assinaturaglobo.globo.com Open in urlscan Pro
131.0.25.102 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.radar-de-novidades.info/c/kni/FCws/jYNaMOwuWhXjmQxwMgfmRy/j/cxfA/F/e3108721
Effective URL:
https://assinaturaglobo.globo.com/valor/oferta/valor-digital-30-gratis-1990-3m?campanha=sim&utm_source=email&utm_medium=email&utm_...
Submission: On June 27 via manual (June 27th 2022, 6:45:53 pm UTC) from BR — Scanned from DE

Summary HTTP 192 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 51 IPs in 10 countries across 40 domains to perform 192 HTTP transactions. The main IP is 131.0.25.102, located in Brazil and belongs to Globo Comunicacao e Participacoes SA, BR. The main domain is assinaturaglobo.globo.com.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on October 30th 2021. Valid for: a year.

This is the only time assinaturaglobo.globo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	91.199.51.78 91.199.51.78	47544 (IQPL-AS) (IQPL-AS)
1 1	13.69.68.37 13.69.68.37	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	131.0.25.102 131.0.25.102	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
11	186.192.90.3 186.192.90.3	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
3	167.99.12.84 167.99.12.84	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a04:4e42:62::84 2a04:4e42:62::84	54113 (FASTLY) (FASTLY)
6	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
2	104.75.88.209 104.75.88.209	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2620:1ec:27::... 2620:1ec:27::cafe:1824	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	52.167.85.21 52.167.85.21	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	104.75.88.194 104.75.88.194	16625 (AKAMAI-AS) (AKAMAI-AS)
10	201.7.182.209 201.7.182.209	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
7	2606:4700:10:... 2606:4700:10::ac43:c60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:ff3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	186.192.91.5 186.192.91.5	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
9	54.73.80.98 54.73.80.98	16509 (AMAZON-02) (AMAZON-02)
1	186.192.81.117 186.192.81.117	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
6	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
2	35.244.153.86 35.244.153.86	15169 (GOOGLE) (GOOGLE)
3	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
3	35.211.79.33 35.211.79.33	15169 (GOOGLE) (GOOGLE)
4 4	100.24.249.189 100.24.249.189	14618 (AMAZON-AES) (AMAZON-AES)
4 4	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 4	143.204.215.7 143.204.215.7	16509 (AMAZON-02) (AMAZON-02)
1 2	52.17.114.133 52.17.114.133	16509 (AMAZON-02) (AMAZON-02)
3 4	185.33.220.100 185.33.220.100	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
2 3	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	35.198.44.170 35.198.44.170	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
11	131.0.25.28 131.0.25.28	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
1	2a00:1450:400... 2a00:1450:4001:831::2010	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c02::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	54.186.100.168 54.186.100.168	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	96.16.134.158 96.16.134.158	16625 (AKAMAI-AS) (AKAMAI-AS)
9	104.16.168.131 104.16.168.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
192	51

1 91.199.51.78 (Poland) 1 redirects

ASN47544 (IQPL-AS, PL)
PTR: 91-199-51-78.rev.iq.pl

links.radar-de-novidades.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.69.68.37 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

r.ar-mtch1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 131.0.25.102 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 131.0.25-102.prt.globo.com

assinaturaglobo.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 186.192.90.3 (Niterói, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-90-3.prt.globo.com

s3.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 167.99.12.84 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

invttjs.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:62::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1824 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.167.85.21 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

i.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.75.88.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 201.7.182.209 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)

api-assinaturaglobo.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::ac43:c60 (United States)

ASN13335 (CLOUDFLARENET, US)

api.deep.bi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:ff3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 186.192.91.5 (Niterói, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-91-5.prt.globo.com

s.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.73.80.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-80-98.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 186.192.81.117 (Niterói, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-81-117.prt.globo.com

horizon-schemas.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.153.86 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 86.153.244.35.bc.googleusercontent.com

cocoon.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.79.33 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 33.79.211.35.bc.googleusercontent.com

horizon.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
horizon-track.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 100.24.249.189 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-249-189.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.98 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.215.7 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-7.fra53.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.114.133 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-114-133.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.100 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (Beverwijk, Netherlands) 2 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.198.44.170 (São Paulo, Brazil)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 170.44.198.35.bc.googleusercontent.com

usergate.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 131.0.25.28 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 131.0.25-28.prt.globo.com

login.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

gadasource.storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c02::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.186.100.168 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-186-100-168.us-west-2.compute.amazonaws.com

ivccf.ivcbrasil.org.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.134.158 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-134-158.deploy.static.akamaitechnologies.com

appleid.cdn-apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.16.168.131 (None, )

ASN13335 (CLOUDFLARENET, US)

hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	globo.com assinaturaglobo.globo.com api-assinaturaglobo.globo.com horizon-schemas.globo.com — Cisco Umbrella Rank: 53450 cocoon.globo.com — Cisco Umbrella Rank: 74664 horizon.globo.com — Cisco Umbrella Rank: 55914 horizon-track.globo.com — Cisco Umbrella Rank: 44732 usergate.globo.com — Cisco Umbrella Rank: 68471 login.globo.com — Cisco Umbrella Rank: 367848	684 KB
29	glbimg.com s3.glbimg.com — Cisco Umbrella Rank: 52054 s.glbimg.com — Cisco Umbrella Rank: 63080	400 KB
22	krxd.net 4 redirects beacon.krxd.net — Cisco Umbrella Rank: 457 cdn.krxd.net — Cisco Umbrella Rank: 1451 consumer.krxd.net — Cisco Umbrella Rank: 1965 usermatch.krxd.net — Cisco Umbrella Rank: 1270	214 KB
21	google.com apis.google.com — Cisco Umbrella Rank: 162 news.google.com — Cisco Umbrella Rank: 4503 play.google.com — Cisco Umbrella Rank: 46 www.google.com — Cisco Umbrella Rank: 8	161 KB
10	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 579 i.clarity.ms — Cisco Umbrella Rank: 5240 c.clarity.ms — Cisco Umbrella Rank: 1113	26 KB
9	hcaptcha.com hcaptcha.com — Cisco Umbrella Rank: 7523 newassets.hcaptcha.com — Cisco Umbrella Rank: 11448	663 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49 ssl.google-analytics.com — Cisco Umbrella Rank: 390	95 KB
7	doubleclick.net 4 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 205 stats.g.doubleclick.net — Cisco Umbrella Rank: 119	1 KB
7	deep.bi api.deep.bi — Cisco Umbrella Rank: 135227	24 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	739 B
5	gstatic.com www.gstatic.com fonts.gstatic.com	126 KB
5	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 836	30 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 244	4 KB
4	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 134	1 KB
4	navdmp.com tag.navdmp.com — Cisco Umbrella Rank: 20312 usr.navdmp.com — Cisco Umbrella Rank: 23820 cdn.navdmp.com — Cisco Umbrella Rank: 5349 sync.navdmp.com — Cisco Umbrella Rank: 8537	6 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 362 c.bing.com — Cisco Umbrella Rank: 182	13 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5448	627 B
3	invttjs.com.br invttjs.com.br	19 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	193 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 540	701 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 192	2 KB
2	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 391	757 B
2	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 794	1 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 784	19 KB
1	cdn-apple.com appleid.cdn-apple.com — Cisco Umbrella Rank: 3716	18 KB
1	ivcbrasil.org.br ivccf.ivcbrasil.org.br — Cisco Umbrella Rank: 113358	461 B
1	googleapis.com gadasource.storage.googleapis.com — Cisco Umbrella Rank: 58631	24 KB
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1121	395 B
1	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 847	688 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 587	191 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 711	214 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 321	98 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 494	415 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 516	355 B
1	t.co t.co — Cisco Umbrella Rank: 455	337 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 632	15 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	73 KB
1	ar-mtch1.com 1 redirects r.ar-mtch1.com — Cisco Umbrella Rank: 323208	507 B
1	radar-de-novidades.info 1 redirects links.radar-de-novidades.info	444 B
0	nexac.com Failed r.nexac.com Failed
192	40

	Domain	Requested by
18	s.glbimg.com	tags.tiqcdn.com s3.glbimg.com s.glbimg.com login.globo.com
11	login.globo.com	assinaturaglobo.globo.com login.globo.com s.glbimg.com
11	s3.glbimg.com	assinaturaglobo.globo.com tags.tiqcdn.com s3.glbimg.com s.glbimg.com
10	api-assinaturaglobo.globo.com	assinaturaglobo.globo.com
9	beacon.krxd.net	tag.navdmp.com assinaturaglobo.globo.com cdn.krxd.net
8	news.google.com	assinaturaglobo.globo.com news.google.com www.gstatic.com
7	newassets.hcaptcha.com	hcaptcha.com newassets.hcaptcha.com
7	play.google.com	www.gstatic.com
7	api.deep.bi	assinaturaglobo.globo.com api.deep.bi
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com login.globo.com
6	cdn.krxd.net	tags.tiqcdn.com cdn.krxd.net
6	i.clarity.ms	www.clarity.ms
6	www.facebook.com	assinaturaglobo.globo.com
5	tags.tiqcdn.com	assinaturaglobo.globo.com tags.tiqcdn.com login.globo.com
4	www.gstatic.com	news.google.com www.gstatic.com
4	ib.adnxs.com	3 redirects assinaturaglobo.globo.com
4	sb.scorecardresearch.com	1 redirects assinaturaglobo.globo.com
4	cm.g.doubleclick.net	4 redirects
4	usermatch.krxd.net	4 redirects
4	assinaturaglobo.globo.com	assinaturaglobo.globo.com
3	www.google.de	login.globo.com
3	www.google.com	login.globo.com
3	stats.g.doubleclick.net	www.google-analytics.com
3	consumer.krxd.net	cdn.krxd.net
3	invttjs.com.br	assinaturaglobo.globo.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com assinaturaglobo.globo.com
3	connect.facebook.net	assinaturaglobo.globo.com connect.facebook.net
3	apis.google.com	assinaturaglobo.globo.com login.globo.com apis.google.com
2	hcaptcha.com	s.glbimg.com newassets.hcaptcha.com
2	usergate.globo.com	tags.tiqcdn.com
2	c.clarity.ms	1 redirects
2	sync.1rx.io	2 redirects
2	dpm.demdex.net	1 redirects assinaturaglobo.globo.com
2	gum.criteo.com	2 redirects
2	horizon.globo.com	assinaturaglobo.globo.com login.globo.com
2	cocoon.globo.com	s.glbimg.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	ct.pinterest.com	s.pinimg.com assinaturaglobo.globo.com
2	s.pinimg.com	assinaturaglobo.globo.com s.pinimg.com
1	appleid.cdn-apple.com	login.globo.com
1	ssl.google-analytics.com	login.globo.com
1	ivccf.ivcbrasil.org.br
1	gadasource.storage.googleapis.com	assinaturaglobo.globo.com
1	fonts.gstatic.com	news.google.com
1	c.bing.com	1 redirects
1	horizon-track.globo.com	s3.glbimg.com
1	sync.targeting.unrulymedia.com	assinaturaglobo.globo.com
1	sync.navdmp.com	assinaturaglobo.globo.com
1	cms.analytics.yahoo.com	1 redirects
1	pixel-sync.sitescout.com	assinaturaglobo.globo.com
1	token.rubiconproject.com	assinaturaglobo.globo.com
1	idsync.rlcdn.com	assinaturaglobo.globo.com
1	stags.bluekai.com	assinaturaglobo.globo.com
1	horizon-schemas.globo.com	s3.glbimg.com
1	cdn.navdmp.com	tag.navdmp.com
1	usr.navdmp.com	tag.navdmp.com
1	tag.navdmp.com	tags.tiqcdn.com
1	analytics.twitter.com	assinaturaglobo.globo.com
1	t.co	assinaturaglobo.globo.com
1	static.ads-twitter.com	www.googletagmanager.com
1	www.googletagmanager.com	assinaturaglobo.globo.com
1	r.ar-mtch1.com	1 redirects
1	links.radar-de-novidades.info	1 redirects
0	r.nexac.com Failed	assinaturaglobo.globo.com
192	64

This site contains links to these domains. Also see Links.

Domain
privacidade.globo.com

Subject Issuer	Validity	Valid
assinaturaglobo.globo.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-10-30` - `2022-10-30`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
s3.glbimg.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-05-21` - `2023-05-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-06` - `2022-07-05`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
invttjs.com.br R3	`2022-04-11` - `2022-07-10`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-27` - `2022-08-05`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
api-assinaturaglobo.globo.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-10-29` - `2022-10-29`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-11` - `2023-06-11`	a year	crt.sh
*.glbimg.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-05-29` - `2023-05-30`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
horizon-schemas.globo.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-04-04` - `2023-04-04`	a year	crt.sh
cdn.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-30` - `2022-12-29`	a year	crt.sh
cocoon.globo.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-10-15` - `2022-10-15`	a year	crt.sh
consumer.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2022-07-12`	a year	crt.sh
horizon.globo.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-11-11` - `2022-11-11`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
horizon-track.globo.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-11-11` - `2022-11-11`	a year	crt.sh
usergate.globo.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-05-13` - `2023-05-13`	a year	crt.sh
*.news.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
login.globo.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-02-04` - `2023-02-04`	a year	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.ivcbrasil.org.br Amazon	`2022-05-31` - `2023-06-29`	a year	crt.sh
appleid.cdn-apple.com Apple Public EV Server RSA CA 2 - G1	`2022-04-19` - `2023-05-19`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://assinaturaglobo.globo.com/valor/oferta/valor-digital-30-gratis-1990-3m?campanha=sim&utm_source=email&utm_medium=email&utm_campaign=20220500_ve_vd_30free_info
Frame ID: 8979523C3B92CE10C02A685941E6D642
Requests: 91 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: F93A71DB2D856769C14566659763CD2B
Requests: 19 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=460098&publicationId=valor.globo.com
Frame ID: 894491610D073D568335B938FFD3F7D6
Requests: 13 HTTP requests in this frame

Frame: https://login.globo.com/login/6668?url=https%3A%2F%2Fs3.glbimg.com%2Fv1%2FAUTH_65d1930a0bda476ba8d3c25c5371ec3f%2Fpiano%2Fhelper%2Fredirect.html%23https://assinaturaglobo.globo.com/valor/login%3Fcampanha%3Dsim%26utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info%26oferta%3Dvalor-digital-30-gratis-1990-3m
Frame ID: 5CC9729C082BC00B1D51F1C1D026B1F3
Requests: 51 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/51c8a75/static/hcaptcha.html
Frame ID: 5763D85F857BC687FA92C4D18DD7FA30
Requests: 4 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/51c8a75/static/hcaptcha.html
Frame ID: C7D23ED02D56899392DC5EC34D9B7D5F
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Valor | Login

Page URL History Show full URLs

https://links.radar-de-novidades.info/c/kni/FCws/jYNaMOwuWhXjmQxwMgfmRy/j/cxfA/F/e3108721 HTTP 302
https://r.ar-mtch1.com/Redirect?pid=FQ&chid=2F&md5=f7f1175756c8710b408d1a79fbd5ee1a&sha256=3eb3e2dc... HTTP 302
https://assinaturaglobo.globo.com/valor/oferta/valor-digital-30-gratis-1990-3m?campanha=sim&utm_source=email&u... Page URL

Detected technologies

Apple Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

appleid\.auth\.js

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<meta[^>]*google-signin-client_id
apis\.google\.com/js/platform\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

hCaptcha (Security) Expand

Overall confidence: 100%
Detected patterns

https://hcaptcha.com/([\d]+?)/api.js

Page Statistics

192
Requests

93 %
HTTPS

36 %
IPv6

40
Domains

64
Subdomains

51
IPs

10
Countries

2810 kB
Transfer

7323 kB
Size

52
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://privacidade.globo.com/privacy-policy/
Title: Política de Privacidade

Search URL Search Domain Scan URL

URL: https://privacidade.globo.com/
Title: Portal da Privacidade

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.radar-de-novidades.info/c/kni/FCws/jYNaMOwuWhXjmQxwMgfmRy/j/cxfA/F/e3108721 HTTP 302
https://r.ar-mtch1.com/Redirect?pid=FQ&chid=2F&md5=f7f1175756c8710b408d1a79fbd5ee1a&sha256=3eb3e2dcf75ec672a5ece7beaca06ddf26c04b36e33cff680b9bac5dacdeba68&url=https%3a%2f%2fassinaturaglobo.globo.com%2fvalor%2foferta%2fvalor-digital-30-gratis-1990-3m%3fcampanha%3dsim%26utm_source%3demail%26utm_medium%3demail%26utm_campaign%3d20220500_ve_vd_30free_info&type=c&list=Ativos_Enviou&esp=F HTTP 302
https://assinaturaglobo.globo.com/valor/oferta/valor-digital-30-gratis-1990-3m?campanha=sim&utm_source=email&utm_medium=email&utm_campaign=20220500_ve_vd_30free_info Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://usermatch.krxd.net/um/v2?partner=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=TzdIMzdFdHU HTTP 302
https://cm.g.doubleclick.net/pixel?google_cm=&google_nid=krux_digital&google_hm=TzdIMzdFdHU&google_tc= HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEMluBF0sSB-Al0_a9lj_DJQ&google_cver=1

Request Chain 61

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=TzdIMzdFdHU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm=&google_hm=TzdIMzdFdHU&google_tc= HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESED2QBHovWKRVYA27qrPuXAs&google_cver=1

Request Chain 63

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://gum.criteo.com/sync?s=1&c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=5Z78JzG51hd-LU8fwJxZAlx_NfsdSAU_

Request Chain 65

https://dpm.demdex.net/ibs:dpid=66757&&dpuuid=O7H37Etu HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=66757&&dpuuid=O7H37Etu

Request Chain 66

https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fadnxs_uid%3D%24UID HTTP 302
https://beacon.krxd.net/usermatch.gif?adnxs_uid=518864608464924887

Request Chain 67

https://ib.adnxs.com/mapuid?member=1780&user=O7H37Etu HTTP 307
https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember%3D1780%26user%3DO7H37Etu

Request Chain 70

https://usermatch.krxd.net/um/v2?partner=sitescout HTTP 302
https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=O7H37Etu

Request Chain 71

https://usermatch.krxd.net/um/v2?partner=verizon HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=KRUX&_hosted_id=O7H37Etu HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-KBeoXQVE2pu0aHg78CIU.W7U1t2HROv_Hg--~A

Request Chain 72

https://usermatch.krxd.net/um/v2?partner=navegg HTTP 302
https://sync.navdmp.com/sync?prtid=30&salid=O7H37Etu

Request Chain 73

https://sync.1rx.io/usersync/krux/O7H37Etu?dspret=1 HTTP 302
https://sync.1rx.io/usersync/krux/O7H37Etu?zcc=1&cb=1656355548077 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-afc57807-659c-4bfb-b581-a113da270556-003

Request Chain 76

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=B7BB06DF62904245AEAEDD7AF0C98759&RedC=c.clarity.ms&MXFR=01F502DECD6369DA23D8130EC9636751 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=B7BB06DF62904245AEAEDD7AF0C98759&MUID=2AD9ACD4EF156EDD3E3BBD04EE7E6FCB

Request Chain 124

https://sb.scorecardresearch.com/c2/6035227/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

192 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request valor-digital-30-gratis-1990-3m Show response
assinaturaglobo.globo.com/valor/oferta/
Redirect Chain

https://links.radar-de-novidades.info/c/kni/FCws/jYNaMOwuWhXjmQxwMgfmRy/j/cxfA/F/e3108721
https://r.ar-mtch1.com/Redirect?pid=FQ&chid=2F&md5=f7f1175756c8710b408d1a79fbd5ee1a&sha256=3eb3e2dcf75ec672a5ece7beaca06ddf26c04b36e33cff680b9bac5dacdeba68&url=https%3a%2f%2fassinaturaglobo.globo.c...
https://assinaturaglobo.globo.com/valor/oferta/valor-digital-30-gratis-1990-3m?campanha=sim&utm_source=email&utm_medium=email&utm_campaign=20220500_ve_vd_30free_info

5 KB
2 KB

1102ms
251ms

Document
text/html

131.0.25.102
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://assinaturaglobo.globo.com/valor/oferta/valor-digital-30-gratis-1990-3m?campanha=sim&utm_source=email&utm_medium=email&utm_campaign=20220500_ve_vd_30free_info
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 131.0.25.102 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 131.0.25-102.prt.globo.com
Software: nginx / Express
Resource Hash: 4a84ef4e13599cf4c8cf989d88968a6ad1793ad55504975921932eea10b289cc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 27 Jun 2022 18:45:45 GMT
etag: W/"130e-18101d2c840"
last-modified: Thu, 26 May 2022 19:23:20 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: Express

Redirect headers

content-length: 0
date: Mon, 27 Jun 2022 18:45:43 GMT
location: https://assinaturaglobo.globo.com:443/valor/oferta/valor-digital-30-gratis-1990-3m?campanha=sim&utm_source=email&utm_medium=email&utm_campaign=20220500_ve_vd_30free_info
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
20 KB 79ms
32ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: assinaturaglobo.globo.com
URL: https://assinaturaglobo.globo.com/valor/oferta/valor-digital-30-gratis-1990-3m?campanha=sim&utm_source=email&utm_medium=email&utm_campaign=20220500_ve_vd_30free_info

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43e22721ce191cab06c0f7269431a9eac8a32579d764c2e005852d3502c459fc

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20332
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Mon, 27 Jun 2022 18:45:45 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "e961625a9b34a42f"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Jun 2022 18:45:45 GMT

GET
H2 200 lgpd-lib.min.css
s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/ 11 KB
2 KB 1134ms
438ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/lgpd-lib.min.css
Requested by: Host: assinaturaglobo.globo.com
URL: https://assinaturaglobo.globo.com/valor/oferta/valor-digital-30-gratis-1990-3m?campanha=sim&utm_source=email&utm_medium=email&utm_campaign=20220500_ve_vd_30free_info
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 2e53bbdf41db08d5017462fe9963a8ee505c7a8ff83756c5217635019a076465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:46 GMT
content-encoding: gzip
x-openstack-request-id: tx0aff844938724dabb0f32-0062b20593
last-modified: Mon, 20 Jun 2022 19:49:55 GMT
x-thanos: 0AB47184
vary: Accept-Encoding, Origin
content-type: text/css; charset=utf-8
x-timestamp: 1655754594.06272
cache-control: public, max-age=77760000
x-trans-id: tx0aff844938724dabb0f32-0062b20593
x-request-id: 02895d0a-c1da-43fd-b677-f743e4ef977f

GET
H2 200 main.css
assinaturaglobo.globo.com/ 140 KB
29 KB 508ms
507ms Stylesheet
text/css 131.0.25.102
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://assinaturaglobo.globo.com/main.css?dfa69c7915437d71b885
Requested by: Host: assinaturaglobo.globo.com
URL: https://assinaturaglobo.globo.com/valor/oferta/valor-digital-30-gratis-1990-3m?campanha=sim&utm_source=email&utm_medium=email&utm_campaign=20220500_ve_vd_30free_info
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 131.0.25.102 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 131.0.25-102.prt.globo.com
Software: nginx / Express
Resource Hash: 354aa4a15f9f9924b3cdd5458afaeb92e6b20b45fabb0e552bfa31c81688263e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/valor/oferta/valor-digital-30-gratis-1990-3m?campanha=sim&utm_source=email&utm_medium=email&utm_campaign=20220500_ve_vd_30free_info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:45 GMT
content-encoding: gzip
last-modified: Fri, 20 May 2022 18:32:33 GMT
server: nginx
x-powered-by: Express
etag: W/"22f2f-180e2be21e8"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0

GET
H2 200 lgpd-lib.min.js Show response
s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/ 46 KB
15 KB 1119ms
439ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/lgpd-lib.min.js
Requested by: Host: assinaturaglobo.globo.com
URL: https://assinaturaglobo.globo.com/valor/oferta/valor-digital-30-gratis-1990-3m?campanha=sim&utm_source=email&utm_medium=email&utm_campaign=20220500_ve_vd_30free_info
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 655e8547a0f057f68c1a3bbe78d65bcdaee6bc402814d11e3b6fc1da6e0d9dfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:46 GMT
content-encoding: gzip
x-openstack-request-id: tx1bfc2a3052d34f72b4835-0062b20594
last-modified: Mon, 20 Jun 2022 19:49:46 GMT
x-thanos: 0AB47184
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
x-timestamp: 1655754585.94774
cache-control: public, max-age=77760000
x-trans-id: tx1bfc2a3052d34f72b4835-0062b20594
x-request-id: 34fe10af-ba2a-4023-8db4-c16002756cb5

GET
H2 200 main.js Show response
assinaturaglobo.globo.com/scripts/ 708 KB
209 KB 751ms
751ms Script
application/javascript 131.0.25.102
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://assinaturaglobo.globo.com/scripts/main.js?dfa69c7915437d71b885
Requested by: Host: assinaturaglobo.globo.com
URL: https://assinaturaglobo.globo.com/valor/oferta/valor-digital-30-gratis-1990-3m?campanha=sim&utm_source=email&utm_medium=email&utm_campaign=20220500_ve_vd_30free_info
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 131.0.25.102 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 131.0.25-102.prt.globo.com
Software: nginx / Express
Resource Hash: 5399e69ce8d717272c16d3d206182b963a1cd039fdba68a99c58316d8ee40a25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/valor/oferta/valor-digital-30-gratis-1990-3m?campanha=sim&utm_source=email&utm_medium=email&utm_campaign=20220500_ve_vd_30free_info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:45 GMT
content-encoding: gzip
last-modified: Thu, 26 May 2022 19:23:20 GMT
server: nginx
x-powered-by: Express
etag: W/"b0ea6-18101d2c840"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 231 KB
73 KB 100ms
51ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5DKHV2Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cbf7fe23e5a7c185dcec8933b441988332412075d2719f1f1d5505752d9d5ec6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74406
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 27 Jun 2022 18:45:45 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 67ms
23ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26344
x-xss-protection: 0
pragma: public
x-fb-debug: 0s9IeSCehv8LT3HRJC9tRYqgxacPmcqowdhQ+uQYMgGTHuiO6l7m+UHujRU6pxrqCOn32pOBi/QFhLXPeHwAjg==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Mon, 27 Jun 2022 18:45:45 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 2141932009213214 Show response
connect.facebook.net/signals/config/ 288 KB
83 KB 145ms
144ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2141932009213214?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b534497f5d0fcbe1e99f5966cc5f418367668d07d11bbd88dbc5cdd0baba851d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 4mBb5VT6/OO3vo0rj4LJFoe1k6Q//gFUTSqBsI8Akt0voT0T6/IXGITCnMpqhQoGS+XmES689w18MiVfKGMqaw==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 27 Jun 2022 18:45:45 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1656355545529
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 97 KB
38 KB 94ms
32ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=OPT-NM96RTT

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DKHV2Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

94bdf249d07d61fd7481ec15d49414d07e4d92ba4c1d7d7b86a49f1318127847

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38815
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 27 Jun 2022 18:45:45 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 136ms
51ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DKHV2Q

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 18:22:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 305AEBD8BA504EC799BA6812D7927FB1 Ref B: FRAEDGE1411 Ref C: 2022-06-27T18:45:45Z
etag: "0c8eafcad81d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Mon, 27 Jun 2022 18:45:44 GMT
accept-ranges: bytes
content-length: 11360

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 55 KB
15 KB 108ms
24ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DKHV2Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:45 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 16:20:35 GMT
etag: "f345fa1999011d396bda3b2c6fafc302+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 15166
x-served-by: cache-iad-kiad7000115-IAD, cache-muc13931-MUC

GET
H/1.1 200
OK pft.js Show response
invttjs.com.br/ 17 KB
17 KB 590ms
260ms Script
application/javascript 167.99.12.84
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://invttjs.com.br/pft.js
Requested by: Host: assinaturaglobo.globo.com
URL: https://assinaturaglobo.globo.com/valor/oferta/valor-digital-30-gratis-1990-3m?campanha=sim&utm_source=email&utm_medium=email&utm_campaign=20220500_ve_vd_30free_info
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.99.12.84 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: f26070fd8b359ad65a85fe285128f9c5cfc2e73db31d417752213c7462d69d54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 27 Jun 2022 18:45:45 GMT
Cache-Control: max-age=30
Server: nginx/1.10.3 (Ubuntu)
Content-Type: application/javascript
Transfer-Encoding: chunked
Expires: Mon, 27 Jun 2022 18:46:15 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 105ms
19ms Script
application/javascript 2a04:4e42:62::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: assinaturaglobo.globo.com
URL: https://assinaturaglobo.globo.com/valor/oferta/valor-digital-30-gratis-1990-3m?campanha=sim&utm_source=email&utm_medium=email&utm_campaign=20220500_ve_vd_30free_info
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:62::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:45 GMT
fastly-restarts: 1
x-cdn: fastly
etag: "c4a0eea377c5e0da574e46f4d6e838e5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 200 main.32155010.js Show response
s.pinimg.com/ct/lib/ 52 KB
18 KB 19ms
19ms Script
application/javascript 2a04:4e42:62::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.32155010.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:62::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:45 GMT
content-encoding: gzip
fastly-restarts: 1
x-cdn: fastly
etag: "fd86de14455274a7c147dc95b77e18e3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
content-length: 18298
access-control-expose-headers: X-CDN

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 64ms
22ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2141932009213214&ev=PageView&dl=https%3A%2F%2Fassinaturaglobo.globo.com%2Fvalor%2Foferta%2Fvalor-digital-30-gratis-1990-3m%3Fcampanha%3Dsim%26utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info&rl=&if=false&ts=1656355545591&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&fbp=fb.1.1656355545590.2101553058&it=1656355545399&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 27 Jun 2022 18:45:45 GMT

GET
H2 200 adsct
t.co/i/ 43 B
337 B 186ms
136ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=1e9adbc1-1c4f-4b51-87c0-be33a87a5a37&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=cbcc56a9-ed69-4515-9654-401a05000ad8&tw_document_href=https%3A%2F%2Fassinaturaglobo.globo.com%2Fvalor%2Foferta%2Fvalor-digital-30-gratis-1990-3m%3Fcampanha%3Dsim%26utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2oul&type=javascript&version=2.4.12

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 112
date: Mon, 27 Jun 2022 18:45:45 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 00fb228ce86caddbce7a9acf2eaec0c834232ffaa91e3adebd9c6af1da6b3638
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
355 B 179ms
128ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=1e9adbc1-1c4f-4b51-87c0-be33a87a5a37&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=cbcc56a9-ed69-4515-9654-401a05000ad8&tw_document_href=https%3A%2F%2Fassinaturaglobo.globo.com%2Fvalor%2Foferta%2Fvalor-digital-30-gratis-1990-3m%3Fcampanha%3Dsim%26utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2oul&type=javascript&version=2.4.12

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 106
date: Mon, 27 Jun 2022 18:45:45 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 536251b9eef05d4038a1f78660a8f9bda5226c05aa1d5f6bdcc8497ed2cacef7
content-length: 43

GET
H2 200 / Show response
ct.pinterest.com/user/ 482 B
837 B 188ms
72ms XHR
application/json 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?event=pagevisit&tid=2614251710457&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1656355545608

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

ced49017b1747b55cec9c576da1dc15fa47ce9cd77ec6e0cf27033892e826864

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:45 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.946656b8.1656355545.f431fd3a
x-envoy-upstream-service-time: 2
x-pinterest-rid: 1320848964742459
pin-unauth: dWlkPVpEVTNNelprTlRBdE1tSm1NaTAwTkRWa0xUbG1OVEV0WkdObVlXSmlaVGRsTnpaaA
access-control-allow-origin: https://assinaturaglobo.globo.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 350
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
577 B 188ms
73ms Image
image/gif 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&tid=2614251710457&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fassinaturaglobo.globo.com%2Fvalor%2Foferta%2Fvalor-digital-30-gratis-1990-3m%3Fcampanha%3Dsim%26utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1656355545610

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 18:45:45 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.946656b8.1656355545.f431fd3e
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 7757887367256162
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 26075143.js Show response
bat.bing.com/p/action/ 219 B
493 B 214ms
214ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/26075143.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

9f6425840449ca00fcbadd71436de83dd8346272d5c631f1a2b9d6a5abfb084e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 665C40EB020047EA96EE782AEC290395 Ref B: FRAEDGE1411 Ref C: 2022-06-27T18:45:45Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
date: Mon, 27 Jun 2022 18:45:44 GMT
content-length: 300

GET
H2 200 26075143 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 224ms
131ms Script
application/x-javascript 2620:1ec:27::cafe:1824
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/26075143
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/26075143.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1824 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 8a10ae882c6c107feaa67ae26d059ed4c2bd46afb13d6c1a4f626140a91b3b2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:45 GMT
x-powered-by: ASP.NET
x-azure-ref: 02fq5YgAAAAArybL2wm3WSZ18f17EeP1yUFJHMDFFREdFMDYyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-c/s/0.6.34/ 53 KB
23 KB 132ms
129ms Script
application/javascript 2620:1ec:27::cafe:1824
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-c/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/26075143
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1824 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:45 GMT
content-encoding: br
etag: "1d886f4c739ba54"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 02vq5YgAAAABVaHCoUs5qRaGBbtrHLKnwUFJHMDFFREdFMDYyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H/1.1 200
OK mtracking.gif
invttjs.com.br/ 42 B
872 B 392ms
392ms Image
image/gif 167.99.12.84
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://invttjs.com.br/mtracking.gif?tags=acesso_assinaturaglobo.globo.com,globo_cliente,globo_campaign&page_url=https%3A%2F%2Fassinaturaglobo.globo.com%2Fvalor%2Foferta%2Fvalor-digital-30-gratis-1990-3m%3Fcampanha%3Dsim%26utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info&page_title=App
Requested by: Host: assinaturaglobo.globo.com
URL: https://assinaturaglobo.globo.com/valor/oferta/valor-digital-30-gratis-1990-3m?campanha=sim&utm_source=email&utm_medium=email&utm_campaign=20220500_ve_vd_30free_info
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.99.12.84 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jun 2022 18:45:46 GMT
Content-Encoding: none
Last-Modified: Wed, 11 Jan 2006 12:59:00 GMT
Server: nginx/1.10.3 (Ubuntu)
Content-Type: image/gif
Cache-Control: max-age=30
Content-Length: 42
Expires: Mon, 27 Jun 2022 18:46:16 GMT

GET
H2 200 AvenirNext-Regular.ttf
assinaturaglobo.globo.com/assets/images/ 411 KB
412 KB 396ms
394ms Font
font/ttf 131.0.25.102
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://assinaturaglobo.globo.com/assets/images/AvenirNext-Regular.ttf
Requested by: Host: assinaturaglobo.globo.com
URL: https://assinaturaglobo.globo.com/main.css?dfa69c7915437d71b885
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 131.0.25.102 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 131.0.25-102.prt.globo.com
Software: nginx / Express
Resource Hash: 4b007cb6302db5f43b7e983890138d14317aaacf80a896f0af7f2afa253c519e

Request headers

Referer: https://assinaturaglobo.globo.com/main.css?dfa69c7915437d71b885
Origin: https://assinaturaglobo.globo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:46 GMT
etag: W/"66ce8-180e2be21e8"
last-modified: Fri, 20 May 2022 18:32:33 GMT
server: nginx
x-powered-by: Express
content-type: font/ttf
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 421096

POST
H2 204 collect Show response
i.clarity.ms/ 0
181 B 359ms
132ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://assinaturaglobo.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://assinaturaglobo.globo.com
date: Mon, 27 Jun 2022 18:45:45 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/globo/ecommerce/prod/ 29 KB
10 KB 94ms
29ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/ecommerce/prod/utag.js
Requested by: Host: assinaturaglobo.globo.com
URL: https://assinaturaglobo.globo.com/valor/oferta/valor-digital-30-gratis-1990-3m?campanha=sim&utm_source=email&utm_medium=email&utm_campaign=20220500_ve_vd_30free_info
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8d62d128da75ce2664a429d95e53ebe01590d5b8ffa1838654663805ad3211c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:46 GMT
content-encoding: gzip
last-modified: Tue, 16 Jun 2020 19:25:35 GMT
server: AkamaiNetStorage
etag: "f0c0b8a71ce9467a9e0f0373bcbee00d:1592335535.654357"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 9966
expires: Mon, 27 Jun 2022 18:50:46 GMT

POST
H2 200 / Show response
api-assinaturaglobo.globo.com/ 566 B
647 B 371ms
371ms Fetch
application/json 201.7.182.209
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-assinaturaglobo.globo.com/
Requested by: Host: assinaturaglobo.globo.com
URL: https://assinaturaglobo.globo.com/scripts/main.js?dfa69c7915437d71b885
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 201.7.182.209 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: nginx / Express
Resource Hash: 0165724caee20c130e27cb514da9d6193e2dc2386540c56eb15e86fcd13ba880

Request headers

accept: */*
Referer: https://assinaturaglobo.globo.com/
authorization
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: application/json

Response headers

date: Mon, 27 Jun 2022 18:45:48 GMT
content-encoding: gzip
server: nginx
x-powered-by: Express
etag: W/"236-TLckfiq8Zq2rEchvwJO1AkMbE+g"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *

OPTIONS
H2 204 /
api-assinaturaglobo.globo.com/ Frame 0
0 1266ms
254ms Preflight 201.7.182.209
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-assinaturaglobo.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 201.7.182.209 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: nginx / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://assinaturaglobo.globo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://assinaturaglobo.globo.com
date: Mon, 27 Jun 2022 18:45:47 GMT
server: nginx
vary: Origin, Access-Control-Request-Headers
x-powered-by: Express

GET
H2 200 init.js Show response
api.deep.bi/v3/ 67 KB
24 KB 101ms
51ms Script
application/javascript 2606:4700:10::ac43:c60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v3/init.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:c60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef40a6765a2a1e77c2796409a5eb0997a59f252a7dffb72ea05f0cc660c8197f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://assinaturaglobo.globo.com/
Origin: https://assinaturaglobo.globo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:46 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Mon, 27 Jun 2022 14:13:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-if-error=3600
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
cf-ray: 722057769df89183-FRA

GET
H2 204 0
bat.bing.com/action/ 0
176 B 45ms
45ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26075143&Ver=2&mid=ddc51c4f-d317-42c8-8595-90f98fc4649c&sid=5b468930f64911ec95f883de26d178f6&vid=5b469bb0f64911ecbeb63354f119de3e&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=App&p=https%3A%2F%2Fassinaturaglobo.globo.com%2Fvalor%2Foferta%2Fvalor-digital-30-gratis-1990-3m%3Fcampanha%3Dsim%26utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info&r=&lt=3001&evt=pageLoad&msclkid=N&sv=1&rn=677135

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2B2A88FE8F404D1E897BF4C5BF733597 Ref B: FRAEDGE1411 Ref C: 2022-06-27T18:45:46Z
date: Mon, 27 Jun 2022 18:45:45 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 profiling.min.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/profiling/ 93 KB
28 KB 254ms
253ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/profiling/profiling.min.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/ecommerce/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 192d2eb7078526e7974933da14512e5f5d64902e654d1e4ee5b421abbf169a3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:46 GMT
content-encoding: gzip
x-openstack-request-id: tx8eae77c0ca4a49baa26c5-0062b9faaf
last-modified: Wed, 12 May 2021 17:50:53 GMT
x-thanos: 0AB47184
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1620841852.71626
cache-control: public, max-age=180
x-trans-id: tx8eae77c0ca4a49baa26c5-0062b9faaf
x-request-id: f0445940-3012-44eb-bb29-21fced6afd69

GET
H2 200 tm13574.js Show response
tag.navdmp.com/ 17 KB
6 KB 88ms
27ms Script
application/javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/tm13574.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/ecommerce/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1acaf1b84c7c6a5a7ae96e4b9cce92c540c0c8ebbb0e56f8ff473917e2e9a72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 07 Sep 2021 18:45:04 GMT
server: cloudflare
age: 1609
etag: W/"6137b330-4291"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 722057771c369188-FRA
content-type: application/javascript
expires: Mon, 27 Jun 2022 19:18:57 GMT

GET
H2 200 horizon-common-hit.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 41 KB
14 KB 237ms
237ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/ecommerce/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 322a189a59e4c2bb88503d921a1c3335f2d02c678083ec71e78891b9a9d316f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:46 GMT
content-encoding: gzip
x-openstack-request-id: tx28103d4fd4054f268b065-0062b8cd52
last-modified: Tue, 26 Apr 2022 21:17:08 GMT
x-thanos: 0AB47184
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1651007827.47156
cache-control: max-age=86400
x-trans-id: tx28103d4fd4054f268b065-0062b8cd52
x-request-id: a4c48f41-1a0d-4daf-aae3-d5dbce026ea8

GET
H2 200 glb-pv-min.js Show response
s.glbimg.com/bu/rt/js/ 2 KB
1 KB 739ms
238ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/bu/rt/js/glb-pv-min.js?utv=ut4.44.201812121421

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/ecommerce/prod/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 171787507 ra11 03 07
age: 3409
content-length: 969
x-xss-protection: 1; mode=block
x-request-id: 5bee0977-1f42-4472-a481-ed268ab0b8ff
last-modified: Mon, 04 Feb 2019 16:44:48 GMT
x-thanos: 0AB5D031
etag: W/"5c586c00-703"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Mon, 27 Jun 2022 18:48:57 GMT

GET
H2 200 usr Show response
usr.navdmp.com/ 77 B
289 B 175ms
164ms Script
application/javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=13574&upd=1&new=1&wst=0&wct=1&wla=1&dsy=0
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e9c6f8724ef9f63cadb033441877f593f541d8ce086705193c1caa20e6397aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: public
date: Mon, 27 Jun 2022 18:45:46 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 722057776cc89188-FRA
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
content-type: application/javascript
expires: Mon, 27 Jun 2022 19:45:46 GMT

GET
H2 200 events Show response
api.deep.bi/v1/streams/EJntYTLE3eKP/ 16 B
582 B 104ms
54ms XHR
text/plain 2606:4700:10::ac43:c60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v1/streams/EJntYTLE3eKP/events

Requested by

Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:c60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9dadc8b0c8b9627c62ab73917abb8fbe03f57c3f95d97950540f67fcd87bd79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Authorization: bearer Da16NqKwj2619hxwdhdGH9u1
Referer: https://assinaturaglobo.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72205778b8449b77-FRA
pragma: no-cache
date: Mon, 27 Jun 2022 18:45:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
p3p: policyref="http://api.deep.bi/w3c/p3p.xml", CP="ADMa DEVa TAIa PSAa PSDa OUR IND DSP NON COR"
access-control-allow-origin: https://assinaturaglobo.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain; charset=utf-8
content-length: 16
expires: 0

OPTIONS
H2 204 events
api.deep.bi/v1/streams/EJntYTLE3eKP/ Frame 0
0 51ms
49ms Preflight 2606:4700:10::ac43:c60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v1/streams/EJntYTLE3eKP/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:c60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://assinaturaglobo.globo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Device-Stock-UA,X-Device-User-Agent,X-Operamini-Phone-UA
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://assinaturaglobo.globo.com
access-control-max-age: 3600
cf-cache-status: DYNAMIC
cf-ray: 7220577818ab9183-FRA
date: Mon, 27 Jun 2022 18:45:46 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=31536000

GET
H2 200 tv4.min.js Show response
s3.glbimg.com/cdn/libs/tv4/1.3.0/ 28 KB
10 KB 238ms
237ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/libs/tv4/1.3.0/tv4.min.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:47 GMT
content-encoding: gzip
x-openstack-request-id: txc7fafcd9d7ec4a6984002-00619540bc
last-modified: Fri, 25 May 2018 14:11:50 GMT
x-thanos: 0AB47184
vary: Accept-Encoding, Origin
content-type: application/javascript
x-timestamp: 1527257509.32548
cache-control: public, max-age=31536000
x-trans-id: txc7fafcd9d7ec4a6984002-00619540bc
x-request-id: 97166352-02a0-45eb-ad35-5fc2996b1e45

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
101 B 163ms
151ms Script
application/x-javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=10f7b48484edcbe87df44564b910&acc=13574&url=https%3A//assinaturaglobo.globo.com/valor/oferta/valor-digital-30-gratis-1990-3m%3Fcampanha%3Dsim%26utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info&tit=App
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 722057788ef39188-FRA
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript

GET
H2 204 usermatch.gif Show response
beacon.krxd.net/ 0
338 B 152ms
43ms Script
text/plain 54.73.80.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/usermatch.gif?partner=navegg&partner_uid=10f7b48484edcbe87df44564b910
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.73.80.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-80-98.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:47 GMT
cache-control: private, no-cache, no-store
x-request-time: D=29 t=1656355547
x-served-by: beacon-n010-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

POST
H2 204 events Show response
api.deep.bi/v1/streams/EJntYTLE3eKP/ 0
34 B 54ms
53ms XHR
text/plain 2606:4700:10::ac43:c60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v1/streams/EJntYTLE3eKP/events

Requested by

Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:c60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://assinaturaglobo.globo.com/
accept-language: de-DE,de;q=0.9
Authorization: bearer Da16NqKwj2619hxwdhdGH9u1
Content-Type: application/json

Response headers

date: Mon, 27 Jun 2022 18:45:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-origin: https://assinaturaglobo.globo.com
access-control-allow-credentials: true
cf-ray: 7220577999be9b77-FRA

OPTIONS
H2 204 events
api.deep.bi/v1/streams/EJntYTLE3eKP/ Frame 0
0 70ms
68ms Preflight 2606:4700:10::ac43:c60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v1/streams/EJntYTLE3eKP/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:c60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://assinaturaglobo.globo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Device-Stock-UA,X-Device-User-Agent,X-Operamini-Phone-UA
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://assinaturaglobo.globo.com
access-control-max-age: 3600
cf-cache-status: DYNAMIC
cf-ray: 722057792adf9183-FRA
date: Mon, 27 Jun 2022 18:45:47 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=31536000

GET
H3 200 /
www.facebook.com/tr/ 44 B
90 B 45ms
19ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2141932009213214&ev=Microdata&dl=https%3A%2F%2Fassinaturaglobo.globo.com%2Fvalor%2Foferta%2Fvalor-digital-30-gratis-1990-3m%3Fcampanha%3Dsim%26utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info&rl=&if=false&ts=1656355547125&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22App%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.62&r=stable&ec=1&o=30&fbp=fb.1.1656355545590.2101553058&it=1656355545399&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 27 Jun 2022 18:45:47 GMT

GET
H2 200 cadun.js Show response
s.glbimg.com/pc/ca/ 14 KB
6 KB 240ms
239ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/ca/cadun.js

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/profiling/profiling.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

9f07eb1d3485dabe204a944ab51fd4d7b4f2247c58f170714cfb40ff118af06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 171787508 ra11 03 07
age: 342022
content-length: 5547
x-xss-protection: 1; mode=block
x-request-id: 6c6ec2ee-0459-4e77-9a79-71962bd3a05b
last-modified: Wed, 27 Jan 2021 20:50:06 GMT
x-thanos: 0AB5D031
etag: W/"6011d1fe-3759"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 30 Jun 2022 19:45:24 GMT

GET
H2 200 schemas Show response
horizon-schemas.globo.com/ 126 KB
12 KB 774ms
241ms XHR
application/json 186.192.81.117
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://horizon-schemas.globo.com/schemas

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.81.117 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-81-117.prt.globo.com

Software

Resource Hash

6c628a332e6666668f74a31520d26d2f52d21cd49b8a35dad5c5eba5fcada75d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 38676463 ra11 03 10
age: 2407
vary: X-Forwarded-Proto, Accept-Encoding, Origin
content-length: 12050
x-xss-protection: 1; mode=block
x-request-id: c76e9149-e3c7-423d-988b-cb89b71f7306
access-control-allow-origin: https://assinaturaglobo.globo.com
x-thanos: 0AB5D034
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/json; charset=UTF-8
via: 2.0 CachOS
cache-control: max-age=7200, public
accept-ranges: bytes

GET
H2 200 horizon-client-js.min.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 11 KB
4 KB 238ms
237ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-client-js.min.js
Requested by: Host: s.glbimg.com
URL: https://s.glbimg.com/bu/rt/js/glb-pv-min.js?utv=ut4.44.201812121421
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:47 GMT
content-encoding: gzip
x-openstack-request-id: tx62deba973fd84ecf9d424-0062b9faa9
last-modified: Fri, 13 Nov 2020 17:21:38 GMT
x-thanos: 0AB47184
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1605288097.88717
cache-control: public, max-age=600
x-trans-id: tx62deba973fd84ecf9d424-0062b9faa9
x-request-id: c261fb04-90e2-4d67-b629-9158e77da576

GET
H2 200 utag.28.js Show response
tags.tiqcdn.com/utag/globo/ecommerce/prod/ 1 KB
928 B 21ms
21ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/ecommerce/prod/utag.28.js?utv=ut4.44.202006161925
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/ecommerce/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6a8bb38735c75cc885d71da0950e532a2b27f451b00b7ad69140c70daa101b7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:47 GMT
content-encoding: gzip
last-modified: Tue, 16 Jun 2020 19:25:34 GMT
server: AkamaiNetStorage
etag: "786d9654db416c9acc87c6b0e187727c:1592335534.780632"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 698
expires: Tue, 12 Jul 2022 18:45:47 GMT

GET
H2 200 sexqhznbn.js Show response
cdn.krxd.net/controltag/ 75 KB
21 KB 80ms
21ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/sexqhznbn.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/ecommerce/prod/utag.28.js?utv=ut4.44.202006161925
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d4c5d952297366d4e340d33bef112d53749ea1b14f3bc9bbbe9c8dc9d73bb354

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Mon, 27 Jun 2022 18:45:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 1187
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 20793
x-served-by: config-service-a006-ash-prod.krxd.net, cache-iad-kjyo7100166-IAD, cache-hhn4046-HHN
x-response-time: 1
x-do-esi: esi
x-timer: S1656355548.526786,VS0,VE0
etag: "bb2b5013e6723d132478a4ab059baadafc322579"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 24

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 20ms
19ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=globo/ecommerce/202006161925&cb=1656355547458
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/ecommerce/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:47 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Mon, 27 Jun 2022 18:55:47 GMT

GET
H2 200 controltag.js.387e8802bbd0d9fbfa52c1546d7297df Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 20ms
19ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sexqhznbn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d1872ace7c3af8a214bec239d58ad3d4f3e0d5eee7a18bb416aa9cd28fff233d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Mon, 27 Jun 2022 18:45:47 GMT
content-encoding: gzip
age: 1179657
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 268714
content-length: 84742
x-served-by: cache-hhn4046-HHN
last-modified: Thu, 28 Apr 2022 05:17:05 GMT
x-timer: S1656355548.555533,VS0,VE0
etag: "387e8802bbd0d9fbfa52c1546d7297df"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sun, 25 Apr 2032 05:17:04 GMT

POST
H2 204 collect Show response
i.clarity.ms/ 0
48 B 107ms
107ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://assinaturaglobo.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://assinaturaglobo.globo.com
date: Mon, 27 Jun 2022 18:45:46 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response
cdn.krxd.net/partnerjs/xdi/ Frame F93A 805 B
825 B 20ms
19ms Document
text/html 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Referer: https://assinaturaglobo.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 590156
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 525
content-type: text/html
date: Mon, 27 Jun 2022 18:45:47 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
expires: Fri, 19 Feb 2027 17:50:50 GMT
last-modified: Tue, 21 Feb 2017 17:50:54 GMT
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 94596
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
x-served-by: cache-hhn4046-HHN
x-timer: S1656355548.620926,VS0,VE0

GET
H2 200 sexqhznbn.js Show response
cdn.krxd.net/controltag/ Frame F93A 75 KB
21 KB 21ms
21ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/sexqhznbn.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d4c5d952297366d4e340d33bef112d53749ea1b14f3bc9bbbe9c8dc9d73bb354

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Mon, 27 Jun 2022 18:45:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 1188
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 20793
x-served-by: config-service-a006-ash-prod.krxd.net, cache-iad-kjyo7100166-IAD, cache-hhn4046-HHN
x-response-time: 1
x-do-esi: esi
x-timer: S1656355548.656760,VS0,VE1
etag: "bb2b5013e6723d132478a4ab059baadafc322579"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 25

OPTIONS
H2 204 logged
cocoon.globo.com/v2/user/ Frame 0
0 1389ms
818ms Preflight 35.244.153.86
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cocoon.globo.com/v2/user/logged
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.86 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 86.153.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: POST
Origin: https://assinaturaglobo.globo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://assinaturaglobo.globo.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 27 Jun 2022 18:45:48 GMT
server: nginx
via: 1.1 google

GET
H2 200 login.css
s.glbimg.com/pc/ca/ 846 B
837 B 239ms
238ms Stylesheet
text/css 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/ca/login.css

Requested by

Host: s.glbimg.com
URL: https://s.glbimg.com/pc/ca/cadun.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

d3decc75ba01ec53d1204eee13646967c5ec5ae009d0172ff3a06d38e0c8ef44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 176399638 ra11 03 07
age: 342022
content-length: 431
x-xss-protection: 1; mode=block
x-request-id: 9626d4c1-fd8e-4188-a8e2-e85c2c5df422
last-modified: Wed, 27 Jan 2021 20:50:06 GMT
x-thanos: 0AB5D031
etag: W/"6011d1fe-34e"
vary: Accept-Encoding, Origin
content-type: text/css
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 30 Jun 2022 19:45:25 GMT

POST
H3 200 logged Show response
cocoon.globo.com/v2/user/ 188 B
208 B 837ms
817ms XHR
application/json 35.244.153.86
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cocoon.globo.com/v2/user/logged
Requested by: Host: s.glbimg.com
URL: https://s.glbimg.com/pc/ca/cadun.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.153.86 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 86.153.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f8e4fef857a510052b1a6fd53e746c63a1f5b8ef0b058e16595708b8a1480ae9

Request headers

Referer: https://assinaturaglobo.globo.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:49 GMT
via: 1.1 google
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
access-control-allow-methods: POST, OPTIONS
p3p: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
access-control-allow-origin: https://assinaturaglobo.globo.com
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 188

GET
H2 200 5007d44e-09d1-49b7-8c99-6b1cc38c3cbc Show response
consumer.krxd.net/consent/get/ 220 B
424 B 109ms
50ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c95d43e9fb75556a5a749b30ce5c22963b68ef48c40ebabab656609aed51bf81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:47 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a008-dub-prod.krxd.net, cache-hhn4066-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1656355548.726642,VS0,VE28
content-length: 185
x-cache-hits: 0, 0

GET
H2 200 horizon-pageview
horizon.globo.com/auth-session/activity/assinaturaglobo/ 0
321 B 534ms
122ms Image
text/plain 35.211.79.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horizon.globo.com/auth-session/activity/assinaturaglobo/horizon-pageview?object=https%3A%2F%2Fassinaturaglobo.globo.com%2Fvalor%2Foferta%2Fvalor-digital-30-gratis-1990-3m&Referrer=&tags=&client_version=0.3.11

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.211.79.33 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

33.79.211.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:48 GMT
x-served-from: hzt-tsuru
content-length: 0
strict-transport-security: max-age=60
content-type: text/plain; charset=UTF-8

GET
H2 200 controltag.js.387e8802bbd0d9fbfa52c1546d7297df Show response
cdn.krxd.net/ctjs/ Frame F93A 259 KB
83 KB 21ms
21ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sexqhznbn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d1872ace7c3af8a214bec239d58ad3d4f3e0d5eee7a18bb416aa9cd28fff233d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Mon, 27 Jun 2022 18:45:47 GMT
content-encoding: gzip
age: 1179658
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 268715
content-length: 84742
x-served-by: cache-hhn4046-HHN
last-modified: Thu, 28 Apr 2022 05:17:05 GMT
x-timer: S1656355548.682035,VS0,VE0
etag: "387e8802bbd0d9fbfa52c1546d7297df"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sun, 25 Apr 2032 05:17:04 GMT

GET
H2 200 5007d44e-09d1-49b7-8c99-6b1cc38c3cbc Show response
consumer.krxd.net/consent/get/ Frame F93A 220 B
261 B 20ms
19ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c95d43e9fb75556a5a749b30ce5c22963b68ef48c40ebabab656609aed51bf81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:47 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a008-dub-prod.krxd.net, cache-hhn4066-HHN
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1656355548.789532,VS0,VE0
content-length: 185
x-cache-hits: 0, 1

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame F93A
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=google
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=TzdIMzdFdHU
https://cm.g.doubleclick.net/pixel?google_cm=&google_nid=krux_digital&google_hm=TzdIMzdFdHU&google_tc=
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEMluBF0sSB-Al0_a9lj_DJQ&google_cver=1

0
337 B

46ms
46ms

Image
text/plain

54.73.80.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEMluBF0sSB-Al0_a9lj_DJQ&google_cver=1
Protocol: H2
Server: 54.73.80.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-80-98.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:48 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1656355548
x-served-by: beacon-n020-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Mon, 27 Jun 2022 18:45:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEMluBF0sSB-Al0_a9lj_DJQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame F93A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=TzdIMzdFdHU
https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm=&google_hm=TzdIMzdFdHU&google_tc=
https://beacon.krxd.net/usermatch.gif?google_gid=CAESED2QBHovWKRVYA27qrPuXAs&google_cver=1

0
337 B

47ms
47ms

Image
text/plain

54.73.80.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESED2QBHovWKRVYA27qrPuXAs&google_cver=1
Protocol: H2
Server: 54.73.80.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-80-98.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:48 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1656355548
x-served-by: beacon-n003-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Mon, 27 Jun 2022 18:45:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESED2QBHovWKRVYA27qrPuXAs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 26357
stags.bluekai.com/site/ Frame F93A 62 B
415 B 587ms
184ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/26357?id=O7H37Etu
Requested by: Host: assinaturaglobo.globo.com
URL: https://assinaturaglobo.globo.com/valor/oferta/valor-digital-30-gratis-1990-3m?campanha=sim&utm_source=email&utm_medium=email&utm_campaign=20220500_ve_vd_30free_info
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:48 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length: 62
content-type: image/gif

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame F93A
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://gum.criteo.com/sync?s=1&c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=5Z78JzG51hd-LU8fwJxZAlx_NfsdSAU_

0
337 B

47ms
46ms

Image
text/plain

54.73.80.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=5Z78JzG51hd-LU8fwJxZAlx_NfsdSAU_
Requested by: Host: assinaturaglobo.globo.com
URL: https://assinaturaglobo.globo.com/valor/oferta/valor-digital-30-gratis-1990-3m?campanha=sim&utm_source=email&utm_medium=email&utm_campaign=20220500_ve_vd_30free_info
Protocol: H2
Server: 54.73.80.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-80-98.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:48 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1656355548
x-served-by: beacon-n011-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=5Z78JzG51hd-LU8fwJxZAlx_NfsdSAU_
date: Mon, 27 Jun 2022 18:45:47 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 3903
content-length: 218
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H2 200 p
sb.scorecardresearch.com/ Frame F93A 43 B
265 B 82ms
19ms Image
image/gif 143.204.215.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=O7H37Etu&rn=1656355548
Requested by: Host: assinaturaglobo.globo.com
URL: https://assinaturaglobo.globo.com/valor/oferta/valor-digital-30-gratis-1990-3m?campanha=sim&utm_source=email&utm_medium=email&utm_campaign=20220500_ve_vd_30free_info
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-7.fra53.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:47 GMT
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
content-length: 43
x-amz-cf-id: X_ANtwPKgXkAicjsOmZu2Zy_G6Xp380k-qXZPpRjpWWquOa6KXynvw==
x-cache: Miss from cloudfront
content-type: image/gif

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame F93A
Redirect Chain

https://dpm.demdex.net/ibs:dpid=66757&&dpuuid=O7H37Etu
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=66757&&dpuuid=O7H37Etu

42 B
945 B

46ms
45ms

Image
image/gif

52.17.114.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=66757&&dpuuid=O7H37Etu

Requested by

Protocol

HTTP/1.1

Server

52.17.114.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-114-133.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v034-0cc7eb3cc.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: gOWn7qstRBU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v034-0f4c9dced.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: UQ2uM43MRjg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=66757&&dpuuid=O7H37Etu
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame F93A
Redirect Chain

https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fadnxs_uid%3D%24UID
https://beacon.krxd.net/usermatch.gif?adnxs_uid=518864608464924887

0
337 B

48ms
47ms

Image
text/plain

54.73.80.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?adnxs_uid=518864608464924887
Requested by: Host: assinaturaglobo.globo.com
URL: https://assinaturaglobo.globo.com/valor/oferta/valor-digital-30-gratis-1990-3m?campanha=sim&utm_source=email&utm_medium=email&utm_campaign=20220500_ve_vd_30free_info
Protocol: H2
Server: 54.73.80.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-80-98.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:48 GMT
cache-control: private, no-cache, no-store
x-request-time: D=33 t=1656355548
x-served-by: beacon-n018-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Mon, 27 Jun 2022 18:45:48 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8cd311fc-af16-4bb3-bfe1-9ddee3efb47e
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://beacon.krxd.net/usermatch.gif?adnxs_uid=518864608464924887
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame F93A
Redirect Chain

https://ib.adnxs.com/mapuid?member=1780&user=O7H37Etu
https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember%3D1780%26user%3DO7H37Etu

43 B
1 KB

37ms
37ms

Image
image/gif

185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember%3D1780%26user%3DO7H37Etu

Requested by

Protocol

HTTP/1.1

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jun 2022 18:45:47 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3ef66235-cfc1-46f0-a9ff-9ed9baf4c06c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 27 Jun 2022 18:45:47 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e97005d3-f740-4867-a135-b06abe72545b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember%3D1780%26user%3DO7H37Etu
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 451 379708.gif
idsync.rlcdn.com/ Frame F93A 0
98 B 89ms
29ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/379708.gif?partner_uid=O7H37Etu
Requested by: Host: assinaturaglobo.globo.com
URL: https://assinaturaglobo.globo.com/valor/oferta/valor-digital-30-gratis-1990-3m?campanha=sim&utm_source=email&utm_medium=email&utm_campaign=20220500_ve_vd_30free_info
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:47 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame F93A 0
214 B 126ms
25ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=27384&puid=krux_id&gdpr=0
Requested by: Host: assinaturaglobo.globo.com
URL: https://assinaturaglobo.globo.com/valor/oferta/valor-digital-30-gratis-1990-3m?campanha=sim&utm_source=email&utm_medium=email&utm_campaign=20220500_ve_vd_30free_info
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

usersync
pixel-sync.sitescout.com/connectors/krux/ Frame F93A
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=sitescout
https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=O7H37Etu

0
191 B

127ms
37ms

Image
text/plain

66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=O7H37Etu
Requested by: Host: assinaturaglobo.globo.com
URL: https://assinaturaglobo.globo.com/valor/oferta/valor-digital-30-gratis-1990-3m?campanha=sim&utm_source=email&utm_medium=email&utm_campaign=20220500_ve_vd_30free_info
Protocol: H2
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 18:45:47 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=O7H37Etu
date: Mon, 27 Jun 2022 18:45:48 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a015-ash-prod.krxd.net

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame F93A
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=verizon
https://cms.analytics.yahoo.com/cms?partner_id=KRUX&_hosted_id=O7H37Etu
https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-KBeoXQVE2pu0aHg78CIU.W7U1t2HROv_Hg--~A

0
337 B

43ms
43ms

Image
text/plain

54.73.80.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-KBeoXQVE2pu0aHg78CIU.W7U1t2HROv_Hg--~A
Protocol: H2
Server: 54.73.80.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-80-98.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:48 GMT
cache-control: private, no-cache, no-store
x-request-time: D=30 t=1656355548
x-served-by: beacon-n021-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Mon, 27 Jun 2022 18:45:48 GMT
via: http/1.1 spdc0103.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
strict-transport-security: max-age=31536000
content-type: text/html;charset=utf-8
location: https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-KBeoXQVE2pu0aHg78CIU.W7U1t2HROv_Hg--~A
content-length: 0

GET
H2

200

sync
sync.navdmp.com/ Frame F93A
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=navegg
https://sync.navdmp.com/sync?prtid=30&salid=O7H37Etu

6 B
81 B

170ms
161ms

Image
application/javascript

2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?prtid=30&salid=O7H37Etu
Requested by: Host: assinaturaglobo.globo.com
URL: https://assinaturaglobo.globo.com/valor/oferta/valor-digital-30-gratis-1990-3m?campanha=sim&utm_source=email&utm_medium=email&utm_campaign=20220500_ve_vd_30free_info
Protocol: H2
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 722057802da99188-FRA
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript

Redirect headers

location: https://sync.navdmp.com/sync?prtid=30&salid=O7H37Etu
date: Mon, 27 Jun 2022 18:45:48 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a009-ash-prod.krxd.net

GET
H2

200

RX-afc57807-659c-4bfb-b581-a113da270556-003
sync.targeting.unrulymedia.com/csync/ Frame F93A
Redirect Chain

https://sync.1rx.io/usersync/krux/O7H37Etu?dspret=1
https://sync.1rx.io/usersync/krux/O7H37Etu?zcc=1&cb=1656355548077
https://sync.targeting.unrulymedia.com/csync/RX-afc57807-659c-4bfb-b581-a113da270556-003

43 B
395 B

105ms
27ms

Image
image/gif

213.19.147.45
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-afc57807-659c-4bfb-b581-a113da270556-003
Requested by: Host: assinaturaglobo.globo.com
URL: https://assinaturaglobo.globo.com/valor/oferta/valor-digital-30-gratis-1990-3m?campanha=sim&utm_source=email&utm_medium=email&utm_campaign=20220500_ve_vd_30free_info
Protocol: H2
Server: 213.19.147.45 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:48 GMT
server: Tengine
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-afc57807-659c-4bfb-b581-a113da270556-003
pragma: no-cache
date: Mon, 27 Jun 2022 18:45:48 GMT
cache-control: no-store, no-cache, must-revalidate
server: Tengine
content-type: text/html
expires: 0

GET getdata.xgi
r.nexac.com/e/ Frame F93A 0
0

POST
H2 404 ecommerce
horizon-track.globo.com/event/ 0
0 639ms
127ms Ping
text/html 35.211.79.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://horizon-track.globo.com/event/ecommerce
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.211.79.33 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 33.79.211.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://assinaturaglobo.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarybdJj3s3Rp6YaplA5

Response headers

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=B7BB06DF62904245AEAEDD7AF0C98759&RedC=c.clarity.ms&MXFR=01F502DECD6369DA23D8130EC9636751
https://c.clarity.ms/c.gif?CtsSyncId=B7BB06DF62904245AEAEDD7AF0C98759&MUID=2AD9ACD4EF156EDD3E3BBD04EE7E6FCB

42 B
369 B

41ms
41ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=B7BB06DF62904245AEAEDD7AF0C98759&MUID=2AD9ACD4EF156EDD3E3BBD04EE7E6FCB
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 18:45:47 GMT
last-modified: Fri, 20 May 2022 21:53:17 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "17a28a3946cd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 27 Jun 2022 18:45:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 83CC774473674F1E95BF481DF8F6FDB4 Ref B: FRAEDGE1411 Ref C: 2022-06-27T18:45:48Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=B7BB06DF62904245AEAEDD7AF0C98759&MUID=2AD9ACD4EF156EDD3E3BBD04EE7E6FCB
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 optout_check Show response
beacon.krxd.net/ 78 B
237 B 44ms
43ms Script
text/javascript 54.73.80.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.globo.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.73.80.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-80-98.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 42a01548a7b81931ee217dbf349b2938f5a8f52832ccfd84f5db0bd7febb6b3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:48 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=38 t=1656355548
x-served-by: beacon-n023-dub-prod.krxd.net
content-type: text/javascript

GET
H2 200 get Show response
cdn.krxd.net/userdata/ 364 B
505 B 118ms
118ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/userdata/get?pub=5007d44e-09d1-49b7-8c99-6b1cc38c3cbc&technographics=1&callback=Krux.ns.globo.kxjsonp_userdata
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f6ed7ce781d33aa7efcab3a8fe4b55d2c2f200c1ec5a702d084849386e4c3082

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date: Mon, 27 Jun 2022 18:45:48 GMT
content-encoding: gzip
age: 0
x-served-by: userdata-a018-ash-prod.krxd.net, cache-hhn4046-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript
via: 1.1 varnish
cache-control: private, max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1656355548.242773,VS0,VE96
content-length: 277
x-cache-hits: 0, 0

POST
H2 200 / Show response
api-assinaturaglobo.globo.com/ 563 B
561 B 292ms
292ms Fetch
application/json 201.7.182.209
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-assinaturaglobo.globo.com/
Requested by: Host: assinaturaglobo.globo.com
URL: https://assinaturaglobo.globo.com/scripts/main.js?dfa69c7915437d71b885
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 201.7.182.209 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: nginx / Express
Resource Hash: d1edfa7fc9ea267de0e25b108322fc6bd9cd2c34352a09fdd261906febad4b8e

Request headers

accept: */*
Referer: https://assinaturaglobo.globo.com/
authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJ1c2VySWQiOjQsInNlc3Npb25JZCI6IjEyOTY5MDE2MTI1NjYyMTQ2MCIsImVtYWlsIjoic3FfY29uc3VtaWRvckBpbmZvZ2xvYm8uY29tLmJyIiwic3lzdGVtVXNlciI6MCwicm9sZSI6ImFwcGxpY2F0aW9uIiwiZXhwIjoxNjU2MzU2MDg4fQ.we88yyEH_bWEJOU4pMax6bBOehE8gCPSG54KwYJiH163jX7PJIk-m-lwhEZdveGmFjAOd58bihNkWQPdDV3uw00zStPdP3rZk-WTGfFYfhn9Z00wKIYJpizTzZZ14ncYeQvPgxBudTtJsfiHMSxuV2RXAid_FabhEMU4K66g7Q0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: application/json

Response headers

date: Mon, 27 Jun 2022 18:45:48 GMT
content-encoding: gzip
server: nginx
x-powered-by: Express
etag: W/"233-FvpFTs7B0K54i0/d99uKEUToih4"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *

OPTIONS
H2 204 /
api-assinaturaglobo.globo.com/ Frame 0
0 249ms
248ms Preflight 201.7.182.209
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-assinaturaglobo.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 201.7.182.209 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: nginx / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://assinaturaglobo.globo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://assinaturaglobo.globo.com
date: Mon, 27 Jun 2022 18:45:48 GMT
server: nginx
vary: Origin, Access-Control-Request-Headers
x-powered-by: Express

GET
H2 200 / Show response
usergate.globo.com/ 30 B
310 B 681ms
224ms XHR
text/plain 35.198.44.170
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://usergate.globo.com/
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/ecommerce/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.198.44.170 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 170.44.198.35.bc.googleusercontent.com
Software: /
Resource Hash: 8e16b6bf9912bbd08123a9600279eafdbe64aa45dfb994420bc0e136cb3dfe50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:48 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://assinaturaglobo.globo.com
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Content-Type,Cookie,X-App,GLBID,GST

GET
H2 200 5007d44e-09d1-49b7-8c99-6b1cc38c3cbc Show response
consumer.krxd.net/consent/get/ 220 B
308 B 52ms
51ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_1
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 96945f3a512db6847ff71779b93fb8808a6817e4c37457e3383f7a6a05ccc25a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:48 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a006-dub-prod.krxd.net, cache-hhn4066-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1656355548.291495,VS0,VE30
content-length: 185
x-cache-hits: 0, 0

GET
H3 200 467226423720066 Show response
connect.facebook.net/signals/config/ 288 KB
83 KB 20ms
20ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/467226423720066?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2f808931006f4a1639d87989449d6957789bf6d6e3f4d0d9e2e79e8fef4b79b5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85183
x-xss-protection: 0
pragma: public
x-fb-debug: WZmg+k/3SJ3pe1Mev5psQtK+gopJ0MfcZdqg0Zc4q5zSzTspS2nYner9oRrqp7wa6Uuz3VopzzdVG0MtyNr/yw==
x-frame-options: DENY
date: Mon, 27 Jun 2022 18:45:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 21ms
21ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=467226423720066&ev=PageView&dl=https%3A%2F%2Fassinaturaglobo.globo.com%2Fvalor%2Foferta%2Fvalor-digital-30-gratis-1990-3m%3Fcampanha%3Dsim%26utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info&rl=&if=false&ts=1656355548430&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&fbp=fb.1.1656355545590.2101553058&it=1656355545399&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 27 Jun 2022 18:45:48 GMT

GET
H2 204 pixel.gif
beacon.krxd.net/ 0
337 B 42ms
42ms Image
text/plain 54.73.80.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=sexqhznbn&_kpid=5007d44e-09d1-49b7-8c99-6b1cc38c3cbc&_kcp_s=Infoglobo&_kcp_d=assinaturaglobo.globo.com&_knifr=1&_kua_kx_tz=0&geo_country=de&geo_region=nw&geo_dma=276002&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_tech_browser=Chrome%2010&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=de&_kua_kx_geo_region=nw&_kua_kx_geo_dma=276002&_kua_kx_whistle=0&_kpa_meta_keywordsDELIM=%2C&_kpa_url_path_1=valor&_kpa_url_path_2=oferta&_kpa_url_path_3=valor-digital-30-gratis-1990-3m&_kpa_title=App&_kpa_full_path=assinaturaglobo.globo.com%2Fvalor%2Foferta%2Fvalor-digital-30-gratis-1990-3m&_kpa_subdomain=assinaturaglobo&_kpa_domain=globo&_kpa_oglobo_utm_origem=email&_kpa_oglobo_utm_midia=email&_kpa_oglobo_utm_campanha=20220500_ve_vd_30free_info&_kpa_oglobo_campanha=sim&_kpa_browser_name=Chrome&t_navigation_type=0&t_dns=359&t_tcp=492&t_http_request=-1&t_http_response=1&t_content_ready=3000&t_window_load=4607&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=xjuucwdfk&userdata_user=O7H37Etu%2Cxjuucwdfk&sview=1&kplt0=19929&kplt1=19930&kplt2=19936&kplt3=27202&kplt4=30153&kplt5=32767&kplt6=35254&kplt7=38352&kplt8=38515&kplt9=43900&kplt11=46183&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F5007d44e-09d1-49b7-8c99-6b1cc38c3cbc%2C127%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C55%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C120%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F5007d44e-09d1-49b7-8c99-6b1cc38c3cbc%2C54
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.73.80.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-80-98.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:48 GMT
cache-control: private, no-cache, no-store
x-request-time: D=53 t=1656355548
x-served-by: beacon-n022-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 146 KB
46 KB 111ms
27ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: assinaturaglobo.globo.com
URL: https://assinaturaglobo.globo.com/scripts/main.js?dfa69c7915437d71b885

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85e22ee472f1239199d2ee426e82e348a969ab4787472fc6a8756f883ac69ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:19:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46002
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 19:06:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Jun 2022 19:09:02 GMT

GET
H2 200 bundle.js Show response
s3.glbimg.com/v1/AUTH_c10ae819c568460bb4ec17c0a8ec5267/aldebaran/js/ 11 KB
4 KB 238ms
237ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c10ae819c568460bb4ec17c0a8ec5267/aldebaran/js/bundle.js
Requested by: Host: assinaturaglobo.globo.com
URL: https://assinaturaglobo.globo.com/scripts/main.js?dfa69c7915437d71b885
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 20ae250a77c55cf9073653424dd6ae440ae54347958dbfc6a3242c08159aea00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:48 GMT
content-encoding: gzip
x-openstack-request-id: txdd1af394d7454fbc81c7c-0062b9fa37
last-modified: Thu, 11 Jul 2019 14:08:15 GMT
x-thanos: 0AB47184
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1562854094.59237
cache-control: public, max-age=180
x-trans-id: txdd1af394d7454fbc81c7c-0062b9fa37
x-request-id: 91dd9e07-beda-4d60-a43a-57945a4954d0

POST
H2 200 / Show response
api-assinaturaglobo.globo.com/ 100 B
344 B 253ms
253ms Fetch
application/json 201.7.182.209
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-assinaturaglobo.globo.com/
Requested by: Host: assinaturaglobo.globo.com
URL: https://assinaturaglobo.globo.com/scripts/main.js?dfa69c7915437d71b885
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 201.7.182.209 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: nginx / Express
Resource Hash: f248ce1206daaf68b21082d50c064ad83f4eac68a22e5b4d331449ca35f4e392

Request headers

accept: */*
Referer: https://assinaturaglobo.globo.com/
authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJ1c2VySWQiOjQsInNlc3Npb25JZCI6IjEyOTY5MDE2MTI1NjYyMTQ2MCIsImVtYWlsIjoic3FfY29uc3VtaWRvckBpbmZvZ2xvYm8uY29tLmJyIiwic3lzdGVtVXNlciI6MCwicm9sZSI6ImFwcGxpY2F0aW9uIiwiZXhwIjoxNjU2MzU2MDg4fQ.we88yyEH_bWEJOU4pMax6bBOehE8gCPSG54KwYJiH163jX7PJIk-m-lwhEZdveGmFjAOd58bihNkWQPdDV3uw00zStPdP3rZk-WTGfFYfhn9Z00wKIYJpizTzZZ14ncYeQvPgxBudTtJsfiHMSxuV2RXAid_FabhEMU4K66g7Q0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: application/json

Response headers

date: Mon, 27 Jun 2022 18:45:49 GMT
content-encoding: gzip
server: nginx
x-powered-by: Express
etag: W/"64-pCNUOD6DZiPor9gRPcTPDcQA2zU"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, must-revalidate

OPTIONS
H2 204 /
api-assinaturaglobo.globo.com/ Frame 0
0 262ms
261ms Preflight 201.7.182.209
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-assinaturaglobo.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 201.7.182.209 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: nginx / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://assinaturaglobo.globo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://assinaturaglobo.globo.com
date: Mon, 27 Jun 2022 18:45:48 GMT
server: nginx
vary: Origin, Access-Control-Request-Headers
x-powered-by: Express

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 20ms
19ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=467226423720066&ev=Microdata&dl=https%3A%2F%2Fassinaturaglobo.globo.com%2Fvalor%2Foferta%2Fvalor-digital-30-gratis-1990-3m%3Fcampanha%3Dsim%26utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info&rl=&if=false&ts=1656355548935&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22App%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22NewsArticle%22%2C%22isAccessibleForFree%22%3Afalse%2C%22publisher%22%3A%7B%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22Valor%22%7D%2C%22hasPart%22%3A%7B%22%40type%22%3A%22WebPageElement%22%2C%22isAccessibleForFree%22%3A%22False%22%2C%22cssSelector%22%3A%22.paywall%22%7D%2C%22isPartOf%22%3A%7B%22%40type%22%3A%5B%22CreativeWork%22%2C%22Product%22%5D%2C%22name%22%3A%22Valor%22%2C%22productID%22%3A%22valor.globo.com%3Abasic%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.62&r=stable&ec=1&o=30&fbp=fb.1.1656355545590.2101553058&it=1656355545399&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 27 Jun 2022 18:45:48 GMT

GET
H3 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
21 KB 61ms
20ms Stylesheet
text/css 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:03:52 GMT
x-content-type-options: nosniff
age: 2517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21972
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 22:09:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Jun 2022 18:53:52 GMT

GET
H3 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 56ms
29ms Other
image/svg+xml 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:38:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: image/svg+xml
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Jun 2022 19:28:25 GMT

GET
H3 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/valor.globo.com/ 2 B
60 B 161ms
140ms Fetch
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/valor.globo.com/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://assinaturaglobo.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: https://assinaturaglobo.globo.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 serviceiframe Show response
news.google.com/swg/_/ui/v1/ Frame 8944 25 KB
8 KB 82ms
80ms Document
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/ui/v1/serviceiframe?_=460098&publicationId=valor.globo.com

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

43640d9ad92bbe4e01c5b6b81c98e0bdd4af47a8970cdb2fa63eb40cca1b955e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-3XTyZvM3DUtkIMAEuvpRlA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-3XTyZvM3DUtkIMAEuvpRlA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assinaturaglobo.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-3XTyZvM3DUtkIMAEuvpRlA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-3XTyZvM3DUtkIMAEuvpRlA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/SubscribewithgoogleClientUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-resource-policy: same-site
date: Mon, 27 Jun 2022 18:45:49 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H3 204 cspreport
news.google.com/_/SubscribewithgoogleClientUi/ Frame 8944 0
25 B 38ms
37ms Other
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/cspreport

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-Iy-owduumg_s-L3_rKx9qQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-Iy-owduumg_s-L3_rKx9qQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/swg/_/ui/v1/serviceiframe?_=460098&publicationId=valor.globo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
date: Mon, 27 Jun 2022 18:45:49 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-Iy-owduumg_s-L3_rKx9qQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-Iy-owduumg_s-L3_rKx9qQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/SubscribewithgoogleClientUi/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 swg-button.css
news.google.com/swg/js/v1/ Frame 8944 21 KB
21 KB 19ms
19ms Stylesheet
text/css 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=460098&publicationId=valor.globo.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:03:52 GMT
x-content-type-options: nosniff
age: 2517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21972
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 22:09:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Jun 2022 18:53:52 GMT

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.SI-qWVpd9Ag.es5.O/am=MQAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7k... Frame 8944 168 KB
60 KB 70ms
21ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.SI-qWVpd9Ag.es5.O/am=MQAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7kuGqNOMAV7zJBjcYJTQ99zhCOhw/m=_b,_tp,_r

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=460098&publicationId=valor.globo.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10ffcca378d5b7d99d60f92500aabf7966c8190a61899632997bd13402612e94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 20:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60249
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 23:08:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Jun 2023 20:11:26 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8944 15 KB
16 KB 71ms
21ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=460098&publicationId=valor.globo.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Origin: https://news.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 524348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 21 Jun 2023 17:06:41 GMT

POST
H2 400 / Show response
api-assinaturaglobo.globo.com/ 160 B
327 B 255ms
255ms Fetch
application/json 201.7.182.209
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-assinaturaglobo.globo.com/
Requested by: Host: assinaturaglobo.globo.com
URL: https://assinaturaglobo.globo.com/scripts/main.js?dfa69c7915437d71b885
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 201.7.182.209 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: nginx / Express
Resource Hash: cc23f165678367de92b0a57bf3a0c3d297b15c6878753392b21f09d2fecd30d7

Request headers

accept: */*
Referer: https://assinaturaglobo.globo.com/
authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJ1c2VySWQiOjQsInNlc3Npb25JZCI6IjEyOTY5MDE2MTI1NjYyMTQ2MCIsImVtYWlsIjoic3FfY29uc3VtaWRvckBpbmZvZ2xvYm8uY29tLmJyIiwic3lzdGVtVXNlciI6MCwicm9sZSI6ImFwcGxpY2F0aW9uIiwiZXhwIjoxNjU2MzU2MDg4fQ.we88yyEH_bWEJOU4pMax6bBOehE8gCPSG54KwYJiH163jX7PJIk-m-lwhEZdveGmFjAOd58bihNkWQPdDV3uw00zStPdP3rZk-WTGfFYfhn9Z00wKIYJpizTzZZ14ncYeQvPgxBudTtJsfiHMSxuV2RXAid_FabhEMU4K66g7Q0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: application/json

Response headers

date: Mon, 27 Jun 2022 18:45:49 GMT
server: nginx
x-powered-by: Express
etag: W/"a0-BxTiIQryOGYPSNZ5MLLddk+bp3I"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 160

OPTIONS
H2 204 /
api-assinaturaglobo.globo.com/ Frame 0
0 251ms
251ms Preflight 201.7.182.209
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-assinaturaglobo.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 201.7.182.209 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: nginx / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://assinaturaglobo.globo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://assinaturaglobo.globo.com
date: Mon, 27 Jun 2022 18:45:49 GMT
server: nginx
vary: Origin, Access-Control-Request-Headers
x-powered-by: Express

GET
H3 200 m=byfTOb,lsjVmc,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,ws9Tlc,U0aPgd,zG9H6c,LEikZe,NwH0H,OmgaI,gychg,VWuaCc,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.SI-qWVpd9Ag.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.4zB40cAfIWs.L.B1... Frame 8944 129 KB
43 KB 73ms
22ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.SI-qWVpd9Ag.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.4zB40cAfIWs.L.B1.O/am=MQAg/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI7wK9kLiRbfRdlfMfERtUUyZRS93w/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,ws9Tlc,U0aPgd,zG9H6c,LEikZe,NwH0H,OmgaI,gychg,VWuaCc,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.SI-qWVpd9Ag.es5.O/am=MQAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7kuGqNOMAV7zJBjcYJTQ99zhCOhw/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8968e9bc7f1c0b29fd9e4866e5d9d7bd3f399f86757a2770215e3c1d52168b11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 20:53:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 251547
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44175
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 12:51:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Jun 2023 20:53:22 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.SI-qWVpd9Ag.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.4zB40cAfIWs.L.B1... Frame 8944 18 KB
7 KB 73ms
25ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.SI-qWVpd9Ag.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.4zB40cAfIWs.L.B1.O/am=MQAg/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NwH0H,OmgaI,PQaYAf,U0aPgd,VWuaCc,ZfAoz,_b,_r,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,lPKSwe,lsjVmc,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI7wK9kLiRbfRdlfMfERtUUyZRS93w/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fe2159dd8574bfc66ae39c30c52bad8d5603d64a633db2dda666801884ea41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 20:53:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 251534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7451
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 12:51:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Jun 2023 20:53:35 GMT

GET
H3 200 m=bm51tf Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.SI-qWVpd9Ag.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.4zB40cAfIWs.L.B1... Frame 8944 1 KB
715 B 24ms
24ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.SI-qWVpd9Ag.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.4zB40cAfIWs.L.B1.O/am=MQAg/d=1/exm=COQbmf,DfBslb,FCpbqb,KG2eXe,LEikZe,NwH0H,OmgaI,PQaYAf,U0aPgd,VWuaCc,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,hhhU8,lPKSwe,lsjVmc,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI7wK9kLiRbfRdlfMfERtUUyZRS93w/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4dd1bb888f113128d5fef88e34857a1acbd4f7c81ae36d4397f31275e751982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 20:53:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 251532
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 689
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 12:51:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Jun 2023 20:53:37 GMT

POST
H2 200 log Show response
play.google.com/ Frame 8944 131 B
673 B 104ms
56ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 27 Jun 2022 18:45:49 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 27 Jun 2022 18:45:49 GMT

POST
H3 200 batchexecute Show response
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame 8944 319 B
264 B 46ms
46ms XHR
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2F_%2Fui%2Fv1%2Fserviceiframe&f.sid=8119846433449941702&bl=boq_subscribewithgoogleclientserver_20220623.10_p0&hl=de&soc-app=673&soc-platform=1&soc-device=1&_reqid=67550&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5758eb320be87c5d14991a069eaab810bd04ff404b2b3c6689ca003333b6a8d6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 27 Jun 2022 18:45:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log Show response
play.google.com/ Frame 8944 131 B
155 B 100ms
56ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 27 Jun 2022 18:45:49 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 27 Jun 2022 18:45:49 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 102ms
55ms Preflight
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 27 Jun 2022 18:45:49 GMT
expires: Mon, 27 Jun 2022 18:45:49 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 8944 131 B
155 B 97ms
55ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 27 Jun 2022 18:45:49 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 27 Jun 2022 18:45:49 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 104ms
57ms Preflight
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 27 Jun 2022 18:45:49 GMT
expires: Mon, 27 Jun 2022 18:45:49 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 8944 131 B
155 B 99ms
57ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 27 Jun 2022 18:45:49 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 27 Jun 2022 18:45:49 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 101ms
55ms Preflight
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 27 Jun 2022 18:45:49 GMT
expires: Mon, 27 Jun 2022 18:45:49 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 204 collect Show response
i.clarity.ms/ 0
48 B 109ms
109ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://assinaturaglobo.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://assinaturaglobo.globo.com
date: Mon, 27 Jun 2022 18:45:48 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

POST
H2 200 / Show response
api-assinaturaglobo.globo.com/ 4 KB
1 KB 375ms
374ms Fetch
application/json 201.7.182.209
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-assinaturaglobo.globo.com/
Requested by: Host: assinaturaglobo.globo.com
URL: https://assinaturaglobo.globo.com/scripts/main.js?dfa69c7915437d71b885
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 201.7.182.209 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: nginx / Express
Resource Hash: 2a094f20625bcd77cb51bdf73bc143bececf9268b1df7107fdfcdf3925c1947e

Request headers

accept: */*
Referer: https://assinaturaglobo.globo.com/
authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJ1c2VySWQiOjQsInNlc3Npb25JZCI6IjEyOTY5MDE2MTI1NjYyMTQ2MCIsImVtYWlsIjoic3FfY29uc3VtaWRvckBpbmZvZ2xvYm8uY29tLmJyIiwic3lzdGVtVXNlciI6MCwicm9sZSI6ImFwcGxpY2F0aW9uIiwiZXhwIjoxNjU2MzU2MDg4fQ.we88yyEH_bWEJOU4pMax6bBOehE8gCPSG54KwYJiH163jX7PJIk-m-lwhEZdveGmFjAOd58bihNkWQPdDV3uw00zStPdP3rZk-WTGfFYfhn9Z00wKIYJpizTzZZ14ncYeQvPgxBudTtJsfiHMSxuV2RXAid_FabhEMU4K66g7Q0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: application/json

Response headers

date: Mon, 27 Jun 2022 18:45:50 GMT
content-encoding: gzip
server: nginx
x-powered-by: Express
etag: W/"e8e-v0V3i0qcdihBicKZDLcJj/3ijbU"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *

OPTIONS
H2 204 /
api-assinaturaglobo.globo.com/ Frame 0
0 253ms
252ms Preflight 201.7.182.209
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-assinaturaglobo.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 201.7.182.209 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: nginx / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://assinaturaglobo.globo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://assinaturaglobo.globo.com
date: Mon, 27 Jun 2022 18:45:50 GMT
server: nginx
vary: Origin, Access-Control-Request-Headers
x-powered-by: Express

POST
H2 204 collect
i.clarity.ms/ 0
48 B 109ms
109ms Ping
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://assinaturaglobo.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://assinaturaglobo.globo.com
date: Mon, 27 Jun 2022 18:45:49 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 6668 Show response
login.globo.com/login/ Frame 5CC9 23 KB
8 KB 761ms
251ms Document
text/html 131.0.25.28
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.globo.com/login/6668?url=https%3A%2F%2Fs3.glbimg.com%2Fv1%2FAUTH_65d1930a0bda476ba8d3c25c5371ec3f%2Fpiano%2Fhelper%2Fredirect.html%23https://assinaturaglobo.globo.com/valor/login%3Fcampanha%3Dsim%26utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info%26oferta%3Dvalor-digital-30-gratis-1990-3m

Requested by

Host: assinaturaglobo.globo.com
URL: https://assinaturaglobo.globo.com/scripts/main.js?dfa69c7915437d71b885

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

131.0.25.28 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

131.0.25-28.prt.globo.com

Software

nginx /

Resource Hash

16c209442823e2510039ae084a20eb4de5d20fd5dface2afed1ea771249e61ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://assinaturaglobo.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=30
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 27 Jun 2022 18:45:51 GMT
expires: Mon, 27 Jun 2022 18:46:21 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache-status: MISS
x-request-id: 6fda0b14-a8de-4f6d-9d28-cc6346e51199
x-robots-tag: noindex

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 23ms
22ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2141932009213214&ev=PageView&dl=https%3A%2F%2Fassinaturaglobo.globo.com%2Fvalor%2Flogin%3Fcampanha%3Dsim%26utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info%26oferta%3Dvalor-digital-30-gratis-1990-3m&rl=&if=false&ts=1656355550509&sw=1600&sh=1200&v=2.9.62&r=stable&ec=2&o=30&fbp=fb.1.1656355545590.2101553058&it=1656355545399&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 27 Jun 2022 18:45:50 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 24ms
23ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=467226423720066&ev=PageView&dl=https%3A%2F%2Fassinaturaglobo.globo.com%2Fvalor%2Flogin%3Fcampanha%3Dsim%26utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info%26oferta%3Dvalor-digital-30-gratis-1990-3m&rl=&if=false&ts=1656355550510&sw=1600&sh=1200&v=2.9.62&r=stable&ec=2&o=30&fbp=fb.1.1656355545590.2101553058&it=1656355545399&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 27 Jun 2022 18:45:50 GMT

GET
H2 200 150x30_branco.png
s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/Valor/NOVO%20ADMIN/Logo/ 3 KB
3 KB 248ms
247ms Image
image/png 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/Valor/NOVO%20ADMIN/Logo/150x30_branco.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: b46f5744f17746232b472f060ead6a570e37088200b9555c95272fb5bedc29dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:50 GMT
x-openstack-request-id: tx44005ee23a5a42218cd80-0062b9fade
last-modified: Wed, 29 Jan 2020 20:33:48 GMT
x-trans-id: tx44005ee23a5a42218cd80-0062b9fade
x-thanos: 0AB47184
etag: bb5b2acd77aeba9fcfea0be6e99886e4
vary: Accept-Encoding, Origin
content-type: image/png
x-timestamp: 1580330027.68202
cache-control: public, max-age=180
accept-ranges: bytes
content-length: 2660
x-request-id: 9311b5e3-97b4-45e5-873e-42bfa8b12dcf

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 72ms
23ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DKHV2Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6617
date: Mon, 27 Jun 2022 16:55:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 27 Jun 2022 18:55:33 GMT

GET
H2 200 ivc.js Show response
gadasource.storage.googleapis.com/ 71 KB
24 KB 324ms
24ms Script
text/plain 2a00:1450:4001:831::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gadasource.storage.googleapis.com/ivc.js
Requested by: Host: assinaturaglobo.globo.com
URL: https://assinaturaglobo.globo.com/valor/oferta/valor-digital-30-gratis-1990-3m?campanha=sim&utm_source=email&utm_medium=email&utm_campaign=20220500_ve_vd_30free_info
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:11:17 GMT
content-encoding: gzip
age: 2073
x-guploader-uploadid: ADPycduFWm1-KSJ4PTMXTMnAR4nWXRc0LTPP2r5TQ-nlgAI65SbaHIrhS2G5X7kFfxsW871uBtt4Lipbww80MVXeeRIK3EFehD_S
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24321
last-modified: Mon, 02 Sep 2019 19:50:51 GMT
server: UploadServer
etag: "cdaa61cbc24c48191196b45b31a7e18b"
vary: Accept-Encoding
x-goog-hash: crc32c=okr5pw==, md5=zaphy8JMSBkRlrRbMafhiw==
x-goog-generation: 1567453851562424
cache-control: public, max-age=3600
x-goog-stored-content-length: 24321
accept-ranges: bytes
content-type: text/plain
expires: Mon, 27 Jun 2022 19:11:17 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
191 B 24ms
23ms Image
text/plain 143.204.215.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6035227&ns__t=1656355550518&ns_c=UTF-8&c8=App&c7=https%3A%2F%2Fassinaturaglobo.globo.com%2Fvalor%2Flogin%3Fcampanha%3Dsim%26utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info%26oferta%3Dvalor-digital-30-gratis-1990-3m&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-7.fra53.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:50 GMT
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 0s8CGO6rCxQpxNIXZk8RCLVxVK_qZHFZkw7a3W2KxuWc7oBx2B94Kw==
x-cache: Miss from cloudfront

GET
H2 204 event.gif
beacon.krxd.net/ 0
547 B 43ms
43ms Image
text/plain 54.73.80.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/event.gif?event_id=MxFO7Rcn&event_type=pageview&paginavirtual=%2Fvalor%2Flogin&querystring=utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info%26campanha%3Dsim
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.73.80.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-80-98.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:50 GMT
cache-control: private, no-cache, no-store
x-request-time: D=56 t=1656355550
x-served-by: beacon-n007-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/6035227/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
369 B

24ms
24ms

Script
application/javascript

143.204.215.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Server: 143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-7.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:34:36 GMT
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 675
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: JyKzXB6kHrT0opMQqMeflwGPCLOIpd6UqU2rrnrqgk9MXUHH_Vfcig==

Redirect headers

location: /internal-c2/default/cs.js
date: Mon, 27 Jun 2022 18:45:50 GMT
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
content-length: 0
x-amz-cf-id: o6ym6Rz2kltPEeODQYCXa84iOWh_EsazaVkhsmIZpucp9eaVVk4CSw==
x-cache: Miss from cloudfront

POST
H2 204 events Show response
api.deep.bi/v1/streams/EJntYTLE3eKP/ 0
58 B 94ms
93ms XHR
text/plain 2606:4700:10::ac43:c60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v1/streams/EJntYTLE3eKP/events

Requested by

Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:c60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://assinaturaglobo.globo.com/
accept-language: de-DE,de;q=0.9
Authorization: bearer Da16NqKwj2619hxwdhdGH9u1
Content-Type: application/json

Response headers

date: Mon, 27 Jun 2022 18:45:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-origin: https://assinaturaglobo.globo.com
access-control-allow-credentials: true
cf-ray: 7220578f8fd49b77-FRA

OPTIONS
H2 204 events
api.deep.bi/v1/streams/EJntYTLE3eKP/ Frame 0
0 50ms
50ms Preflight 2606:4700:10::ac43:c60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v1/streams/EJntYTLE3eKP/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:c60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://assinaturaglobo.globo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Device-Stock-UA,X-Device-User-Agent,X-Operamini-Phone-UA
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://assinaturaglobo.globo.com
access-control-max-age: 3600
cf-cache-status: DYNAMIC
cf-ray: 7220578f2bff9183-FRA
date: Mon, 27 Jun 2022 18:45:50 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=31536000

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 88ms
88ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=182823472&t=pageview&_s=1&dl=https%3A%2F%2Fassinaturaglobo.globo.com%2Fvalor%2Flogin%3Fcampanha%3Dsim%26utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info%26oferta%3Dvalor-digital-30-gratis-1990-3m&dp=%2Fvalor%2Flogin%3Fcampanha%3Dsim%26utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info%26oferta%3Dvalor-digital-30-gratis-1990-3m&ul=en-us&de=UTF-8&dt=Valor%20%7C%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=20220500_ve_vd_30free_info&cs=email&cm=email&_u=YEBAAEABQAAAAC~&jid=277522606&gjid=1365876629&cid=1437670738.1656355551&uid=92112234183250841758&tid=UA-51216819-24&_gid=1196323185.1656355551&_r=1&gtm=2wg6m05DKHV2Q&cd77=92112234183250841758&cd78=anonymous&z=67164109

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assinaturaglobo.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 18:45:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://assinaturaglobo.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
448 B 83ms
28ms XHR
text/plain 2a00:1450:400c:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-51216819-24&cid=1437670738.1656355551&jid=277522606&uid=92112234183250841758&gjid=1365876629&_gid=1196323185.1656355551&_u=YEBAAEAAQAAAAC~&z=1689104574

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assinaturaglobo.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 27 Jun 2022 18:45:50 GMT
content-type: text/plain
access-control-allow-origin: https://assinaturaglobo.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 111ms
60ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51216819-24&cid=1437670738.1656355551&jid=277522606&_u=YEBAAEAAQAAAAC~&z=1837565422

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 18:45:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 115ms
56ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51216819-24&cid=1437670738.1656355551&jid=277522606&_u=YEBAAEAAQAAAAC~&z=1837565422

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 18:45:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
i.clarity.ms/ 0
48 B 112ms
112ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://assinaturaglobo.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://assinaturaglobo.globo.com
date: Mon, 27 Jun 2022 18:45:50 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H/1.1 200 i
ivccf.ivcbrasil.org.br/ 43 B
461 B 1416ms
553ms Image
image/gif 54.186.100.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ivccf.ivcbrasil.org.br/i?stm=1656355550892&e=pv&url=https%3A%2F%2Fassinaturaglobo.globo.com%2Fvalor%2Flogin%3Fcampanha%3Dsim%26utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info%26oferta%3Dvalor-digital-30-gratis-1990-3m&page=Valor%20%7C%20Login&tv=js-2.9.2-SNAPSHOT&tna=cf&aid=27&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&eid=ecdd5d5d-5f4e-4bd5-b64c-3bb7926d59c0&dtm=1656355550891&vp=1600x1200&ds=1600x1200&vid=1&sid=2763d1e5-8d13-475c-9545-5b32a710e88f&duid=469a5153-2f22-4987-b679-9789ae7f51d0&fp=3272139315&uid=92112234183250841758
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.100.168 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-186-100-168.us-west-2.compute.amazonaws.com
Software: Apache/2.4.51 () OpenSSL/1.0.2k-fips /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 27 Jun 2022 18:45:52 GMT
Server: Apache/2.4.51 () OpenSSL/1.0.2k-fips
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43

GET
H/1.1 200
OK mtracking.gif
invttjs.com.br/ 42 B
872 B 405ms
404ms Image
image/gif 167.99.12.84
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://invttjs.com.br/mtracking.gif?tags=acesso_assinaturaglobo.globo.com,globo_cliente,globo_campaign&page_url=https%3A%2F%2Fassinaturaglobo.globo.com%2Fvalor%2Flogin%3Fcampanha%3Dsim%26utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info%26oferta%3Dvalor-digital-30-gratis-1990-3m&page_title=Valor%20%7C%20Login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.99.12.84 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assinaturaglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jun 2022 18:45:51 GMT
Content-Encoding: none
Last-Modified: Wed, 11 Jan 2006 12:59:00 GMT
Server: nginx/1.10.3 (Ubuntu)
Content-Type: image/gif
Cache-Control: max-age=30
Content-Length: 42
Expires: Mon, 27 Jun 2022 18:46:21 GMT

GET
H2 200 autocomplete-v1.min.css
login.globo.com/pc/cf/css/ Frame 5CC9 614 B
619 B 251ms
244ms Stylesheet
text/css 131.0.25.28
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.globo.com/pc/cf/css/autocomplete-v1.min.css

Requested by

Host: login.globo.com
URL: https://login.globo.com/login/6668?url=https%3A%2F%2Fs3.glbimg.com%2Fv1%2FAUTH_65d1930a0bda476ba8d3c25c5371ec3f%2Fpiano%2Fhelper%2Fredirect.html%23https://assinaturaglobo.globo.com/valor/login%3Fcampanha%3Dsim%26utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info%26oferta%3Dvalor-digital-30-gratis-1990-3m

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

131.0.25.28 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

131.0.25-28.prt.globo.com

Software

nginx /

Resource Hash

c3274e4a994456a22387359c77410b86e975adb6494f9cbcffd4b6a59949498d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/login/6668?url=https%3A%2F%2Fs3.glbimg.com%2Fv1%2FAUTH_65d1930a0bda476ba8d3c25c5371ec3f%2Fpiano%2Fhelper%2Fredirect.html%23https://assinaturaglobo.globo.com/valor/login%3Fcampanha%3Dsim%26utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info%26oferta%3Dvalor-digital-30-gratis-1990-3m
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:51 GMT
content-encoding: gzip
last-modified: Wed, 22 Jun 2022 16:47:20 GMT
server: nginx
etag: W/"8bdd27b9dbc14ca82847c5d82d18324a535b50c7"
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=30
strict-transport-security: max-age=15768000
x-robots-tag: noindex
x-request-id: 6d598bdb-08a7-4b89-90ea-b9f8e5059136
expires: Mon, 27 Jun 2022 18:46:21 GMT

GET
H2 200 site-20220622134641.min.css
s.glbimg.com/pc/cf/css/ Frame 5CC9 71 KB
15 KB 246ms
238ms Stylesheet
text/css 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/cf/css/site-20220622134641.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

9bba0527ce27673a97e2bb67685ba6733809595362fc6b10c0da6bce38777b9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 176531718 ra11 03 07
age: 438937
content-length: 14500
x-xss-protection: 1; mode=block
x-request-id: 34cd9fc7-1941-4f74-aca4-4d562da20ff0
last-modified: Wed, 22 Jun 2022 16:48:54 GMT
x-thanos: 0AB5D031
etag: W/"62b347f6-11cf0"
vary: Accept-Encoding, Origin
content-type: text/css
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 29 Jun 2022 16:50:13 GMT

GET
H2 200 header.css
login.globo.com/dyn-assets/6668/ Frame 5CC9 2 KB
908 B 252ms
245ms Stylesheet
text/css 131.0.25.28
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.globo.com/dyn-assets/6668/header.css?2019920193010

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

131.0.25.28 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

131.0.25-28.prt.globo.com

Software

nginx /

Resource Hash

44997ba408b32186e808b9b8c124c130c7fd6a09d10740e9485d77e9a4e178d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/login/6668?url=https%3A%2F%2Fs3.glbimg.com%2Fv1%2FAUTH_65d1930a0bda476ba8d3c25c5371ec3f%2Fpiano%2Fhelper%2Fredirect.html%23https://assinaturaglobo.globo.com/valor/login%3Fcampanha%3Dsim%26utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info%26oferta%3Dvalor-digital-30-gratis-1990-3m
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:51 GMT
content-encoding: gzip
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=30
strict-transport-security: max-age=15768000
x-robots-tag: noindex
x-request-id: 938ac29b-f7e8-4c3a-a4ab-a33016ac02d1
expires: Mon, 27 Jun 2022 18:46:21 GMT

GET
H2 200 json2.js Show response
s.glbimg.com/pc/cf/javascripts/ Frame 5CC9 17 KB
6 KB 482ms
476ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/cf/javascripts/json2.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

925947d3d711c4441a9db20f51215fbf5c119d2a3b51cadb2c9031907d8014b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 168784871 ra11 03 07
age: 341970
content-length: 6215
x-xss-protection: 1; mode=block
x-request-id: 14da3084-cb7f-479d-8194-c19a585215f7
last-modified: Wed, 22 Jun 2022 16:48:54 GMT
x-thanos: 0AB5D031
etag: W/"62b347f6-44a1"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 30 Jun 2022 19:46:20 GMT

GET
H2 200 es5-shim.min.js Show response
s.glbimg.com/pc/cf/javascripts/ Frame 5CC9 14 KB
6 KB 481ms
475ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/cf/javascripts/es5-shim.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

5eebb2d8b13bd109f7b8de9446033b0282103fa6fda5f0bf5f6701e384aa0bd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 175553987 ra11 03 07
age: 341970
content-length: 5746
x-xss-protection: 1; mode=block
x-request-id: 63c6a400-5e18-4d8c-b514-9c007da7508f
last-modified: Wed, 22 Jun 2022 16:48:54 GMT
x-thanos: 0AB5D031
etag: W/"62b347f6-37eb"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 30 Jun 2022 19:46:20 GMT

GET
H2 200 array.generics.js Show response
s.glbimg.com/pc/cf/javascripts/ Frame 5CC9 16 KB
4 KB 481ms
476ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/cf/javascripts/array.generics.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

20738f14a52a62267ddc72a572cca1a8857f6c84619508b11bbd06487babc08c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 172325273 ra11 03 07
age: 341970
content-length: 3474
x-xss-protection: 1; mode=block
x-request-id: 46100a74-4e70-4098-a1d9-a309a3518da2
last-modified: Wed, 22 Jun 2022 16:48:54 GMT
x-thanos: 0AB5D031
etag: W/"62b347f6-4116"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 30 Jun 2022 19:46:20 GMT

GET
H2 200 cookies.js Show response
s.glbimg.com/pc/cf/javascripts/ Frame 5CC9 821 B
845 B 481ms
477ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/cf/javascripts/cookies.js?2019920193010

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

2e2402a0225660fe37aee14e380bdae4c018deee4bbfb3edbfa162025bc27bc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 175225252 ra11 03 07
age: 341970
content-length: 427
x-xss-protection: 1; mode=block
x-request-id: 7d60ff88-0bbc-4984-8c79-2ff686069a83
last-modified: Wed, 22 Jun 2022 16:48:54 GMT
x-thanos: 0AB5D031
etag: W/"62b347f6-335"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 30 Jun 2022 19:46:20 GMT

GET
H2 200 ui-utils-ieshiv.min.js Show response
s.glbimg.com/pc/cf/javascripts/ Frame 5CC9 1 KB
1 KB 481ms
477ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/cf/javascripts/ui-utils-ieshiv.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

fd594a4e77975c740e10e276fb96fc4f0f3377fad8dbe4d0e3d7c34e740a2d45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 171831025 ra11 03 07
age: 341970
content-length: 659
x-xss-protection: 1; mode=block
x-request-id: 1315c00d-a09b-4c89-9cd9-082c5a8fcf30
last-modified: Wed, 22 Jun 2022 16:48:54 GMT
x-thanos: 0AB5D031
etag: W/"62b347f6-452"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 30 Jun 2022 19:46:20 GMT

GET
H2 200 html5shiv.min.js Show response
s.glbimg.com/pc/cf/javascripts/ Frame 5CC9 3 KB
2 KB 482ms
478ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/cf/javascripts/html5shiv.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

e0eac80838c161f29e7c46d54fbc044d12cd164baae13255e562c6be3aa91809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 175033718 ra11 03 07
age: 341970
content-length: 1363
x-xss-protection: 1; mode=block
x-request-id: e4a76f18-718b-44e1-a2ce-c206e877156b
last-modified: Wed, 22 Jun 2022 16:48:54 GMT
x-thanos: 0AB5D031
etag: W/"62b347f6-a4c"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 30 Jun 2022 19:46:20 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ Frame 5CC9 45 KB
17 KB 67ms
20ms Script
text/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3789
date: Mon, 27 Jun 2022 17:42:42 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Mon, 27 Jun 2022 19:42:42 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 5CC9 49 KB
20 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6618
date: Mon, 27 Jun 2022 16:55:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 27 Jun 2022 18:55:33 GMT

GET
H3 200 auth2.js Show response
apis.google.com/js/ Frame 5CC9 14 KB
5 KB 73ms
31ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/auth2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdbcf3f8c23ae517899eceb6bcd1cab91a8118e674efa70b7ba87b03872d82cb

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5521
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Mon, 27 Jun 2022 18:45:51 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "a62544556a24d3db"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Jun 2022 18:45:51 GMT

GET
H/1.1 200
OK appleid.auth.js Show response
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/pt_BR/ Frame 5CC9 44 KB
18 KB 250ms
24ms Script
application/javascript 96.16.134.158
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/pt_BR/appleid.auth.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.134.158 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-134-158.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

4346b2a3472308d2ebbaddf20392dc1318d01ea0e053918b41ec31a77c3edc1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Thu, 16 Jun 2022 18:35:50 GMT
Server: Apple
ETag: W/"45124-1655404550942"
Vary: accept-encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400,stale-while-revalidate=86400
Date: Mon, 27 Jun 2022 18:45:51 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18332

GET
H2 200 built-20220622134641.min.js Show response
s.glbimg.com/pc/cf/javascripts/ Frame 5CC9 412 KB
148 KB 715ms
712ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/cf/javascripts/built-20220622134641.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

41b8a749d730a8344bc3cfa659281421f180e30da5eea29c962aaaef6dfea0be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 176857140 ra11 03 07
age: 438937
content-length: 150930
x-xss-protection: 1; mode=block
x-request-id: 4e020411-0acb-417e-9a05-dfd765a5d8d3
last-modified: Wed, 22 Jun 2022 16:48:54 GMT
x-thanos: 0AB5D031
etag: W/"62b347f6-67062"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 29 Jun 2022 16:50:13 GMT

GET
H2 200 opensans-regular-webfont.woff
s.glbimg.com/pc/cf/fonts/ Frame 5CC9 23 KB
24 KB 720ms
239ms Font
application/x-font-woff 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/cf/fonts/opensans-regular-webfont.woff

Requested by

Host: s.glbimg.com
URL: https://s.glbimg.com/pc/cf/css/site-20220622134641.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

696ca6f4eaabe0803032cf9a2ba74328c7df0e1d9379b614091fc252db3965b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s.glbimg.com/pc/cf/css/site-20220622134641.min.css
Origin: https://login.globo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:52 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 629986386 ra09 20 03
age: 423524
content-length: 23644
x-xss-protection: 1; mode=block
x-request-id: b8bb4f70-17e1-4329-96c4-b44378bb2d8e
last-modified: Wed, 22 Jun 2022 16:48:54 GMT
x-thanos: 0AB4D012
etag: "62b347f6-5c5c"
vary: Origin
content-type: application/x-font-woff
access-control-allow-origin: https://login.globo.com
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 29 Jun 2022 21:07:08 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/ Frame 5CC9 108 KB
36 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/auth2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b59c7712e75a6f0bbefd0fefa67e85d464cf14bbd7463331f4ba7e0a963ace1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 13:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 449332
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36570
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 15:25:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Jun 2023 13:56:59 GMT

POST
H2 204 collect Show response
i.clarity.ms/ 0
48 B 109ms
107ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://assinaturaglobo.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://assinaturaglobo.globo.com
date: Mon, 27 Jun 2022 18:45:51 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/globo/globoid/prod/ Frame 5CC9 39 KB
12 KB 22ms
22ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/globoid/prod/utag.js
Requested by: Host: login.globo.com
URL: https://login.globo.com/login/6668?url=https%3A%2F%2Fs3.glbimg.com%2Fv1%2FAUTH_65d1930a0bda476ba8d3c25c5371ec3f%2Fpiano%2Fhelper%2Fredirect.html%23https://assinaturaglobo.globo.com/valor/login%3Fcampanha%3Dsim%26utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info%26oferta%3Dvalor-digital-30-gratis-1990-3m
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d7fdc28f37526d01e9d22df9e8f3efa8c786b6d5a19662303b66f1e7f7f06ee6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:52 GMT
content-encoding: gzip
last-modified: Mon, 03 Jan 2022 14:42:25 GMT
server: AkamaiNetStorage
etag: "23f89984a09fa03c1bd327d323ec8c09:1641220945.975355"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 12275
expires: Mon, 27 Jun 2022 18:50:52 GMT

GET
H2 200 api.js Show response
hcaptcha.com/1/ Frame 5CC9 279 KB
79 KB 85ms
34ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/1/api.js?onload=gHcaptchaApiLoaded&render=explicit&hl=pt-BR

Requested by

Host: s.glbimg.com
URL: https://s.glbimg.com/pc/cf/javascripts/built-20220622134641.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dba9d0d53a8ef16369ce3d1881c0591da6718eadad04da7806676094fc4b9ee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:52 GMT
via: 1.1 8b4e911b05f0c34bf3d36e7de31e2172.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 27 Jun 2022 07:45:46 GMT
server: cloudflare
etag: W/"b54dcdc45f98717d93b7534357360f0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=120
x-amz-cf-pop: TXL50-P3
cf-ray: 7220579d5f2a9b8f-FRA
x-amz-cf-id: kPh0NKuHO-ToP6NoSGC0rztVorQD5AOv8nlfW6LMeZZhOm-LkGFaKQ==

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 5CC9 4 B
24 B 28ms
28ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2037724806&t=event&_s=1&dl=https%3A%2F%2Flogin.globo.com%2Flogin%2F6668%3Furl%3Dhttps%253A%252F%252Fs3.glbimg.com%252Fv1%252FAUTH_65d1930a0bda476ba8d3c25c5371ec3f%252Fpiano%252Fhelper%252Fredirect.html%2523https%3A%2F%2Fassinaturaglobo.globo.com%2Fvalor%2Flogin%253Fcampanha%253Dsim%2526utm_source%253Demail%2526utm_medium%253Demail%2526utm_campaign%253D20220500_ve_vd_30free_info%2526oferta%253Dvalor-digital-30-gratis-1990-3m&dr=https%3A%2F%2Fassinaturaglobo.globo.com%2F&ul=en-us&de=UTF-8&dt=Login&sd=24-bit&sr=1600x1200&vp=346x540&je=0&ec=Tela%20de%20Login&ea=Pageview&_u=CACAAEABAAAAAC~&jid=2122786364&gjid=1537525382&cid=1437670738.1656355551&tid=UA-296593-6&_gid=1196323185.1656355551&_r=1&_slc=1&z=963947988

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 18:45:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 user Show response
login.globo.com/api/ Frame 5CC9 0
175 B 245ms
244ms XHR
text/plain 131.0.25.28
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.globo.com/api/user
Requested by: Host: s.glbimg.com
URL: https://s.glbimg.com/pc/cf/javascripts/built-20220622134641.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 131.0.25.28 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 131.0.25-28.prt.globo.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript
Referer: https://login.globo.com/login/6668?url=https%3A%2F%2Fs3.glbimg.com%2Fv1%2FAUTH_65d1930a0bda476ba8d3c25c5371ec3f%2Fpiano%2Fhelper%2Fredirect.html%23https://assinaturaglobo.globo.com/valor/login%3Fcampanha%3Dsim%26utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info%26oferta%3Dvalor-digital-30-gratis-1990-3m
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 18:45:52 GMT
server: nginx
x-cache-status: MISS
cache-control: no-cache, no-store, must-revalidate
x-robots-tag: noindex
content-length: 0
x-request-id: 6b700af1-18aa-42e1-8d1c-e295888dff7c
expires: 0

GET
H2 200 salutation.html Show response
login.globo.com/assets/partials/ Frame 5CC9 536 B
531 B 245ms
245ms XHR
text/html 131.0.25.28
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.globo.com/assets/partials/salutation.html

Requested by

Host: s.glbimg.com
URL: https://s.glbimg.com/pc/cf/javascripts/built-20220622134641.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

131.0.25.28 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

131.0.25-28.prt.globo.com

Software

nginx /

Resource Hash

85c9a9ed5a4067aeee3c65b2e6a5734fbb15ca27c017e6224f3e9d67ce3bfd47

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: application/json, text/javascript
Referer: https://login.globo.com/login/6668?url=https%3A%2F%2Fs3.glbimg.com%2Fv1%2FAUTH_65d1930a0bda476ba8d3c25c5371ec3f%2Fpiano%2Fhelper%2Fredirect.html%23https://assinaturaglobo.globo.com/valor/login%3Fcampanha%3Dsim%26utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info%26oferta%3Dvalor-digital-30-gratis-1990-3m
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:52 GMT
content-encoding: gzip
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: max-age=30
strict-transport-security: max-age=15768000
x-robots-tag: noindex
x-request-id: 715feeee-7787-48a3-a4d1-b9efe7296e8f
expires: Mon, 27 Jun 2022 18:46:22 GMT

GET
H2 200 welcome_link.html Show response
login.globo.com/assets/partials/ Frame 5CC9 207 B
432 B 247ms
246ms XHR
text/html 131.0.25.28
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.globo.com/assets/partials/welcome_link.html

Requested by

Host: s.glbimg.com
URL: https://s.glbimg.com/pc/cf/javascripts/built-20220622134641.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

131.0.25.28 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

131.0.25-28.prt.globo.com

Software

nginx /

Resource Hash

5b590e7d58cd4f896490e60708b5c6bfc944f4aaef623b3e46210abdce5f3858

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: application/json, text/javascript
Referer: https://login.globo.com/login/6668?url=https%3A%2F%2Fs3.glbimg.com%2Fv1%2FAUTH_65d1930a0bda476ba8d3c25c5371ec3f%2Fpiano%2Fhelper%2Fredirect.html%23https://assinaturaglobo.globo.com/valor/login%3Fcampanha%3Dsim%26utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info%26oferta%3Dvalor-digital-30-gratis-1990-3m
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:52 GMT
content-encoding: gzip
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: max-age=30
strict-transport-security: max-age=15768000
x-robots-tag: noindex
x-request-id: 47b85b48-7571-4ce5-b20a-83dcbf90cd4f
expires: Mon, 27 Jun 2022 18:46:22 GMT

GET
DATA 200
OK truncated
/ Frame 5CC9 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9a064ae922e5629b0c887b5acc960349a1b692d0333b4b7dc9b0cea3a8de22e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 opensans-light-webfont.woff
s.glbimg.com/pc/cf/fonts/ Frame 5CC9 20 KB
20 KB 239ms
239ms Font
application/x-font-woff 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/cf/fonts/opensans-light-webfont.woff

Requested by

Host: s.glbimg.com
URL: https://s.glbimg.com/pc/cf/css/site-20220622134641.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

dea42e0f179347a75dd9fa41636bd1fa1ae92397bcde89a1389eeb8c0ace0fca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s.glbimg.com/pc/cf/css/site-20220622134641.min.css
Origin: https://login.globo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:52 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 628706939 ra09 20 03
age: 423524
content-length: 20184
x-xss-protection: 1; mode=block
x-request-id: d0a24066-f2ec-4949-9fa1-994a6edbb791
last-modified: Wed, 22 Jun 2022 16:48:54 GMT
x-thanos: 0AB4D012
etag: "62b347f6-4ed8"
vary: Origin
content-type: application/x-font-woff
access-control-allow-origin: https://login.globo.com
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 29 Jun 2022 21:07:08 GMT

GET
H2 200 opensans-semibold-webfont.woff
s.glbimg.com/pc/cf/fonts/ Frame 5CC9 20 KB
20 KB 478ms
477ms Font
application/x-font-woff 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/cf/fonts/opensans-semibold-webfont.woff

Requested by

Host: s.glbimg.com
URL: https://s.glbimg.com/pc/cf/css/site-20220622134641.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

0c02b58c454919d2e837f811f37fc15c05dc3d98600f749e13073862785b7221

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s.glbimg.com/pc/cf/css/site-20220622134641.min.css
Origin: https://login.globo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:52 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 631773103 ra09 20 03
age: 423489
content-length: 20168
x-xss-protection: 1; mode=block
x-request-id: 3db4c7fb-e7d9-48d4-81c1-9ebca6abb319
last-modified: Wed, 22 Jun 2022 16:48:54 GMT
x-thanos: 0AB4D012
etag: "62b347f6-4ec8"
vary: Origin
content-type: application/x-font-woff
access-control-allow-origin: https://login.globo.com
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 29 Jun 2022 21:07:43 GMT

GET
H2 200 proximanova-bold-limited-webfont.woff
s.glbimg.com/pc/cf/fonts/ Frame 5CC9 13 KB
14 KB 480ms
479ms Font
application/x-font-woff 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/cf/fonts/proximanova-bold-limited-webfont.woff

Requested by

Host: s.glbimg.com
URL: https://s.glbimg.com/pc/cf/css/site-20220622134641.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

945c117524fc6727eb8caa71e0682bb5e312828cc9651e640e5c759930ddb4ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s.glbimg.com/pc/cf/css/site-20220622134641.min.css
Origin: https://login.globo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:52 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 632228484 ra09 20 03
age: 423492
content-length: 13520
x-xss-protection: 1; mode=block
x-request-id: cca7fdd8-9a62-4931-a8e6-a5c0c9db5ab4
last-modified: Wed, 22 Jun 2022 16:48:54 GMT
x-thanos: 0AB4D012
etag: "62b347f6-34d0"
vary: Origin
content-type: application/x-font-woff
access-control-allow-origin: https://login.globo.com
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 29 Jun 2022 21:07:40 GMT

GET
H2 200 horizon-common-hit.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ Frame 5CC9 41 KB
14 KB 238ms
238ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/globoid/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 322a189a59e4c2bb88503d921a1c3335f2d02c678083ec71e78891b9a9d316f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:52 GMT
content-encoding: gzip
x-openstack-request-id: tx28103d4fd4054f268b065-0062b8cd52
last-modified: Tue, 26 Apr 2022 21:17:08 GMT
x-thanos: 0AB47184
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1651007827.47156
cache-control: max-age=86400
x-trans-id: tx28103d4fd4054f268b065-0062b8cd52
x-request-id: 6cc55740-e395-4b97-a595-4fe43006c30f

GET
H2 200 glb-pv-min.js Show response
s.glbimg.com/bu/rt/js/ Frame 5CC9 2 KB
1 KB 241ms
241ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/bu/rt/js/glb-pv-min.js?utv=ut4.44.201810191510

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/globoid/prod/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 169639431 ra11 03 07
age: 3415
content-length: 969
x-xss-protection: 1; mode=block
x-request-id: e92829bf-b1f4-49e8-a2bb-511efffa5e29
last-modified: Mon, 04 Feb 2019 16:44:48 GMT
x-thanos: 0AB5D031
etag: W/"5c586c00-703"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Mon, 27 Jun 2022 18:48:57 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ Frame 5CC9 4 B
25 B 84ms
27ms XHR
text/plain 2a00:1450:400c:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-296593-6&cid=1437670738.1656355551&jid=2122786364&gjid=1537525382&_gid=1196323185.1656355551&_u=CACAAEAAAAAAAC~&z=1921391022

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c02::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 27 Jun 2022 18:45:52 GMT
content-type: text/plain
access-control-allow-origin: https://login.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
usergate.globo.com/ Frame 5CC9 30 B
303 B 221ms
220ms XHR
text/plain 35.198.44.170
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://usergate.globo.com/
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/globoid/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.198.44.170 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 170.44.198.35.bc.googleusercontent.com
Software: /
Resource Hash: 8e16b6bf9912bbd08123a9600279eafdbe64aa45dfb994420bc0e136cb3dfe50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:52 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://login.globo.com
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Content-Type,Cookie,X-App,GLBID,GST

GET
H3 200 ga-audiences
www.google.com/ads/ Frame 5CC9 42 B
63 B 99ms
57ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-296593-6&cid=1437670738.1656355551&jid=2122786364&_u=CACAAEAAAAAAAC~&z=1161125848

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 18:45:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ Frame 5CC9 42 B
63 B 107ms
62ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-296593-6&cid=1437670738.1656355551&jid=2122786364&_u=CACAAEAAAAAAAC~&z=1161125848

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 18:45:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pt-BR.json Show response
newassets.hcaptcha.com/captcha/v1/51c8a75/static/i18n/ Frame 5CC9 8 KB
3 KB 94ms
43ms XHR
application/json 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/51c8a75/static/i18n/pt-BR.json

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=gHcaptchaApiLoaded&render=explicit&hl=pt-BR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7672243e61ee215c17e5f34b65f3cbf10ebc0514cc31f8b98d900fa116b96b89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 38392
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2936
access-control-allow-origin: *
last-modified: Mon, 27 Jun 2022 07:45:46 GMT
server: cloudflare
etag: "9de84675ab649d811e359c2c7bd9aae5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json
via: 1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 7220579e5c626916-FRA
x-amz-cf-id: TuKvTyU2K_ClgGD3vBrS7pUzYWo6yD66Z4tScVP8dYElOsnqpgnglg==

GET
H2 200 hcaptcha.html Show response
newassets.hcaptcha.com/captcha/v1/51c8a75/static/ Frame 5763 2 KB
1 KB 36ms
30ms Document
text/html 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/51c8a75/static/hcaptcha.html

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=gHcaptchaApiLoaded&render=explicit&hl=pt-BR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d136ed543accc2853757ecf440cf15871f889fe3fbb29136627653a9f8e5e675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 39418
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=1209600
cf-cache-status: HIT
cf-ray: 7220579e18829b8f-FRA
content-encoding: gzip
content-type: text/html
date: Mon, 27 Jun 2022 18:45:52 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Mon, 27 Jun 2022 07:45:45 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 b66d2d4cfb46d641d455e6640c25f566.cloudfront.net (CloudFront)
x-amz-cf-id: MtyaMaeHqTI2eZfpWl8hRObVGI-21HMowRvybcxLdb5n5a3M9R286g==
x-amz-cf-pop: TXL50-P3
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 hcaptcha.html Show response
newassets.hcaptcha.com/captcha/v1/51c8a75/static/ Frame C7D2 2 KB
883 B 36ms
31ms Document
text/html 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/51c8a75/static/hcaptcha.html

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=gHcaptchaApiLoaded&render=explicit&hl=pt-BR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d136ed543accc2853757ecf440cf15871f889fe3fbb29136627653a9f8e5e675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 39418
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=1209600
cf-cache-status: HIT
cf-ray: 7220579e18839b8f-FRA
content-encoding: gzip
content-type: text/html
date: Mon, 27 Jun 2022 18:45:52 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Mon, 27 Jun 2022 07:45:45 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 b66d2d4cfb46d641d455e6640c25f566.cloudfront.net (CloudFront)
x-amz-cf-id: MtyaMaeHqTI2eZfpWl8hRObVGI-21HMowRvybcxLdb5n5a3M9R286g==
x-amz-cf-pop: TXL50-P3
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 collect
www.google-analytics.com/ Frame 5CC9 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2037724806&t=event&_s=2&dl=https%3A%2F%2Flogin.globo.com%2Flogin%2F6668%3Furl%3Dhttps%253A%252F%252Fs3.glbimg.com%252Fv1%252FAUTH_65d1930a0bda476ba8d3c25c5371ec3f%252Fpiano%252Fhelper%252Fredirect.html%2523https%3A%2F%2Fassinaturaglobo.globo.com%2Fvalor%2Flogin%253Fcampanha%253Dsim%2526utm_source%253Demail%2526utm_medium%253Demail%2526utm_campaign%253D20220500_ve_vd_30free_info%2526oferta%253Dvalor-digital-30-gratis-1990-3m&dr=https%3A%2F%2Fassinaturaglobo.globo.com%2F&ul=en-us&de=UTF-8&dt=Login&sd=24-bit&sr=1600x1200&vp=346x540&je=0&ec=Tela%20de%20Login&ea=Sistema&el=%5B1-2%5D.1.13%20Hcaptcha%20-%20Captcha%20instanciado.&_u=CACAAEABAAAAAC~&jid=&gjid=&cid=1437670738.1656355551&tid=UA-296593-6&_gid=1196323185.1656355551&z=1596101405

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 00:12:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66789
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 hcaptcha.js Show response
newassets.hcaptcha.com/captcha/v1/51c8a75/ Frame 5763 279 KB
79 KB 62ms
33ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/51c8a75/hcaptcha.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/51c8a75/static/hcaptcha.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dba9d0d53a8ef16369ce3d1881c0591da6718eadad04da7806676094fc4b9ee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/51c8a75/static/hcaptcha.html
Origin: https://newassets.hcaptcha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 39420
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80398
access-control-allow-origin: *
last-modified: Mon, 27 Jun 2022 07:45:46 GMT
server: cloudflare
etag: "b54dcdc45f98717d93b7534357360f0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 7220579e8d189a05-FRA
x-amz-cf-id: MZ8iWNM18hfugCJAZQwUsrXocTUK_KeMxXTaFtjrPmFWu6W_qeWNNw==

GET
H3 200 hcaptcha.js Show response
newassets.hcaptcha.com/captcha/v1/51c8a75/ Frame C7D2 279 KB
79 KB 96ms
68ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/51c8a75/hcaptcha.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/51c8a75/static/hcaptcha.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dba9d0d53a8ef16369ce3d1881c0591da6718eadad04da7806676094fc4b9ee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/51c8a75/static/hcaptcha.html
Origin: https://newassets.hcaptcha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 39420
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80398
access-control-allow-origin: *
last-modified: Mon, 27 Jun 2022 07:45:46 GMT
server: cloudflare
etag: "b54dcdc45f98717d93b7534357360f0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 7220579e8d159a05-FRA
x-amz-cf-id: MZ8iWNM18hfugCJAZQwUsrXocTUK_KeMxXTaFtjrPmFWu6W_qeWNNw==

GET
H2 200 social_btns.html Show response
login.globo.com/assets/partials/ Frame 5CC9 2 KB
910 B 246ms
244ms XHR
text/html 131.0.25.28
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.globo.com/assets/partials/social_btns.html

Requested by

Host: s.glbimg.com
URL: https://s.glbimg.com/pc/cf/javascripts/built-20220622134641.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

131.0.25.28 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

131.0.25-28.prt.globo.com

Software

nginx /

Resource Hash

64904544d421a95e8389c1425f37e1aca4cd2853c968f2070b8f4c6e9cfec24f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: application/json, text/javascript
Referer: https://login.globo.com/login/6668?url=https%3A%2F%2Fs3.glbimg.com%2Fv1%2FAUTH_65d1930a0bda476ba8d3c25c5371ec3f%2Fpiano%2Fhelper%2Fredirect.html%23https://assinaturaglobo.globo.com/valor/login%3Fcampanha%3Dsim%26utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info%26oferta%3Dvalor-digital-30-gratis-1990-3m
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:53 GMT
content-encoding: gzip
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: max-age=30
strict-transport-security: max-age=15768000
x-robots-tag: noindex
x-request-id: 85313e24-2387-48e5-873f-1db85a96ccd2
expires: Mon, 27 Jun 2022 18:46:23 GMT

GET
H2 200 horizon-client-js.min.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ Frame 5CC9 11 KB
4 KB 237ms
237ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-client-js.min.js
Requested by: Host: s.glbimg.com
URL: https://s.glbimg.com/bu/rt/js/glb-pv-min.js?utv=ut4.44.201810191510
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:53 GMT
content-encoding: gzip
x-openstack-request-id: tx62deba973fd84ecf9d424-0062b9faa9
last-modified: Fri, 13 Nov 2020 17:21:38 GMT
x-thanos: 0AB47184
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1605288097.88717
cache-control: public, max-age=600
x-trans-id: tx62deba973fd84ecf9d424-0062b9faa9
x-request-id: a05c311e-64e9-44b6-bc3c-bfb4264e6909

GET
H2 200 utag.3.js Show response
tags.tiqcdn.com/utag/globo/globoid/prod/ Frame 5CC9 24 KB
6 KB 22ms
22ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/globoid/prod/utag.3.js?utv=ut4.44.202010052106
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/globoid/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d036d933eab8fd63b2c0e62cd69c22afa31fa68248c7341d4bbae9d65cddb8cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:53 GMT
content-encoding: gzip
last-modified: Mon, 05 Oct 2020 21:06:38 GMT
server: AkamaiNetStorage
etag: "143f27d29df435803cc58efca7c7f2e1:1601931998.073902"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 6353
expires: Tue, 12 Jul 2022 18:45:53 GMT

GET
H2 200 tv4.min.js Show response
s3.glbimg.com/cdn/libs/tv4/1.3.0/ Frame 5CC9 28 KB
10 KB 237ms
237ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/libs/tv4/1.3.0/tv4.min.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:53 GMT
content-encoding: gzip
x-openstack-request-id: txc7fafcd9d7ec4a6984002-00619540bc
last-modified: Fri, 25 May 2018 14:11:50 GMT
x-thanos: 0AB47184
vary: Accept-Encoding, Origin
content-type: application/javascript
x-timestamp: 1527257509.32548
cache-control: public, max-age=31536000
x-trans-id: txc7fafcd9d7ec4a6984002-00619540bc
x-request-id: ebcf07c5-a71f-43c7-b60c-0ec6fb4aef8e

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ Frame 5CC9 4 B
25 B 26ms
26ms XHR
text/plain 2a00:1450:400c:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-296593-6&cid=1437670738.1656355551&jid=1344970780&gjid=1029976386&_gid=1196323185.1656355551&_u=SCCAgEABBAAAAG~&z=1470884469

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c02::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.globo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 27 Jun 2022 18:45:53 GMT
content-type: text/plain
access-control-allow-origin: https://login.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 5CC9 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2037724806&t=pageview&_s=1&dl=https%3A%2F%2Flogin.globo.com%2Flogin%2F6668%3Furl%3Dhttps%253A%252F%252Fs3.glbimg.com%252Fv1%252FAUTH_65d1930a0bda476ba8d3c25c5371ec3f%252Fpiano%252Fhelper%252Fredirect.html%2523https%3A%2F%2Fassinaturaglobo.globo.com%2Fvalor%2Flogin%253Fcampanha%253Dsim%2526utm_source%253Demail%2526utm_medium%253Demail%2526utm_campaign%253D20220500_ve_vd_30free_info%2526oferta%253Dvalor-digital-30-gratis-1990-3m&dr=https%3A%2F%2Fassinaturaglobo.globo.com%2F&ul=en-us&de=UTF-8&dt=Login&sd=24-bit&sr=1600x1200&vp=346x540&je=0&_u=SCCAgEABBAAAAC~&jid=1344970780&gjid=1029976386&cid=1437670738.1656355551&tid=UA-296593-6&_gid=1196323185.1656355551&cd46=6668&cd99=92112234183250841758&cd97=92112234183250841758&cd98=anonymous&cd96=anonymous&cd36=desktop&cd5=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F103.0.5060.53%20safari%2F537.36&cd1=web&z=1602760804

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 00:12:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66790
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame C7D2 798 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 checksiteconfig Show response
hcaptcha.com/ Frame C7D2 530 B
874 B 42ms
41ms XHR
application/json 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/checksiteconfig?v=51c8a75&host=login.globo.com&sitekey=4b25f3c0-dbd1-45ad-85d5-8898bbdd855a&sc=1&swa=1

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/51c8a75/hcaptcha.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6644f470aaec00eafaf8d99bed7ecdb9fc398982311de266c84760b66f61977b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://newassets.hcaptcha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 27 Jun 2022 18:45:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass: 2
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 7220579f7ef99a05-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ga-audiences
www.google.com/ads/ Frame 5CC9 42 B
63 B 58ms
58ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-296593-6&cid=1437670738.1656355551&jid=1344970780&_u=SCCAgEABBAAAAG~&z=858484659

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 18:45:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ Frame 5CC9 42 B
63 B 59ms
59ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-296593-6&cid=1437670738.1656355551&jid=1344970780&_u=SCCAgEABBAAAAG~&z=858484659

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 18:45:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 hsw.js Show response
newassets.hcaptcha.com/c/7b329798/ Frame 5763 963 KB
362 KB 33ms
33ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/c/7b329798/hsw.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/51c8a75/hcaptcha.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10be47fffa11d8d498eee5ddcd8ded56b0d4846dd5ffcd992fe9260d88f2abe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newassets.hcaptcha.com/captcha/v1/51c8a75/static/hcaptcha.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:53 GMT
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 79082
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 23 Jun 2022 20:46:14 GMT
server: cloudflare
etag: W/"800e57a53bdccfd32c0f3d3db9d3c7b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: FRA50-C1
cf-ray: 7220579fcf6e9a05-FRA
x-amz-cf-id: 2p810AaSZi-ISRgg1m6bS8RPjj4xlNK8nJvJAqmCbbxuJu4EyqI7iQ==

GET
H2 200 google-btn.html
login.globo.com/assets/partials/ Frame 5CC9 258 B
430 B 243ms
243ms XHR
text/html 131.0.25.28
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.globo.com/assets/partials/google-btn.html

Requested by

Host: s.glbimg.com
URL: https://s.glbimg.com/pc/cf/javascripts/built-20220622134641.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

131.0.25.28 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

131.0.25-28.prt.globo.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: application/json, text/javascript
Referer: https://login.globo.com/login/6668?url=https%3A%2F%2Fs3.glbimg.com%2Fv1%2FAUTH_65d1930a0bda476ba8d3c25c5371ec3f%2Fpiano%2Fhelper%2Fredirect.html%23https://assinaturaglobo.globo.com/valor/login%3Fcampanha%3Dsim%26utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info%26oferta%3Dvalor-digital-30-gratis-1990-3m
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:53 GMT
content-encoding: gzip
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: max-age=30
strict-transport-security: max-age=15768000
x-robots-tag: noindex
x-request-id: 1f7e517f-ba83-4c86-9274-2ba9823ae0d6
expires: Mon, 27 Jun 2022 18:46:23 GMT

GET
H2 200 apple_btn.html
login.globo.com/assets/partials/ Frame 5CC9 339 B
455 B 243ms
243ms XHR
text/html 131.0.25.28
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.globo.com/assets/partials/apple_btn.html

Requested by

Host: s.glbimg.com
URL: https://s.glbimg.com/pc/cf/javascripts/built-20220622134641.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

131.0.25.28 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

131.0.25-28.prt.globo.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: application/json, text/javascript
Referer: https://login.globo.com/login/6668?url=https%3A%2F%2Fs3.glbimg.com%2Fv1%2FAUTH_65d1930a0bda476ba8d3c25c5371ec3f%2Fpiano%2Fhelper%2Fredirect.html%23https://assinaturaglobo.globo.com/valor/login%3Fcampanha%3Dsim%26utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info%26oferta%3Dvalor-digital-30-gratis-1990-3m
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:53 GMT
content-encoding: gzip
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: max-age=30
strict-transport-security: max-age=15768000
x-robots-tag: noindex
x-request-id: 9cb95ab7-f6c5-4689-874c-1b29eea91e5e
expires: Mon, 27 Jun 2022 18:46:23 GMT

GET
H2 200 fechar_preto.svg
login.globo.com/pc/cf/images/svg/ Frame 5CC9 601 B
892 B 243ms
242ms Image
image/svg+xml 131.0.25.28
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.globo.com/pc/cf/images/svg/fechar_preto.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

131.0.25.28 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

131.0.25-28.prt.globo.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/login/6668?url=https%3A%2F%2Fs3.glbimg.com%2Fv1%2FAUTH_65d1930a0bda476ba8d3c25c5371ec3f%2Fpiano%2Fhelper%2Fredirect.html%23https://assinaturaglobo.globo.com/valor/login%3Fcampanha%3Dsim%26utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info%26oferta%3Dvalor-digital-30-gratis-1990-3m
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:53 GMT
last-modified: Wed, 22 Jun 2022 16:46:42 GMT
server: nginx
etag: "2a715917c5ff9a4293faf68d0f44ee6f06666dfb"
x-cache-status: HIT
strict-transport-security: max-age=15768000
content-type: image/svg+xml
cache-control: max-age=30
x-robots-tag: noindex
content-length: 601
x-request-id: 17b1f850-0fa6-438c-9db6-f375c5faf32a
expires: Mon, 27 Jun 2022 18:46:23 GMT

GET
H2 200 erro_preto.svg
login.globo.com/pc/cf/images/svg/ Frame 5CC9 2 KB
2 KB 244ms
242ms Image
image/svg+xml 131.0.25.28
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.globo.com/pc/cf/images/svg/erro_preto.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

131.0.25.28 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

131.0.25-28.prt.globo.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/login/6668?url=https%3A%2F%2Fs3.glbimg.com%2Fv1%2FAUTH_65d1930a0bda476ba8d3c25c5371ec3f%2Fpiano%2Fhelper%2Fredirect.html%23https://assinaturaglobo.globo.com/valor/login%3Fcampanha%3Dsim%26utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info%26oferta%3Dvalor-digital-30-gratis-1990-3m
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:53 GMT
last-modified: Wed, 22 Jun 2022 16:46:42 GMT
server: nginx
etag: "08438daee16a41925013d3c2eeda20c32efedb2b"
x-cache-status: HIT
strict-transport-security: max-age=15768000
content-type: image/svg+xml
cache-control: max-age=30
x-robots-tag: noindex
content-length: 1555
x-request-id: ffc9639e-378a-4a0e-b09d-5bd027e575aa
expires: Mon, 27 Jun 2022 18:46:23 GMT

GET
H2 200 facebook_logo.svg
s.glbimg.com/pc/cf/images/svg/ Frame 5CC9 2 KB
1 KB 238ms
237ms Image
image/svg+xml 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.glbimg.com/pc/cf/images/svg/facebook_logo.svg

Requested by

Host: s.glbimg.com
URL: https://s.glbimg.com/pc/cf/css/site-20220622134641.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.glbimg.com/pc/cf/css/site-20220622134641.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 169639440 ra11 03 07
age: 341972
content-length: 744
x-xss-protection: 1; mode=block
x-request-id: 2c49c8f0-4789-4434-a7e9-6c5eb2948857
last-modified: Wed, 22 Jun 2022 16:48:54 GMT
x-thanos: 0AB5D031
etag: W/"62b347f6-612"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 30 Jun 2022 19:46:21 GMT

GET
H2 200 opensans-bold-webfont.woff
s.glbimg.com/pc/cf/fonts/ Frame 5CC9 20 KB
20 KB 239ms
239ms Font
application/x-font-woff 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/cf/fonts/opensans-bold-webfont.woff

Requested by

Host: s.glbimg.com
URL: https://s.glbimg.com/pc/cf/css/site-20220622134641.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s.glbimg.com/pc/cf/css/site-20220622134641.min.css
Origin: https://login.globo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:53 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 629067317 ra09 20 03
age: 423493
content-length: 20368
x-xss-protection: 1; mode=block
x-request-id: 601f85b9-a6de-477c-9b2f-09875fa2c40a
last-modified: Wed, 22 Jun 2022 16:48:54 GMT
x-thanos: 0AB4D012
etag: "62b347f6-4f90"
vary: Origin
content-type: application/x-font-woff
access-control-allow-origin: https://login.globo.com
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 29 Jun 2022 21:07:40 GMT

GET
H2 200 horizon-pageview
horizon.globo.com/auth-session/activity/login/ Frame 5CC9 0
175 B 123ms
122ms Image
text/plain 35.211.79.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horizon.globo.com/auth-session/activity/login/horizon-pageview?object=https%3A%2F%2Flogin.globo.com%2Flogin%2F6668&Referrer=https%253A%252F%252Fassinaturaglobo.globo.com%252F&tags=&client_version=0.3.11

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.211.79.33 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

33.79.211.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:53 GMT
x-served-from: hzt-tsuru
content-length: 0
strict-transport-security: max-age=60
content-type: text/plain; charset=UTF-8

GET schemas
horizon-schemas.globo.com/ Frame 5CC9 0
0

GET
H3 200 e Show response
newassets.hcaptcha.com/i/5b174c7/ Frame 5763 57 KB
58 KB 35ms
35ms Fetch
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/i/5b174c7/e

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/c/7b329798/hsw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da6e32a9eb6d7d3b2c8d66faf07ca5584b298899c24fc973861616067f6ab22f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newassets.hcaptcha.com/captcha/v1/51c8a75/static/hcaptcha.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:45:53 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17016
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 22 Jun 2022 05:47:19 GMT
server: cloudflare
etag: W/"a99334a4a1b3b541b9e4b416ef7ca514"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: FRA50-C1
cf-ray: 722057a1399e9a05-FRA
x-amz-cf-id: iFkCT7IJtaAEynHcLzN8_wkp922BVUZEUs8erjhcTMTBPkv9_Qbmzg==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: r.nexac.com
URL: https://r.nexac.com/e/getdata.xgi?dt=br&pkey=gpwn29rvapq62&ru=https://beacon.krxd.net/data.gif?_kuid%3DO7H37Etu%26_kdpid%3D2dd640a6-6ebd-4d4f-af30-af8baa441a0d%26dlxid%3D%3Cna_id%3E%26dlxdata%3D%3Cna_da%3E

Domain: horizon-schemas.globo.com
URL: https://horizon-schemas.globo.com/schemas

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

52 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
assinaturaglobo.globo.com/valor/oferta	1970-01-20 04:05:57	Name: _gada_ses.704e Value: *
assinaturaglobo.globo.com/valor/oferta	1970-01-20 21:37:07	Name: _gada_id.704e Value: 469a5153-2f22-4987-b679-9789ae7f51d0.1656355551.1.1656355551.1656355551.2763d1e5-8d13-475c-9545-5b32a710e88f
assinaturaglobo.globo.com/valor/oferta	1970-01-20 04:07:21	Name: privAu Value: 0
links.radar-de-novidades.info/	1969-12-31 23:59:59	Name: TEMP_DATA Value: 56f66f53-db62-4730-aeed-e4d283b3e757
links.radar-de-novidades.info/	1969-12-31 23:59:59	Name: esg1 Value: kni/FCws/jYNaMOwuWhXjmQxwMgfmRy/j/cxfA/F/f5754991
.globo.com/	1970-01-20 06:15:31	Name: _fbp Value: fb.1.1656355545590.2101553058
.bing.com/	1970-01-20 13:27:31	Name: MUID Value: 2AD9ACD4EF156EDD3E3BBD04EE7E6FCB
.twitter.com/	1970-01-20 21:37:07	Name: personalization_id Value: "v1_e3mDKiIiJj++wc5ZkyxtGg=="
.t.co/	1970-01-20 21:37:07	Name: muc_ads Value: 3dff46f1-c262-4dd7-9b23-ad69e8b8946f
.ct.pinterest.com/	1970-01-20 12:51:31	Name: _pinterest_ct_ua Value: "TWc9PSZibGt1OCtMSHkveDgyeXhFWGdtN1h3T1hBcnpwMmdDQTQ5TitVNWo2bm1aeGpjS3NyY25KdUw3WFNXMjlXbmE5UlJVUjZtelpPTEFiOXNqRFpORGZBQmx3eG5oM2N6aytWcTVCdlpEcldFMD0mdGxSMkFJNjZQNmpEQ2NjNlZCekVoU3l2eDlFPQ=="
.assinaturaglobo.globo.com/	1970-01-20 12:51:31	Name: _pin_unauth Value: dWlkPVpEVTNNelprTlRBdE1tSm1NaTAwTkRWa0xUbG1OVEV0WkdObVlXSmlaVGRsTnpaaA
www.clarity.ms/	1970-01-20 12:51:31	Name: CLID Value: f2b2a641268544818eec316605a07fcf.20220627.20230627
.globo.com/	1970-01-20 12:51:31	Name: _clck Value: nrh9ah\|1\|f2o\|0
invttjs.com.br/	1970-01-23 19:41:55	Name: pfinder_session_id Value: 3b34c4d5479f32257853efe08607f63d2da7bf8b
invttjs.com.br/	1970-01-20 12:51:31	Name: 3b34c4d5479f32257853efe08607f63d2da7bf8b Value: 836257736
.globo.com/	1970-01-20 04:07:21	Name: _uetsid Value: 5b468930f64911ec95f883de26d178f6
.globo.com/	1970-01-20 13:27:31	Name: _uetvid Value: 5b469bb0f64911ecbeb63354f119de3e
.globo.com/	1970-01-20 12:51:31	Name: deepbi_firstparty_cookie Value: cl4x3brgc4l3b851uu0
.navdmp.com/	1970-01-20 21:22:43	Name: nid Value: 10f7b48484ee82c9c1c67ed9b210\|0\|207
.globo.com/	1970-01-20 12:51:31	Name: nav13574 Value: 10f7b48484edcbe87df44564b910\|2_179
.globo.com/	1969-12-31 23:59:59	Name: deepbi_user_deepcookie Value: l4x3brlz-32ql8vg
.krxd.net/	1970-01-20 08:25:07	Name: _kuid_ Value: O7H37Etu
.criteo.com/	1970-01-20 13:27:31	Name: uid Value: aaf456e8-321e-41d5-94a1-44e5ab4a7f27
.adnxs.com/	1970-01-20 06:15:31	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2GVTu'i0$!]tbP6j2F-XstGt!@Dk4$q]k*
.demdex.net/	1970-01-20 08:25:07	Name: demdex Value: 79255834533517906562087371510744256425
.adnxs.com/	1970-01-20 06:15:31	Name: uuid2 Value: 518864608464924887
.dpm.demdex.net/	1970-01-20 08:25:07	Name: dpm Value: 79255834533517906562087371510744256425
.1rx.io/	1970-01-20 12:51:31	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-afc57807-659c-4bfb-b581-a113da270556-003%22%7D
.globo.com/	1970-01-20 12:51:52	Name: kppid Value: 92112234183250841758
.globo.com/	1970-01-20 04:05:57	Name: hsid Value: edafcb2f-cf0e-40b0-8b2a-834964d368b2
.targeting.unrulymedia.com/	1970-01-20 12:51:31	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-afc57807-659c-4bfb-b581-a113da270556-003%22%7D
.yahoo.com/	1970-01-20 12:51:53	Name: A3 Value: d=AQABBNz6uWICELz2ragYLog6yM6aVUEOU14&S=AQAAAqNdQwAX40bAXGG2VWL1P_o
.doubleclick.net/	1970-01-20 13:27:31	Name: IDE Value: AHWqTUnHsMoEUrqz111nZX5N1fKPvfkkq-m4DHzKmCPBwW5HToUpfAem8F0h06z4EHM
.c.bing.com/	1970-01-20 13:27:31	Name: SRM_B Value: 2AD9ACD4EF156EDD3E3BBD04EE7E6FCB
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 13:27:31	Name: MUID Value: 2AD9ACD4EF156EDD3E3BBD04EE7E6FCB
.c.clarity.ms/	1970-01-20 04:05:56	Name: ANONCHK Value: 0
.google.com/	1970-01-20 08:29:26	Name: NID Value: 511=E7iGVYddf_ETVZZ0MyD8eD3tjkBDhuR5lYJqKiDk5Qd5SjnZlqxf-bALx5AjZR8zcLFV2und4b60ODon2-BdHZpYinI-3blnvlYZOrygTVu4m--bGOQLToJZrgopFjLClrtnIDBnss8T3d5on-haAJb3utr7iIDtIiVlTzRn2Fs
.globo.com/	1970-01-20 12:44:08	Name: glb_uid Value: "APRnsQnuUvDW3URVOR7K6QYuB2byWk04aF4oXeuZfVo="
.globo.com/	1970-01-20 12:44:19	Name: cookie-banner-consent-accepted Value: false
.krxd.net/	1970-01-20 04:08:48	Name: e_MxFO7Rcn^querystring\|utm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3D20220500_ve_vd_30free_info%26campanha%3Dsim^paginavirtual\|%2Fvalor%2Flogin Value: 1656355550
.globo.com/	1970-01-20 04:05:57	Name: deepbi_user_session Value: 2dcce75a-9b5c-4761-90a8-f804f7b8c2e2\|1
.globo.com/	1970-01-20 21:37:07	Name: _ga Value: GA1.2.1437670738.1656355551
.globo.com/	1970-01-20 04:07:21	Name: _gid Value: GA1.2.1196323185.1656355551
.globo.com/	1970-01-20 04:05:55	Name: _gat_UA-51216819-24 Value: 1
.globo.com/	1970-01-20 04:07:21	Name: _clsk Value: 10fx5ff\|1656355550978\|2\|1\|i.clarity.ms/collect
invttjs.com.br/	1970-01-23 19:41:55	Name: pfinder_referer_id Value: 29365728
.globo.com/	1970-01-20 04:05:55	Name: _gat Value: 1
.globo.com/	1970-01-20 12:51:31	Name: utag_main Value: v_id:0181a67be62f000eaf51d225fd4d0307300a506b00b08$_sn:1$_ss:0$_st:1656357352836$ses_id:1656355546672%3Bexp-session$_pn:2%3Bexp-session
.login.globo.com/	1970-01-20 21:37:07	Name: _ga Value: GA1.3.1437670738.1656355551
.login.globo.com/	1970-01-20 04:07:21	Name: _gid Value: GA1.3.1196323185.1656355551
.login.globo.com/	1970-01-20 04:05:55	Name: _gat_login Value: 1

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/379708.gif?partner_uid=O7H37Etu Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://r.nexac.com/e/getdata.xgi?dt=br&pkey=gpwn29rvapq62&ru=https://beacon.krxd.net/data.gif?_kuid%3DO7H37Etu%26_kdpid%3D2dd640a6-6ebd-4d4f-af30-af8baa441a0d%26dlxid%3D%3Cna_id%3E%26dlxdata%3D%3Cna_da%3E Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://horizon-track.globo.com/event/ecommerce Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://api-assinaturaglobo.globo.com/ Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://login.globo.com/api/user Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api-assinaturaglobo.globo.com
api.deep.bi
apis.google.com
appleid.cdn-apple.com
assinaturaglobo.globo.com
bat.bing.com
beacon.krxd.net
c.bing.com
c.clarity.ms
cdn.krxd.net
cdn.navdmp.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cocoon.globo.com
connect.facebook.net
consumer.krxd.net
ct.pinterest.com
dpm.demdex.net
fonts.gstatic.com
gadasource.storage.googleapis.com
gum.criteo.com
hcaptcha.com
horizon-schemas.globo.com
horizon-track.globo.com
horizon.globo.com
i.clarity.ms
ib.adnxs.com
idsync.rlcdn.com
invttjs.com.br
ivccf.ivcbrasil.org.br
links.radar-de-novidades.info
login.globo.com
newassets.hcaptcha.com
news.google.com
pixel-sync.sitescout.com
play.google.com
r.ar-mtch1.com
r.nexac.com
s.glbimg.com
s.pinimg.com
s3.glbimg.com
sb.scorecardresearch.com
ssl.google-analytics.com
stags.bluekai.com
static.ads-twitter.com
stats.g.doubleclick.net
sync.1rx.io
sync.navdmp.com
sync.targeting.unrulymedia.com
t.co
tag.navdmp.com
tags.tiqcdn.com
token.rubiconproject.com
usergate.globo.com
usermatch.krxd.net
usr.navdmp.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
horizon-schemas.globo.com
r.nexac.com
100.24.249.189
104.111.215.191
104.16.168.131
104.244.42.131
104.244.42.5
104.75.88.194
104.75.88.209
13.69.68.37
131.0.25.102
131.0.25.28
142.250.185.98
143.204.215.7
151.101.130.133
151.101.194.133
167.99.12.84
185.33.220.100
186.192.81.117
186.192.90.3
186.192.91.5
199.232.188.157
20.234.93.27
201.7.182.209
212.82.100.182
213.19.147.45
2606:4700:10::ac43:c60
2606:4700::6810:ff3
2620:1ec:27::cafe:1824
2620:1ec:c11::200
2a00:1450:4001:801::200e
2a00:1450:4001:803::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:812::2003
2a00:1450:4001:812::2008
2a00:1450:4001:813::2008
2a00:1450:4001:828::2003
2a00:1450:4001:829::200e
2a00:1450:4001:831::2010
2a00:1450:400c:c02::9d
2a02:2638:1::13
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:62::84
35.198.44.170
35.211.79.33
35.244.153.86
35.244.174.68
52.167.85.21
52.17.114.133
54.186.100.168
54.73.80.98
66.155.71.149
69.173.144.138
91.199.51.78
96.16.134.158
0165724caee20c130e27cb514da9d6193e2dc2386540c56eb15e86fcd13ba880
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0c02b58c454919d2e837f811f37fc15c05dc3d98600f749e13073862785b7221
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
10be47fffa11d8d498eee5ddcd8ded56b0d4846dd5ffcd992fe9260d88f2abe5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10ffcca378d5b7d99d60f92500aabf7966c8190a61899632997bd13402612e94
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
16c209442823e2510039ae084a20eb4de5d20fd5dface2afed1ea771249e61ae
192d2eb7078526e7974933da14512e5f5d64902e654d1e4ee5b421abbf169a3b
20738f14a52a62267ddc72a572cca1a8857f6c84619508b11bbd06487babc08c
20ae250a77c55cf9073653424dd6ae440ae54347958dbfc6a3242c08159aea00
256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719
2a094f20625bcd77cb51bdf73bc143bececf9268b1df7107fdfcdf3925c1947e
2e2402a0225660fe37aee14e380bdae4c018deee4bbfb3edbfa162025bc27bc8
2e53bbdf41db08d5017462fe9963a8ee505c7a8ff83756c5217635019a076465
2f808931006f4a1639d87989449d6957789bf6d6e3f4d0d9e2e79e8fef4b79b5
322a189a59e4c2bb88503d921a1c3335f2d02c678083ec71e78891b9a9d316f2
354aa4a15f9f9924b3cdd5458afaeb92e6b20b45fabb0e552bfa31c81688263e
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41b8a749d730a8344bc3cfa659281421f180e30da5eea29c962aaaef6dfea0be
42a01548a7b81931ee217dbf349b2938f5a8f52832ccfd84f5db0bd7febb6b3b
4346b2a3472308d2ebbaddf20392dc1318d01ea0e053918b41ec31a77c3edc1a
43640d9ad92bbe4e01c5b6b81c98e0bdd4af47a8970cdb2fa63eb40cca1b955e
43e22721ce191cab06c0f7269431a9eac8a32579d764c2e005852d3502c459fc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44997ba408b32186e808b9b8c124c130c7fd6a09d10740e9485d77e9a4e178d7
4a84ef4e13599cf4c8cf989d88968a6ad1793ad55504975921932eea10b289cc
4b007cb6302db5f43b7e983890138d14317aaacf80a896f0af7f2afa253c519e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5399e69ce8d717272c16d3d206182b963a1cd039fdba68a99c58316d8ee40a25
54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4
5758eb320be87c5d14991a069eaab810bd04ff404b2b3c6689ca003333b6a8d6
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98
5b590e7d58cd4f896490e60708b5c6bfc944f4aaef623b3e46210abdce5f3858
5eebb2d8b13bd109f7b8de9446033b0282103fa6fda5f0bf5f6701e384aa0bd3
64904544d421a95e8389c1425f37e1aca4cd2853c968f2070b8f4c6e9cfec24f
655e8547a0f057f68c1a3bbe78d65bcdaee6bc402814d11e3b6fc1da6e0d9dfc
6644f470aaec00eafaf8d99bed7ecdb9fc398982311de266c84760b66f61977b
696ca6f4eaabe0803032cf9a2ba74328c7df0e1d9379b614091fc252db3965b1
6a8bb38735c75cc885d71da0950e532a2b27f451b00b7ad69140c70daa101b7a
6c628a332e6666668f74a31520d26d2f52d21cd49b8a35dad5c5eba5fcada75d
7672243e61ee215c17e5f34b65f3cbf10ebc0514cc31f8b98d900fa116b96b89
7e9c6f8724ef9f63cadb033441877f593f541d8ce086705193c1caa20e6397aa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85c9a9ed5a4067aeee3c65b2e6a5734fbb15ca27c017e6224f3e9d67ce3bfd47
85e22ee472f1239199d2ee426e82e348a969ab4787472fc6a8756f883ac69ce4
8968e9bc7f1c0b29fd9e4866e5d9d7bd3f399f86757a2770215e3c1d52168b11
8a10ae882c6c107feaa67ae26d059ed4c2bd46afb13d6c1a4f626140a91b3b2f
8d62d128da75ce2664a429d95e53ebe01590d5b8ffa1838654663805ad3211c4
8e16b6bf9912bbd08123a9600279eafdbe64aa45dfb994420bc0e136cb3dfe50
8fe2159dd8574bfc66ae39c30c52bad8d5603d64a633db2dda666801884ea41c
925947d3d711c4441a9db20f51215fbf5c119d2a3b51cadb2c9031907d8014b5
945c117524fc6727eb8caa71e0682bb5e312828cc9651e640e5c759930ddb4ac
94bdf249d07d61fd7481ec15d49414d07e4d92ba4c1d7d7b86a49f1318127847
96945f3a512db6847ff71779b93fb8808a6817e4c37457e3383f7a6a05ccc25a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bba0527ce27673a97e2bb67685ba6733809595362fc6b10c0da6bce38777b9e
9f07eb1d3485dabe204a944ab51fd4d7b4f2247c58f170714cfb40ff118af06e
9f6425840449ca00fcbadd71436de83dd8346272d5c631f1a2b9d6a5abfb084e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b46f5744f17746232b472f060ead6a570e37088200b9555c95272fb5bedc29dd
b534497f5d0fcbe1e99f5966cc5f418367668d07d11bbd88dbc5cdd0baba851d
b59c7712e75a6f0bbefd0fefa67e85d464cf14bbd7463331f4ba7e0a963ace1d
b9a064ae922e5629b0c887b5acc960349a1b692d0333b4b7dc9b0cea3a8de22e
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
c3274e4a994456a22387359c77410b86e975adb6494f9cbcffd4b6a59949498d
c95d43e9fb75556a5a749b30ce5c22963b68ef48c40ebabab656609aed51bf81
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbf7fe23e5a7c185dcec8933b441988332412075d2719f1f1d5505752d9d5ec6
cc23f165678367de92b0a57bf3a0c3d297b15c6878753392b21f09d2fecd30d7
ced49017b1747b55cec9c576da1dc15fa47ce9cd77ec6e0cf27033892e826864
d036d933eab8fd63b2c0e62cd69c22afa31fa68248c7341d4bbae9d65cddb8cc
d136ed543accc2853757ecf440cf15871f889fe3fbb29136627653a9f8e5e675
d1872ace7c3af8a214bec239d58ad3d4f3e0d5eee7a18bb416aa9cd28fff233d
d1edfa7fc9ea267de0e25b108322fc6bd9cd2c34352a09fdd261906febad4b8e
d3decc75ba01ec53d1204eee13646967c5ec5ae009d0172ff3a06d38e0c8ef44
d4c5d952297366d4e340d33bef112d53749ea1b14f3bc9bbbe9c8dc9d73bb354
d4dd1bb888f113128d5fef88e34857a1acbd4f7c81ae36d4397f31275e751982
d7fdc28f37526d01e9d22df9e8f3efa8c786b6d5a19662303b66f1e7f7f06ee6
da6e32a9eb6d7d3b2c8d66faf07ca5584b298899c24fc973861616067f6ab22f
dba9d0d53a8ef16369ce3d1881c0591da6718eadad04da7806676094fc4b9ee9
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dea42e0f179347a75dd9fa41636bd1fa1ae92397bcde89a1389eeb8c0ace0fca
e0eac80838c161f29e7c46d54fbc044d12cd164baae13255e562c6be3aa91809
e1acaf1b84c7c6a5a7ae96e4b9cce92c540c0c8ebbb0e56f8ff473917e2e9a72
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef40a6765a2a1e77c2796409a5eb0997a59f252a7dffb72ea05f0cc660c8197f
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f248ce1206daaf68b21082d50c064ad83f4eac68a22e5b4d331449ca35f4e392
f26070fd8b359ad65a85fe285128f9c5cfc2e73db31d417752213c7462d69d54
f6ed7ce781d33aa7efcab3a8fe4b55d2c2f200c1ec5a702d084849386e4c3082
f8e4fef857a510052b1a6fd53e746c63a1f5b8ef0b058e16595708b8a1480ae9
f9dadc8b0c8b9627c62ab73917abb8fbe03f57c3f95d97950540f67fcd87bd79
fd594a4e77975c740e10e276fb96fc4f0f3377fad8dbe4d0e3d7c34e740a2d45
fdbcf3f8c23ae517899eceb6bcd1cab91a8118e674efa70b7ba87b03872d82cb

assinaturaglobo.globo.com Open in urlscan Pro 131.0.25.102 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

192 Requests

93 %HTTPS

36 %IPv6

40 Domains

64 Subdomains

51 IPs

10 Countries

2810 kBTransfer

7323 kBSize

52 Cookies

2 Outgoing links

Page URL History

Redirected requests

192 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

assinaturaglobo.globo.com Open in urlscan Pro
131.0.25.102 Public Scan

Screenshot
Live screenshot

Full Image

192
Requests

93 %
HTTPS

36 %
IPv6

40
Domains

64
Subdomains

51
IPs

10
Countries

2810 kB
Transfer

7323 kB
Size

52
Cookies

192 HTTP transactions
2 data transactions