openx.net
usergate.globo.com
usermatch.krxd.net
usersync.gumgum.com
usersync.octillion.tv
usr.navdmp.com
usw1.smartadserver.com
v.lkqd.net
vae-bid.adsrvr.org
vars.hotjar.com
vast.adsafeprotected.com
vid-io-iad.springserve.com
vid.pubmatic.com
video-ads.rubiconproject.com
vidoomy-d.openx.net
vidstat.taboola.com
viewability-events-p2w.sitescout.com
visitor-usa02.omnitagjs.com
visitor.fiftyt.com
visitor.omnitagjs.com
vpaid.pubmatic.com
vpaid.springserve.com
widget.perfectmarket.com
wtfismyip.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.npttech.com
x.bidswitch.net
x.vindicosuite.com
ad.mrtnsvr.com
ads.stickyadstv.com
api.rlcdn.com
api.vturb.com.br
cdn.converteai.net
cdn.doubleverify.com
contextual.media.net
js-sec.indexww.com
r.nexac.com
s-static.innovid.com
s.innovid.com
s.pixsrvcs.com
sb.scorecardresearch.com
t.lkqd.net
wtfismyip.com
103.229.205.243
104.105.42.146
104.18.133.145
104.18.18.126
104.18.19.126
104.36.115.109
104.36.115.111
104.36.115.114
104.36.115.121
104.45.178.220
104.77.220.151
107.151.8.226
107.178.246.49
107.178.254.65
108.138.128.105
108.138.128.7
108.139.29.125
109.206.161.21
124.146.215.44
13.225.223.90
13.225.63.112
13.225.63.119
13.225.63.55
13.225.63.88
13.226.39.28
13.226.39.34
13.226.39.89
131.0.25.26
135.125.160.160
141.226.124.48
141.226.224.48
141.94.170.77
141.95.98.68
142.250.65.230
142.251.32.98
142.251.40.226
142.251.40.98
145.40.89.32
146.20.128.108
146.20.132.111
15.235.43.119
15.235.43.120
151.101.1.108
151.101.1.44
151.101.193.44
151.101.194.49
151.101.66.133
151.139.128.11
157.90.211.246
159.65.197.210
162.19.138.118
162.248.18.10
162.248.18.11
169.61.103.241
172.104.121.22
173.231.184.20
18.198.39.162
18.205.219.62
18.208.45.24
18.213.213.19
184.29.132.198
184.29.132.212
184.29.132.246
184.29.133.72
185.167.164.37
185.184.8.90
186.192.81.117
186.192.90.3
186.192.91.5
186.192.91.9
192.132.33.46
192.35.249.143
193.122.128.135
195.244.31.10
195.5.165.20
198.148.27.139
199.127.204.147
199.187.193.182
199.187.193.197
199.187.193.199
199.250.166.129
199.38.167.129
2001:4860:4802:34::178
2001:4de0:ac19::1:b:2a
201.7.177.167
201.7.177.243
204.2.255.233
204.62.13.72
207.198.113.88
209.25.232.94
209.25.233.251
213.19.162.80
23.111.174.26
23.197.33.123
23.205.53.73
23.205.56.183
23.209.184.201
23.209.184.224
23.227.139.243
23.3.125.24
23.5.239.40
23.73.241.119
23.73.244.44
23.83.76.65
23.92.190.68
2600:141b:13:694::26e5
2600:141b:13:7a8::268b
2600:141b:13::17d7:822b
2600:141b:13::17d7:8230
2600:141b:5000:3a0::2c79
2600:141b:9000::687c:2c0
2600:1901:0:ee17::
2600:1f14:b4f:4b01:546e:1973:3083:feba
2600:1f16:b8a:8e00:8730:7e48:c66:3404
2600:1f18:1aca:4282:66a7:18bc:d1f9:4f18
2600:1f18:1c96:4103:ff95:23a8:870a:3383
2600:1f18:4e9:5a05:453e:66f9:9eff:3281
2600:1f18:612b:4264:5a8a:599d:c48a:3022
2600:1f18:6593:f602:3fd7:c8e3:cbda:5fe9
2600:9000:2140:400:15:6f6c:b180:93a1
2600:9000:2140:dc00:8:48e:53c0:93a1
2600:9000:21da:a400:1b:5138:8a40:93a1
2600:9000:21da:ac00:f:9375:3400:93a1
2600:9000:21dd:2a00:6:44e3:f8c0:93a1
2602:803:c002:200::116
2606:4700:10::ac43:266a
2606:4700:10::ac43:db6
2606:4700:20::ac43:4876
2606:4700:3030::6815:5476
2606:4700:4400::6812:230b
2606:4700::6810:5614
2606:4700::6810:ef3
2606:4700::6810:f015
2606:4700::6811:190e
2606:4700::6811:b9b1
2606:4700::6813:ac6c
2606:ae80:1451:11::2010
2607:f8b0:4004:c09::9c
2607:f8b0:4006:806::200a
2607:f8b0:4006:806::2010
2607:f8b0:4006:807::2002
2607:f8b0:4006:807::200a
2607:f8b0:4006:80d::2001
2607:f8b0:4006:816::2001
2607:f8b0:4006:816::2004
2607:f8b0:4006:816::200e
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81d::2006
2607:f8b0:4006:81e::2008
2607:f8b0:4006:81f::2003
2607:f8b0:4006:821::2002
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:c1e8:5385:5098:6bf0
2620:1ec:21::14
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:182:face:b00c:0:25de
2a03:90c0:9996::9996
2a04:4e42:400::485
3.12.251.213
3.19.38.244
3.19.54.139
3.209.27.218
3.212.235.1
3.216.62.66
3.218.90.66
3.220.112.109
3.230.10.142
3.92.156.8
31.220.27.155
34.102.146.192
34.102.185.99
34.102.253.54
34.107.148.139
34.107.184.81
34.110.201.227
34.117.239.71
34.120.135.53
34.195.71.40
34.196.228.175
34.198.103.0
34.209.30.241
34.229.3.43
34.234.190.218
34.95.81.168
34.98.64.218
35.172.99.217
35.174.63.80
35.186.236.204
35.190.60.146
35.190.90.30
35.198.44.170
35.201.123.184
35.201.96.126
35.207.24.140
35.210.53.219
35.211.118.13
35.211.178.172
35.211.233.246
35.211.79.33
35.215.207.122
35.215.230.239
35.227.252.103
35.244.153.86
35.244.182.124
37.157.4.28
38.91.45.7
44.193.106.97
44.194.46.109
44.196.211.13
44.208.243.83
47.252.78.131
5.161.47.120
50.31.142.63
50.57.31.206
51.222.39.187
52.1.8.172
52.20.189.152
52.203.133.218
52.203.70.231
52.223.22.214
52.223.40.198
52.23.59.39
52.35.73.181
52.46.128.147
52.73.179.133
52.94.220.185
54.204.100.150
54.208.23.128
54.208.69.179
54.209.87.113
54.211.243.57
54.224.232.249
54.231.227.160
54.84.62.20
54.85.162.154
63.251.28.233
63.251.86.50
65.8.192.196
67.202.105.22
67.202.105.34
68.67.160.137
68.67.179.164
68.67.179.87
69.12.8.74
69.166.1.10
69.173.151.100
69.192.109.215
69.90.254.78
70.42.32.31
74.119.119.137
74.119.119.139
74.119.119.147
74.119.119.149
74.119.119.150
74.222.140.101
76.13.32.147
8.2.110.134
8.28.7.79
8.28.7.81
8.28.7.83
8.43.72.97
82.145.213.8
85.114.159.93
00f9f7f8aacb8c53029767d5351f591dbc13c546a543afb365ba66343c153f04
02aa6ae7ef651439e9782b49b7b3ae86c88eb6e55b501437d16db2521b3e8de8
02d9fda86feb83e01174fde5b8264fe8dfec541a64ffa5d0afba3f7bdcc6a972
02f70f4d57c4052c276b262f5d5b72135ed3238aa4936dd368e3e1534eb6e8fb
03bd05cfb6d0789c54678927cfbd8d3ab3c9b721cee69b3dec80dc9c521149dc
0520f9436ff654fccdd9d3c04c3393205ba92ff4c424dc694002163611e4a251
053e00d59d56ad7064037a78baa37943054fdf1bcfcefcb48d2ad7931360a4df
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
06796d03b1ceb7829355d134d9951a554bd9ab1e5643c55520adca27c0f9fe2f
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07684a7403c7b6f263ba8903d12f80916926a6eb49c89eab3073e1d4fb51fd7d
0773df1b62b926ff11baafce486c991a745d481e6791b9d07ce6f628b4bdd593
081d455bd5ad34e6a70e34cf5222173a504db11c69cff556b99a87f328b06931
0832fd95ee636ce4ee93987e86eacc95ae8284fa5944919afb4c39913df029e0
089937d36fb91b0cc9fee6301bdbe6728d16d09bb64a36ce24de0e181a0270fb
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
094b946adc39ade08f6d927ea066c8fef3ba6ee5c12919873172315ef7428e92
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a5abbd4d0003b810cbffdadf48c97e7a6379f9b6adcdb231e6c71265fd12c85
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c22597aa3feb104000e18b6426425e8a6a941663f489739d4e0f2aa7abc1905
0c627f457cc09ca115a28c56855debecc37b05df25a91dd845da5001010bd6e2
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0ebe2c16dd702fb36cb07dc99f2d813d0beaf371fbe3a642a2fdf81e0935e278
0f02dfc186ec2537081d8b2348681cf2b0ad1aaa5a7cf77097b3823f1dde2baa
0fec9b50ddcab88183b739fe7adf9e7ee9f32d9846d02130419b08526b796484
104172b04b0ecda98f11cf5f4e9265b4b0a9ae3a7584ffd579f2ea33a66e0e0b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11499e232303192686b4bc5d943f89c6310724941446a4539f7595728fb5b68c
119916f316f528ebae8684f3a457f24fa2907f27e6f3c4a525dd3971b2783cf4
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1298edbdd61716cdfd4e5b6ae4d6bbc598282a86c23c5eee134965e052f5d878
1417897fde1f0bccd939b8a72b9064ac98b1909f9ac36492f6aff012a6b9c0f6
14d955815de13df65a984c62d09ab137bfea2b61d82d618cba305ccfd8af874b
15db152f386fbb66b5610a32b7b5d8662aeab674ce38a2c446cd73d2a250a92f
165b8685a31673ca432935c081b8e555b1e42d79c0c177de424d76eb8d50c044
1690d9be98a0d0eae94c70bac71dbe9a8ba67fd946fb4f5ef3245d2c09253c27
16d0e4f6d886d964d81d7d00ab1a28c4a446a80f1f17a56fd09147b39ee53aec
17b6c419a7f65afd0e75266dcace486b79ceae9242177feaa960dda92816c4cb
1825c9980b2f0d55a196d613bec16bb07611bf9fea58a2c102c01cfb46d079b8
18312ad4c69f92fb93a9ddacc7146a80672607335fa266944d9fd9bd81a9b596
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
192829959bf3b5699716d4fa411c0da8d960960f4c4c8d7065bb48faba1edee7
1939b4a9daba0c2d497ea0cac9fd1caa10856603c66c3b271d2bd29c93dc91e7
19486d8ab5ba9b0f646524179ba9d5bf3811c57fa54c7a4ed482742370a48669
1975f64eb2e102121a030c6eb50da10e3f1d78d0b6a9b2e5d4c2f8f636bca449
1994385f88f1ab4086932c27d8d94dc89d01d2fc4fdd728ed330551b491984b6
1d419f4544d7ceac9adaf50c3766149b33270d40964389dbfdb93abdbad9c847
1d7f6ffcdfd27562629eec3440c52f50b2eb54b76e899a871c41a266c17664fa
20e773157ee0a83bbd90abc6f471291abf9cd594365c7f302066dedb1420168c
220d8dc241d5709f9d46d5ce5a9b8904fa84df3c35c7f9c56933106442f81d19
2292a22f6040a861907017a1c2518b687d1ffdd13371946760b6abe871ee7153
231e3afb8ac1d691297cb2ceb6829e229f45f52b0b6f50c2590d62e700736926
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
234031a00bf67eb675a89fea0f3ca21a9acd1898c9ce98adfe70e8cf2baf6081
245b5194e7493d18ae67e3d84082376cce3e88752050ba387f4d60c51d1e1738
245c9cdc3b97ed8b81b2538a182e47679f5a6fe7f031df27834e982be04f383d
256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719
27e5923af3721531989460fc532eca43646827a386543f5259a729e319261d90
27ecb84024851b7f08ffd15abf24d565ddbee9af95907343a272563d28c8eab5
28c2449c7daa8635b900d163437b4348705d129fe6c53a674ee37fa6064ff36a
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
29458ffabb5db1d6a9a1252bc31593f960ffd70db8f6c4694f69f9401a31534b
2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2bff28f8401ff5f6fd4b5a8d119831187ca601e7a6641cbf75841e35bc416b47
2c27422a0b3735d52a4c541699b72416882ff32d3c7412b93be275d6803b5bf3
2c5fa74196b08889ba18bfccd2d22415ba5e3a76937d125477456936b86988b8
2d88b91136dea0a275445da1a78e53364603a09ace9bcb84945805308be6ea8e
2dafdf3a385165c9a283d5a79f33cdd59227cc33fefece7493324cbbae4bc37c
2dd7e9ca358d9a52e8adcfcab0180e50beb4449a987ee747c69e605fa35fbee3
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f610b371489c341c6a7b5ab786ad4a5c771dcf9c0c94a11b0bb60f8c0e67a7e
2f805f242affa5de478343055a8e0a2e449b4f7f7e62049626482ee35fd0d029
2faeb72dc6c6dd034ad0fe3a1326105213eb42cc9fdde9560f645ee2dd1c4c2c
3211f0105eedb5873f087c4d715050124d6891cd2746f9e28b78759a80a818ca
322a189a59e4c2bb88503d921a1c3335f2d02c678083ec71e78891b9a9d316f2
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33996f376c957101342a144e53e499906d3e233b691f30d75c05be9ce79ad094
350a236162231dd999bdaec121ffa79193036e95d894ca6dd067096488d128a5
35121e05137fdc8597cada42dc822d01b1e96a465b99927b72aa4cca4eaa2db1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c
372e64d527e017d6fa47d3749c9a7a04a18fceb25add2fef0d1911487af4b3cb
377b3c43b8176e2a1681c6bc4882ddee51e33b441574459744a084f09766ea1c
3945a98e43cd2167bfa9e8385ffa54335b9a393fa66af78f9b9deba11bd87470
3967cf031a451f1d50726a9c7d4bfee59e1b4ff70d98807f8fc47838400a5f6f
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3ddfb1d431311b32ba4e9721a8e868f084dcd13bc2b0c5f355fda4633509cf4b
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1
3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002
3f4178004021ac43dcc4437f6a58cd20c80755e5dd2f7871a6159819d5494efe
3f9e3eaecd1f1935454bba4a953e8b186694f4ccb15910ca8cd44552fcbb9552
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
404dcdabcad98c8ed15f4474436911cae5e284d10c0e89f5891e61b2862e3c4f
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
40c6e73505b42c7e66cca644b0bdeda5b54eba8b125787fd1757d168622dee78
40e4951dffea740356de1c800b47ff35a1fac0756b592a4ff5ea9a316b0119b9
420ecb0d91b5220871480d2f240a7614939a4ebe7d3f30b67f521c2bd84b547a
434b5741ad305ce4a3f87e0664d243410de7c9806c94d54e999aaf5adf0761a9
447bc8ef2417813171bf8eeeb9ce80fb81b9ecf01ef886afa4e7fee13b7407c5
45287b4e507b14236a1a00dd67e160876dec1fa7ec548ea49eb875dd775cb565
45e78216d62e7ef2a2c7d0bda526ddfb789444fb8a986b024d059373acb27c16
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
46ae652f994d656ab54365625c687e0d76e9dd8f486246a5f5ce66b1ee49264a
46c73f7c5fe118297b0735a4274d8093e48c7cfea6a41cee655a25dfd354acf7
46e4dfa96644020484b012dc7d59fb17991401df9dc28cabe53f5c3b624b310a
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b658acf6fe70605cd96707476eb2925202a50eb6ec2d02391f337cc09d019e
492b37a11e1f789e32359e7f29e6ab41080e3f1ad5da6ab100d4f0e07e1fb86f
49907fa8e3c67675f143d2d13940ac5ebe29522c5feb70c570aab1e0c1fba2e3
4a6b3d1991c4420dbb00831149756c1f8915ea0b1a62f4a54b42a8bd14416f32
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4db180d7727a13fc07c89f714a1b3d7f5277d59a61c61068048997bc1eb077d9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2343e938140d17c2ceb77133f12f505bbbc046a195ba491f127be04d10534f
4e5a8df78e43e83e6ca4b7af38833a508483d29e3c5332b7dc19a0ac9b27c692
4eb117f5f1fc90466bb7aeb543b00203b3373b23cecd6980b6317dbba275230d
4ed66ac2511025f8973c2fca284b5dd627a879a1890764214bc2cee5c8634ae7
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5044b9a998bfd37f8628a49ebffb1e90e81a9a78eb27123ffa7ed35c34fe424a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50712b530faf8a00dba0c5576f668fcd96630784caca25eff2692ef6fe15a035
509ef6cbf39ac9f7498c733a3b4699bfa113ff0ec1950f2d72245a52fc8039b6
50cae258c9ee6b608c8f8593e4efaf5ed86f8708864722db239baae7de75f7cb
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24
5276d043e29079eb1f08ac462778155015065c738a4074c0222beea311607b48
530bdf88bc56962fc0e5d7ef83f91386646d46e38612f24009d489da502630e7
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580
540ec6140bc77b27dafedc109bb4e4ece1ccb0f5d1456c40ea23d2c5063a80d8
54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b8d8023063c17ceb90f9cef08ed6d7a4dc764b3448534b0b863a277fa9f704
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
58393c06d66571c2f17cf94e5c8837b6ea1ef7ed64d57eeb462415bb24465f0d
58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98
59119d769463d6328c2791982090c033babaffd946a3616d3291db1bf6053fd0
594459f04b56087383793fd0e59649aaf95cc0cc3ba4d5cfa007d5ce6ff32181
594ad4616a52085f2aebaa7e5110b784fcaacf2dce9bb56e99203cbfafe6d713
5b0fb4576b64e935cf7bc72e7ad1c918dcd0f9e923f8432bf41b872ad073fedb
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
5f07ed9b1f339264af577ed2c79bff5e1b64076fa43ea6e80b3d1cb0101abd81
5f5215e4227ed76a2060cb35ce90e6da2d5ae98c4502d09a79408f2e4d2dd2f3
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
5f8d71069d619040e5ea451d199616bf459fb1ebc73e2e5a5ade04b3c0f6d405
5f91da25c24e6fb0fc2f6b18964b6bb696253b1d13fa9fa32ca8d27f60ec9fee
5ff7ed7c185081c0dac9ffeba28bc5b893b6a9ee42a3fff17071325904713ba0
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
608e686158f0d9ae5d0d9db20802a97d5e4eeb0821efcbb6f98794ea9cd91892
60b0f8f7a630b8cf83d4c29ddd3e6e614b119208fe97a96cae6dc6311541671b
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61577749b4423c492bfe2f3bfff475e3397fb3738794c289f783be6b03457194
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
641d21510402c273434756ba9dd8af1c99325599060a4a35efff483863b816f5
642a87ebc12af5f33931cbf41d1cbab3468f80ddc62d72e3e1a88c3e2bd401b8
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
660d2fb748d34943633ce34e11e1dc8144cf2a6fa211e1656ab68e81b26bef4c
67b29726ad336fcb523d72d2ad495b4d9ef43a012f8fa91495e5c14f0ecacbd7
68711ddb4517b043fd142e7b0d9007ec8925c823eba13e1e6e66298d55ebf2d9
68a4909c6b8a33d5355c1ef06ee9caff0286db5252efedcf509859a82cdc5463
6a3e5769b50199a784f497baed5fd808561f9eb5dd8eedc479ddad31ec9d93c0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b39e69f29412508e654d4fc21e3194d3d60ae5a19b3aff7b652d088118af415
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c623b85b40c5d38e415c15df85453a1efd0c4ba6e66304b407ed03e4668fbce
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6d3f979aa5e232e59a817c0ce87451940991400579e507707ae0d8857b7db0d8
6efbed25888cacc7830c8e1342324fbc9db45c5913c7e76fe10adabae301844a
7035f084318d48a7745b05a838a56053e707c047d740b3fce3b949d50838c50c
707f24244143f4fc39816c5f9231a26b9ccd064cd9544e48376991ee06e32ffa
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72def364e4a3a2bc432ca2bd27bac26fea170cf0b7b4ad29f6cacd7aedc950b5
72ef1fed88139c27162cd64c7029d145f1adcb6079f4edaa293a4492c14a029e
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7
73877f5e39d86856de2a633e9a710cb1d21637f21ffe9e5c268ab9f8527553b1
73f7aff779c41ff88537f39fc27bba4a36a81214fe1bf87a3eebdd1d55aba6fd
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
76ea345832f8b763af19019030139f7305a572c00fd30ce0f41e95b95e952678
780bab12ced7ead32f27db489d2a8f839fcc7a4ac9934414107513deca85bf85
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7aeccb132cebb05a8f7ae1a1b3a01c709a66a2625188df9efa1320ce6be7da56
7c6bd4c3afadedeb84cf0b47867e871b8e2383f395b4e4c1cfaee16dfce2615b
7c7a06de58fb58fa9fa7edb3eec0ee8ee3460dadc66e578735479b832bb6194a
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7e6ac82bd5dfd18808f76e7c228d07a2c649618a40aac16fda8e7aaf99e8088c
7f1e7751de7211682870afa390d8383cddbf7845eb9d83b700752bc26602a782
7f62e59ec4b6fcfeb1a9c7fd353b841dd0c4c15dab8104b3b0d39a90ea5e29a2
801144fb20e8673dc03c55237ce3b9c78d394270a81bb25b2e9158aa1ca7abea
8122177cca9baba8feb65c312043212098ec6be86ef09540ba2c77b3a233b7c5
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8404a9bcf2e688a2888c135ad23f014de6d7d622b0516381defbe0969375e862
846eaf14037753c7d6f8d6dbc9eee5f9b1ee1d7f5f1b341b336062cf756db256
854d0f21a2c161e7b2dbc8e4ea7eb1f6d1834b707f1b489bbfdbbd86ac767286
86f20e359c4ba7d6ba69f7d87a037fef0b2643cc3d155815cc1605805b4ece31
874e545a5055f7c8602c30ffd711768e8105bb75c87045a794f934d9cffa30c6
8959734e0b0c124041f185a33db62457657cea46dde82dfa207c23c9d94338e2
8985f56d8352122e1dd604f7c57797f5d4ecd215226b1fd0d6424c61dba052cc
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ac9ab476d35e1748fbaa57a53d3b1ee06ce9266abe4088da329ecae0511a797
8d5031b445e9a734bb616a887293d7b79e4fdacb5258d59872c354e6755f2d45
8dca50fcee123f3c6e81f3f042a96d1b3e4ce967e2ee5eb1204a6f079a65ddd7
8deaf2f6487d8023283092a123cfe4c67b0d340dc59d94cf1c8abb57ff9ef2c7
8e54b959b77f51f0866c75031505ea6273f9f4d3bb0e883c7fd82e69b9184ba3
8e76c575c357313ca74c63e3ccc615f2eccf074ae2518b80d07d57362a04acd1
8e8003ad291ba3bd8691f5b0754b18daa4f89147dd3f27f204c651cd8d5fbf8f
8e838d758085f343311d6d1485d578727410f44628e53fd119f00978024396c4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
90438997aa817bad94f49d367b04dbaaaa387493ef5a1f5b5d5f7b953b76c1ac
90da253f1f39dfefae0ae769d3c82522a3689912b1c0c581a1b1db7794ed8dab
9150b803e739c0b86ec5aca82dfd9d1275769b6288c57e16ed203919a4a18ad5
92242b91deb192dc1c5202e458216198d0625837158581f6cc53d316c78ef5c6
92beaf913adfabfeb48f932e23ccf17abf94fa30f563ff5fcf8bacfa44803f8d
93647ccfe0cd30aafd466de308d6a68000ccf3f976bf7a678ccf4196fd064510
93f45bd0df53776d65c03af696f72e8857a3049863b07852ba2998ecce3160a3
945f98ebecf4bfd00ec2fbfd949824323698e34d9531dab6fe714771942717a6
94b62cbcd95b49b979fd6ad3e041290f25a6f5f66d924d00c8586237f279e672
956bd91287fd5d85b711fd51418e53c6eeb3536134044ce39f67fb20938e160c
95da462879060769029255b8a1819b52077133dbef9df22b15e9db0c07395d76
96eba94b807a6480c7491108ed3bdf99f5b62b6958e36955b33381bedb22e76e
97b81651ac630805fe9f93b8a9481cc286ddb6240b3964a647371f01bca28641
97c39accdebc96290f15189602246d72a0d12155f027502cf079679f731af96f
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98f8872e1b56028b79c924ebe11aef57be797b06164a8d9114ffd5c82001ab8b
99725e21800ccc55e79d462f475db2fec19f1c82057b6b5bc87bdfe5212927d4
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a4370d6bf5026903a0d9f02c5b594c552a66e7568317edb204858a107150567
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ad73f6fca747b0f81fbf6c96686b73239b63acf8ec720c42542b8f9b90e547d
9ae828f8c201158509783acfad90f9f9f64e387fda11b0768a3524baeb84b8c3
9c629f8b76dd3e1eba7f261fb0f97eb8a50c0447752faa635f16d3608c8df6bb
9d4f298b9266e5e548da14a56548eedc87dff49e1fc054dc7fd7b19cf0db55d0
9e4cb721621a38fd7149906a5211c54361fa49ced050bd0c93a58aed174e642d
9e6896478a9358eb1c51ca9ea80ca957b0722427ebe29bcdb601ecff06423fc7
9f07eb1d3485dabe204a944ab51fd4d7b4f2247c58f170714cfb40ff118af06e
9f1508da4c7e232fecfa9d9ca9c8d6d4097d449c91b20d51903af021612c1214
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a135107db4278af6e0c7513f61442d9e6a0b7e008c13de7d82ede5046876be38
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2285616a8e12bf0f31c6ec853acd7c221de6c6b0b5798b65b5aec2d2b123a75
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a336595607ff8e8bb0ce3d49613de82ead1e92232a13101a16828ca1dcc97bf9
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a3d802214cdaf6276aa13b5b161820bbc80660cf9429124233334b07a2d7978e
a47e5ee9e8c6fbfd2879dcc9ef414a41dc5d6af8b108b0d6ae64929cfb59a900
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51690a59260fd30a04d20955e8e5432f7f05f90c13f04c953789d67548a66b8
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a53e01b44ed913191eabb9a71596bff60a18acc4b7bdb189c35e151213873b0d
a5a5599366ed1c70c195773a8e9cce9f19859f4e67d56c41bab071e937a61a83
a5cd5eef4caf0d44a6ecbaaea0dfc5361ea5396e8181bedad9c3b07376e3f65c
a631724cecac8cf46ece583f5717dce6335c12c4e364c837a9aa376e85b43322
a6b561b7b2a6cbd9da277210fe6159e6598c736fc4ee000be466388c8d328e8f
a6eaed07fa2df8d34713bbd1e4f10a16cce7087970224906f4912aff9216d46a
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d1d4d32b461f194f9dc371c28e192ad0097cfc45a02949f581ec41ca074e03
a85b4f00a6ee86411335c25efe78776bdf430abffad78030f7d57a2badef9884
aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6
ab988eb336d693ffc32234147f24574dd70244b3323d36e58e36ff9e14de8298
aba13e76e0dfc68cd2710d1745d55c6b210cb2bec6ecd14a541615b685af8564
aba93e6d7b0386c16f82e6c47b9e88a6b9196f9a6b364beafc6a54d319f90bbe
abb3ebd29fd24a2b372fb13ac324338a0a9554f1f097a38538733dcf830beae9
ac2b0b24d095a1cbd0b3a8a099a9df8c82013e2901a7a46a0a47c1b50d941e05
ac899d9b44c2bd38725c26a0276ef5b69954d9a8e6f59b44f1483373884acd6f
ac9a94544292c19e019458dc2b64228bfd1f01098d0ad1104e5a7ed165cfe410
ae088547fab8dbaf2f34b7e7dcb734c0ac1a001f1a602de2411cdb561767a3f5
ae15aec3673c096fed01b1f56e2d3e9ab159a4f02578e29dce88f9880e5dab81
ae2a430797879079d5f612340b6898f6b9f107e7cb662e64161077532a5b49ea
af7f7d9dbec7daf5a6f7d58196b10fdaf2f0e97a15a981e5f180cedb9495739a
afa1d5bcfbc58ede9d71fd9eb2c5b53c369f05f3255ea4a36398be35b52979b9
b0a58c1c3e603536db65ee5a8ea8850bcb8129bb2b7fd8254e665e0782e2dc85
b0ca902c44b9c455950e0db8e9bfed5d88031b0154ac706308126ed5f0dbf32c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b268001a16d640e38b9adebc6560a81ce0248198d694dbe13877a14d58ae131a
b4f08ca416b77da721f5941ccee6154534722c920f073c2262560811337ed0f6
b697ac38711d89885dc3fd819b001b3262af4c1374bb4ce5820a1b471cefd955
b730ee413841da70b67f550de8ffce8148c3fd15dacc5274bd0b80bf18a44da7
b88946b2661815a68a137a11dfc9d009c2c9d4792b66add708d039035281aa5e
b896bcf42ba10e6b547f4e866ab400de32270f8a9aa407e40a84bba4f171d50a
b8cd6a935771c335b708ce50bb07ff972f1e8d65185231435365bb0a66062411
b8d4b2dc578418828e430a65d888b79686d607a8c53b47dd558ce87681b28002
b9f6160b7ea7d0645d6201d24919b7289061f8d021e3c245ad5dd7b00ec66ff2
ba185eccb6b33851fccd9c4ea1c82650a9846e9a65d9950408869de9e52410a9
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
badff47be54c7116a014bab6ea632fee2dc666bb624cc7eacc84c3a4440b2e34
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb396c659a45cda460f579b753cf3a53f83eb8198bd344af0a2e2d9030ef910f
bb785482e2da829fdd7f67ea48253b2eefbb10b599128ec497114386af1345ce
bb7ba11ba6fa03b95b0e70a7d5bc721ada30fca5675ebfb3019584b52069b570
bb7dd85f2e01ff3add4da9efcecfde831c2ee0ec8f60590f4d99cef413095332
bbc029f1d997ab0fa9fc1499f94fb93f83b350470966b2227c6b761b282e527c
bbf09747201f6130ccaff1ebd2dea7ab90042b3f1a66e9a981ecee3e2566d440
bd21be3acfc1eebc9e0e8f374016a2493cd5df45e12213e72044e63580a64882
bfb366045d59dcc51855c1deacc3ddfca4c792f7e7a5b83898b9ae02a75b7e26
bfc48055faccbdb1ca361e7b07c4f0ba6b36f9a28c04991afd4bee391fcfeaf3
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c11ddcb8c179c2294aad810258eb1036a305dee90ae0c7ea6307f106085e8ec0
c186016eefec624345f9a5f597da56b9a88a71a6203130832390b3c0ad4cf0db
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2a683e1bc6389e0cbaaca33c82d9268a57156bb46f035593d8ce9a7e09ea056
c2cd094ba79101b5fac388eef14fc283f1a8c67ce8abb26b4ba4fdfdabf36a5a
c3403d3f47060a5cdaae7540d17cb9d7d2c8c21ecb2425c71e01e53b3fa02e56
c3d1dd4a5f7cbcfa9ae1fa38991095ea98ffb79d581230c72cfa7b0b7d94236e
c5068652d2e91ff8a12bd334ea7ce87b7225f6da4a6a2841c8b51c24029a392b
c5b75ac60af5bcfb11df6f2a767d6829fcd51ca43ecd2cf3742dac3f31fbc642
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c7895efe970f056547399fbbb74be266cde9adf1231b14c2a9db027cf74d0e43
c7c63b43903d698f7c8b28360ce19c81b574db3288a8db01a29ac72ffba1327b
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
c9bfec5c614c8a6eed84872eef8b7ee7746e51c07867c6d86716b7f2d9c13150
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb6156e8febaaac222eb4c2b7188364f9418fc88babcee88b83bdeaa00f0aa69
cc6ffe27572c86880cfd200acca522ed693ae64f8b51583875d7dc98e5c63cb1
cc9ec6644a6ccb4a6a3204d91b8203b72bfbecb521bcb4b3084dc77dc9f6e755
cd6b3451bd3f375e1dd605d5dd648dffa5eb5b69d72a09ca33aefbad9a336dcb
ce2a30228c8617a4cae5c6ddcff421aa9f334e78e5fe233c0af9e6201207671f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf58bdb35ac79f27e6a0091929ac5881699abc820b245f1b6c3bf8bbdda45aa8
cfff8803c0f2695644db4e3bc709cfe6bcf14b84bc963894ffdda4a6a0f3d88f
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1872ace7c3af8a214bec239d58ad3d4f3e0d5eee7a18bb416aa9cd28fff233d
d2824c32b4c7001e0444cd3295ee149234b415db7dbb51d82c58343e345d3a5f
d342081333ea08ed17938ded78539131f5393b1d6a5155e3cabd86fb4393691f
d3d151187e45a17fd8cb8b85ebed3cd25222463f17cf5151749636b8a74aff25
d3decc75ba01ec53d1204eee13646967c5ec5ae009d0172ff3a06d38e0c8ef44
d415f82142d578c1440e0f194b5694315a05f0daa2aa8a4ccd1706697bd133c0
d434461376b8827aa6fb19f01d9afa491e4458444af87caddb5986ccde24bd3c
d4403ebd9944483d11101b07509dd5256e8d243ffb5a2d1c1337675085469edc
d4c5d952297366d4e340d33bef112d53749ea1b14f3bc9bbbe9c8dc9d73bb354
d6532a71692cf5f160e55e5baf697279d831a40caaf750161236d5b55b0ad6a6
d68124938cd0c2efbd1c4b893afcfc241f353b24351375c44ead1209d0e0e751
d681e1f0663b5856aa70a3520b31fe6defdd755980cdfb3bd4e6e7923a7172e5
d717975fbc6815f9c86e4c87154a8e2249ec957687ff8477bb649b318c2fdd3a
d9275df09199a40bb650ce1216fde1c809530ea918816f4b581a237999235120
d9891fa494491d0568e605c871d580816221bc90881cbb8701154ae470ea824d
db2a242e49812eeaf79e3718024737c5c48117e79771be73279d0659093d9337
db57f7b8367ae1bb8bb3433600bdc6c921f4a38de2448b06e78e39b0d39bc46d
dbff361120b68fef0d37e18d9a64530c432f9c7ee025253d1084c8d32fa88f66
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dea42e0f179347a75dd9fa41636bd1fa1ae92397bcde89a1389eeb8c0ace0fca
deca07caa88b4bd74d4d085b34834757973f5f788e22335643157e6346767eff
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1acaf1b84c7c6a5a7ae96e4b9cce92c540c0c8ebbb0e56f8ff473917e2e9a72
e33d5cb4512f387f336a822e159533830306657a7a1036d8ff36b4398ae90936
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54cdda4e8f06859b0178a908b45c1a52ce4965405725b381910ed204a8e1741
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e69df4d9338c3871db5fa6ca473d2c57d5613f0b9aa741f64eea6bf9fb788929
e6f842ccb9f05ede4f39819492a3c2ef22fd899c3c667da47fd2e8349ea62722
e7974a19e218adde85eab1fe356b809a52d5dba6c7855cfb2aecbc97dbf7a311
e7c9882961051fe8f15077a313665ba24be998f20295f96c76c0998a0e4ce59c
e8a63752f7a4867483d3a66bb10da00f7048e9285b960bbf9e9d57713940dedb
e8ac19d15945d11645cc68623bae41ca14067a00557eb3a849dbb41c38d96a4c
e8bf9ccc765b5576c8b86e1f75a308e112cea4c1ead476dcf94720d10fa6fb0d
e8e49d12d085acc1fd8d7c49c729225d667eb15f10f6b89eebc8798ab3964c25
e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411
e99f9949ade385291b0f5bf78ab7619cd5f91643dae4d3a7e8069398db16727a
eae79b443a97e7b97aa8db3345d2841aa034a09901d296467a8f3c32348f8a74
eaff1eb94ac193ad50222292465d92d328b57691db58cc385eca26450eb27eb0
eb578e5229cead21a487f38f0428ce5362cc04b13dfbc686cb380be538c0e79f
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed05b379e16f99e991942612551f789ce3f82404bd8e0dfa0b0b16a5e800e9ca
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ee67f6cfd9bda354307db25dca19b3b518c02b72f8e4d448012bd33734dd0cd8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef468b047afc32102bcf85150daa4ddc44e9220cb158f971963d0c46099a4551
f0d544e1b0570c46ab87f5970af498c10bba6e880e8d3e36713c663b1f2fbaca
f3402616df5b5f133e7f53c505699763f7fe71ea699559ad6e3cd063e221e591
f3ba521bfb93f68c018326e1d75dfe3794a601c3e00db399dc9d094331a796a3
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f40f5aae5f579b100046297556b20241064b7df6f453768a2c45448b99faf40d
f5135fbd5f0fa31088e3b84fa282260c81069aac014df6be1e3624376688760b
f54ab1e32dd2faf787fd0c28a5b92b033d19ece20de5f26114e2d13c7f5a5e96
f5555daf03e1bdb04700bb3319f75f09dad61c03a176ef620bec9b21c1e4856b
f5cb3759e19705655ab24ec4cd015a0e2bfe6d49965d1b3b6ad88b068e72c2dc
f61b78524373ae1f4a9aa5e208b47d192c83b2ea393b435f4b42b3aba45d05be
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6b1dff67df73f0f41f55601b7b331893331bd4c3033c17d419aa027c6347213
f6f4f2bcbbe1ab0abb698e405521f0733db9fd41e40703c18ae00a975ff59a57
f6fa000bd9d8ab859482009f777a3f8df1e96c0a19289f6f41baf53d84e6e0fb
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
f7c0c573646a32a4e95e37cea152d051cf7edf71db72e26c051adb25b94f48d5
f8219d68614c67f9c3e85e94d7970976e4843220ee88ecdee23071968c6072b6
f828a24912517602d4bef7f8d8ba39ebbb8317146bc6119887e7f76285d9e906
fb22014695a5f5bdc5c00620f486206901b0eca5086df694b06c501e0b56757d
fbac4ad8670acaf09b2d4ad862bf2d407f99c8ee193c48979faeb8dccd4f6883
fc3e891ad0d8075876d0f7572482f1f249345583b89459f485e59299931bc99d
fd6618f8ba6d085241bd49369dcb2f576ebe20208f08c7dd17bbf688aa1a03a4
ffe04091b035ae1bfe76e90d8dcccb0e4eab5b04334576832341d6da0b9fd91d