gshow.globo.com Open in urlscan Pro
186.192.81.35 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cutt.ly/WwcQocFp
Effective URL:
https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Submission: On September 21 via manual (September 21st 2023, 1:54:02 am UTC) from DE — Scanned from CH

Summary HTTP 411 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 73 IPs in 8 countries across 48 domains to perform 411 HTTP transactions. The main IP is 186.192.81.35, located in Duque de Caxias, Brazil and belongs to Globo Comunicacao e Participacoes SA, BR. The main domain is gshow.globo.com. The Cisco Umbrella rank of the primary domain is 677181.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on September 8th 2023. Valid for: a year.

This is the only time gshow.globo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.8.238 172.67.8.238	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	186.192.81.35 186.192.81.35	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
110	186.192.90.3 186.192.90.3	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
9	172.217.18.1 172.217.18.1	15169 (GOOGLE) (GOOGLE)
19	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
5	142.250.74.200 142.250.74.200	15169 (GOOGLE) (GOOGLE)
21	186.192.91.9 186.192.91.9	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
6	186.192.91.5 186.192.91.5	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
6	172.217.18.14 172.217.18.14	15169 (GOOGLE) (GOOGLE)
2	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
3	35.198.42.85 35.198.42.85	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	108.177.15.157 108.177.15.157	15169 (GOOGLE) (GOOGLE)
3 7	13.32.99.90 13.32.99.90	16509 (AMAZON-02) (AMAZON-02)
12	216.58.206.46 216.58.206.46	15169 (GOOGLE) (GOOGLE)
3	104.16.13.243 104.16.13.243	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	35.201.123.184 35.201.123.184	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.18.41.170 104.18.41.170	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	35.198.44.170 35.198.44.170	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	104.18.167.224 104.18.167.224	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
5	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
7	34.107.254.252 34.107.254.252	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.19.150.54 104.19.150.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	46.137.158.119 46.137.158.119	16509 (AMAZON-02) (AMAZON-02)
1	52.215.100.89 52.215.100.89	16509 (AMAZON-02) (AMAZON-02)
2	13.107.213.45 13.107.213.45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
13	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	13.35.255.75 13.35.255.75	16509 (AMAZON-02) (AMAZON-02)
3	34.95.229.88 34.95.229.88	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	172.217.18.4 172.217.18.4	15169 (GOOGLE) (GOOGLE)
2	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
4	34.102.185.99 34.102.185.99	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	23.56.202.187 23.56.202.187	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.22.53.86 104.22.53.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.127.127 18.66.127.127	16509 (AMAZON-02) (AMAZON-02)
2	104.16.86.20 104.16.86.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	178.250.1.3 178.250.1.3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	65.9.66.68 65.9.66.68	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	142.250.181.225 142.250.181.225	15169 (GOOGLE) (GOOGLE)
2	35.244.153.86 35.244.153.86	15169 (GOOGLE) (GOOGLE)
4	35.211.79.33 35.211.79.33	15169 (GOOGLE) (GOOGLE)
3	44.196.12.222 44.196.12.222	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	186.192.81.117 186.192.81.117	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
13	142.250.185.129 142.250.185.129	15169 (GOOGLE) (GOOGLE)
1	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
52	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
4	104.211.35.148 104.211.35.148	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	54.171.14.223 54.171.14.223	16509 (AMAZON-02) (AMAZON-02)
4	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	178.250.1.8 178.250.1.8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	213.19.162.21 213.19.162.21	26667 (RUBICONPR...) (RUBICONPROJECT)
2	5.196.111.65 5.196.111.65	16276 (OVH) (OVH)
1	142.250.185.202 142.250.185.202	15169 (GOOGLE) (GOOGLE)
2 2	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
2 4	67.220.224.150 67.220.224.150	16509 (AMAZON-02) (AMAZON-02)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
3 6	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	142.250.184.202 142.250.184.202	15169 (GOOGLE) (GOOGLE)
1	186.192.81.16 186.192.81.16	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
1	89.149.212.36 89.149.212.36	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
4	18.198.225.132 18.198.225.132	16509 (AMAZON-02) (AMAZON-02)
1	186.192.91.2 186.192.91.2	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
2	143.204.98.32 143.204.98.32	16509 (AMAZON-02) (AMAZON-02)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	204.79.197.200 204.79.197.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	172.253.122.120 172.253.122.120	15169 (GOOGLE) (GOOGLE)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
2	184.30.22.30 184.30.22.30	16625 (AKAMAI-AS) (AKAMAI-AS)
4 6	69.173.144.165 69.173.144.165	() ()
411	73

1 172.67.8.238 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cutt.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 186.192.81.35 (Duque de Caxias, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-81-35.prt.globo.com

gshow.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

110 186.192.90.3 (Duque de Caxias, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-90-3.prt.globo.com

s3.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.18.1 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.74.200 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 186.192.91.9 (Duque de Caxias, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-91-9.prt.globo.com

s2-gshow.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s2.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 186.192.91.5 (Duque de Caxias, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-91-5.prt.globo.com

p.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
barra.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.198.42.85 (São Paulo, Brazil)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 85.42.198.35.bc.googleusercontent.com

recomendacao.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.177.15.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.32.99.90 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-90.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 216.58.206.46 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.13.243 (None, )

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com

tags.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.41.170 (None, )

ASN13335 (CLOUDFLARENET, US)

d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.198.44.170 (São Paulo, Brazil)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 170.44.198.35.bc.googleusercontent.com

usergate.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.167.224 (None, )

ASN13335 (CLOUDFLARENET, US)

pub.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.137.158.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-158-119.eu-west-1.compute.amazonaws.com

vtrk.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.100.89 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-100-89.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.213.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.255.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-255-75.fra6.r.cloudfront.net

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.95.229.88 (São Paulo, Brazil)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 88.229.95.34.bc.googleusercontent.com

globo-ab.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.4 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

www.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com

b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tt-12842-2.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.53.86 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.127.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-127-127.fra60.r.cloudfront.net

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.86.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net

6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.153.86 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 86.153.244.35.bc.googleusercontent.com

cocoon.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.211.79.33 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 33.79.211.35.bc.googleusercontent.com

horizon.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
horizon-track.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.196.12.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-12-222.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 186.192.81.117 (Duque de Caxias, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-81-117.prt.globo.com

horizon-schemas.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 142.250.74.198 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.211.35.148 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

y.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.14.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-14-223.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.162.21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.196.111.65 (Le Grau-du-Roi, France)

ASN16276 (OVH, FR)
PTR: ip65.ip-5-196-111.eu

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.29 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 67.220.224.150 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 186.192.81.16 (Duque de Caxias, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-81-16.prt.globo.com

api.globovideos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.149.212.36 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

a-fds.youborafds01.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.198.225.132 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-225-132.eu-central-1.compute.amazonaws.com

prebid-a.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 186.192.91.2 (Duque de Caxias, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-91-2.prt.globo.com

s03.video.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-32.fra50.r.cloudfront.net

check.analytics.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.79.197.200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.122.120 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f120.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.165 (None, ) 4 redirects

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
136	glbimg.com s3.glbimg.com — Cisco Umbrella Rank: 96757 s2-gshow.glbimg.com — Cisco Umbrella Rank: 626587 p.glbimg.com — Cisco Umbrella Rank: 157849 s.glbimg.com — Cisco Umbrella Rank: 114155 s2.glbimg.com — Cisco Umbrella Rank: 100912 s03.video.glbimg.com — Cisco Umbrella Rank: 167440	2 MB
52	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 408	524 KB
28	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 stats.g.doubleclick.net — Cisco Umbrella Rank: 175 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 cm.g.doubleclick.net — Cisco Umbrella Rank: 329 pubads.g.doubleclick.net — Cisco Umbrella Rank: 359	217 KB
26	googlesyndication.com 6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 169 pagead2.googlesyndication.com — Cisco Umbrella Rank: 122	172 KB
20	globo.com gshow.globo.com — Cisco Umbrella Rank: 677181 barra.globo.com — Cisco Umbrella Rank: 222126 recomendacao.globo.com — Cisco Umbrella Rank: 116798 usergate.globo.com — Cisco Umbrella Rank: 124686 globo-ab.globo.com — Cisco Umbrella Rank: 105657 Failed globo-mab.globo.com Failed cocoon.globo.com — Cisco Umbrella Rank: 138569 horizon.globo.com — Cisco Umbrella Rank: 90127 horizon-schemas.globo.com — Cisco Umbrella Rank: 86364 horizon-track.globo.com — Cisco Umbrella Rank: 68629	267 KB
15	rubiconproject.com 4 redirects ads.rubiconproject.com — Cisco Umbrella Rank: 2681 fastlane.rubiconproject.com — Cisco Umbrella Rank: 784 prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3593 eus.rubiconproject.com — Cisco Umbrella Rank: 916 token.rubiconproject.com pixel.rubiconproject.com	131 KB
15	google.com 1 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1673 www.google.com — Cisco Umbrella Rank: 11	65 KB
9	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 331	165 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1290 y.clarity.ms — Cisco Umbrella Rank: 9447 c.clarity.ms — Cisco Umbrella Rank: 2092	23 KB
8	permutive.com api.permutive.com — Cisco Umbrella Rank: 2885 cdn.permutive.com — Cisco Umbrella Rank: 3714	80 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96 region1.google-analytics.com — Cisco Umbrella Rank: 1878	22 KB
7	tailtarget.com tags.t.tailtarget.com — Cisco Umbrella Rank: 89253 d.tailtarget.com — Cisco Umbrella Rank: 101019 b.t.tailtarget.com — Cisco Umbrella Rank: 80329 tt-12842-2.seg.t.tailtarget.com — Cisco Umbrella Rank: 175275 t.tailtarget.com — Cisco Umbrella Rank: 12949	28 KB
7	scorecardresearch.com 3 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 239	4 KB
6	criteo.com gum.criteo.com — Cisco Umbrella Rank: 640 bidder.criteo.com — Cisco Umbrella Rank: 949	13 KB
6	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 360 acdn.adnxs.com — Cisco Umbrella Rank: 960	27 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	285 KB
5	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2190 google-bidout-d.openx.net — Cisco Umbrella Rank: 2191 eu-u.openx.net — Cisco Umbrella Rank: 3562 us-u.openx.net — Cisco Umbrella Rank: 863	2 KB
5	doubleverify.com pub.doubleverify.com — Cisco Umbrella Rank: 6361 vtrk.doubleverify.com — Cisco Umbrella Rank: 1567	12 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	338 KB
4	amazon-adsystem.com 2 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1066 s.amazon-adsystem.com Failed	3 KB
3	rlcdn.com check.analytics.rlcdn.com — Cisco Umbrella Rank: 5683 api.rlcdn.com — Cisco Umbrella Rank: 1465	1020 B
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113 imasdk.googleapis.com — Cisco Umbrella Rank: 657	356 KB
3	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1669	601 B
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 897	74 KB
3	navdmp.com tag.navdmp.com — Cisco Umbrella Rank: 39336 usr.navdmp.com — Cisco Umbrella Rank: 46182 cdn.navdmp.com — Cisco Umbrella Rank: 11709	6 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 637	529 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 954	1 KB
2	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 2163	2 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1393 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1398	12 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 558	3 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1223 id5-sync.com — Cisco Umbrella Rank: 687	31 KB
2	google.ch www.google.ch — Cisco Umbrella Rank: 18208	562 B
1	gstatic.com csi.gstatic.com	234 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 481	762 B
1	youborafds01.com a-fds.youborafds01.com — Cisco Umbrella Rank: 10718	376 B
1	globovideos.com api.globovideos.com — Cisco Umbrella Rank: 219443	945 B
1	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 6085	559 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2880	1 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2392	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2724	3 KB
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 2129	24 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 178	2 KB
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 1035	337 B
1	prmutv.co d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co — Cisco Umbrella Rank: 255592	394 B
1	permutive.app d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app — Cisco Umbrella Rank: 145516	322 KB
1	cutt.ly 1 redirects cutt.ly — Cisco Umbrella Rank: 50739	468 B
0	linkedin.com Failed px.ads.linkedin.com Failed
0	yahoo.com Failed pr-bh.ybp.yahoo.com Failed
411	48

	Domain	Requested by
110	s3.glbimg.com	gshow.globo.com www.googletagmanager.com s3.glbimg.com p.glbimg.com cdn.ampproject.org s.glbimg.com barra.globo.com
52	s0.2mdn.net	gshow.globo.com s0.2mdn.net imasdk.googleapis.com
18	securepubads.g.doubleclick.net	gshow.globo.com securepubads.g.doubleclick.net s3.glbimg.com 6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com www.googletagservices.com
16	s2.glbimg.com	gshow.globo.com
13	tpc.googlesyndication.com	6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
12	fundingchoicesmessages.google.com	s3.glbimg.com gshow.globo.com
9	cdn.ampproject.org	gshow.globo.com cdn.ampproject.org
7	pagead2.googlesyndication.com	www.googletagservices.com imasdk.googleapis.com securepubads.g.doubleclick.net tpc.googlesyndication.com
7	api.permutive.com	d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
7	sb.scorecardresearch.com	3 redirects gshow.globo.com
6	cm.g.doubleclick.net	3 redirects google-bidout-d.openx.net
6	6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com gshow.globo.com
5	www.googletagservices.com	6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com
5	ib.adnxs.com	d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app ads.rubiconproject.com acdn.adnxs.com
5	s2-gshow.glbimg.com	gshow.globo.com
5	www.googletagmanager.com	gshow.globo.com www.googletagmanager.com
4	prebid-a.rubiconproject.com	ads.rubiconproject.com
4	aax-eu.amazon-adsystem.com	2 redirects google-bidout-d.openx.net
4	gum.criteo.com	static.criteo.net gum.criteo.com
4	y.clarity.ms	www.clarity.ms
3	pixel.rubiconproject.com	2 redirects
3	token.rubiconproject.com	2 redirects eus.rubiconproject.com
3	horizon-track.globo.com	s3.glbimg.com
3	ping.chartbeat.net	gshow.globo.com
3	static.criteo.net	securepubads.g.doubleclick.net ads.rubiconproject.com static.criteo.net
3	www.google.com	1 redirects gshow.globo.com tpc.googlesyndication.com
3	s.glbimg.com	gshow.globo.com s.glbimg.com
3	globo-ab.globo.com	gshow.globo.com p.glbimg.com s3.glbimg.com
3	pub.doubleverify.com	s3.glbimg.com pub.doubleverify.com
3	usergate.globo.com	s3.glbimg.com gshow.globo.com
3	recomendacao.globo.com	gshow.globo.com s3.glbimg.com
2	eus.rubiconproject.com	ads.rubiconproject.com eus.rubiconproject.com
2	c.clarity.ms	1 redirects
2	check.analytics.rlcdn.com	ads.rubiconproject.com
2	imasdk.googleapis.com	s3.glbimg.com imasdk.googleapis.com
2	match.adsrvr.org	google-bidout-d.openx.net
2	c1.adform.net	2 redirects
2	prg.smartadserver.com	ads.rubiconproject.com
2	fastlane.rubiconproject.com	ads.rubiconproject.com
2	bidder.criteo.com	ads.rubiconproject.com
2	oajs.openx.net	1 redirects gshow.globo.com
2	cocoon.globo.com	s.glbimg.com
2	cdn.jsdelivr.net	securepubads.g.doubleclick.net ads.rubiconproject.com
2	b.t.tailtarget.com	d.tailtarget.com
2	www.google.ch	gshow.globo.com
2	www.clarity.ms	www.googletagmanager.com www.clarity.ms
2	d.tailtarget.com	gshow.globo.com d.tailtarget.com
2	vtrk.doubleverify.com	pub.doubleverify.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	region1.google-analytics.com	www.googletagmanager.com
2	barra.globo.com	gshow.globo.com
2	gshow.globo.com	s3.glbimg.com
1	acdn.adnxs.com	ads.rubiconproject.com
1	api.rlcdn.com	ads.rubiconproject.com
1	csi.gstatic.com	pagead2.googlesyndication.com
1	c.bing.com	1 redirects
1	pubads.g.doubleclick.net	imasdk.googleapis.com
1	s03.video.glbimg.com	gshow.globo.com
1	a-fds.youborafds01.com	s3.glbimg.com
1	api.globovideos.com	s3.glbimg.com
1	us-u.openx.net	google-bidout-d.openx.net
1	eu-u.openx.net	google-bidout-d.openx.net
1	fonts.googleapis.com	6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com
1	t.tailtarget.com	gshow.globo.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	tt-12842-2.seg.t.tailtarget.com	d.tailtarget.com
1	esp.rtbhouse.com	invstatic101.creativecdn.com
1	horizon-schemas.globo.com	s3.glbimg.com
1	horizon.globo.com	gshow.globo.com
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	ads.rubiconproject.com	s3.glbimg.com
1	googleads.g.doubleclick.net	1 redirects
1	static.chartbeat.com	gshow.globo.com
1	www.googleadservices.com	www.googletagmanager.com
1	beacon.krxd.net	tag.navdmp.com
1	cdn.navdmp.com	tag.navdmp.com
1	cdn.permutive.com	d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
1	d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co	d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
1	usr.navdmp.com	tag.navdmp.com
1	d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app	s3.glbimg.com
1	tags.t.tailtarget.com	s3.glbimg.com
1	tag.navdmp.com	s3.glbimg.com
1	p.glbimg.com	gshow.globo.com
1	cutt.ly	1 redirects
0	px.ads.linkedin.com Failed
0	pr-bh.ybp.yahoo.com Failed
0	s.amazon-adsystem.com Failed
0	globo-mab.globo.com Failed	s3.glbimg.com
411	95

This site contains links to these domains. Also see Links.

Domain
www.globo.com
g1.globo.com
ge.globo.com
globoplay.globo.com
assine.globo.com
minhaconta.globo.com
globoads.globo.com
grupoglobo.globo.com
privacidade.globo.com

Subject Issuer	Validity	Valid
gshow.globo.com RapidSSL TLS RSA CA G1	`2023-09-08` - `2024-09-08`	a year	crt.sh
s3.glbimg.com RapidSSL TLS RSA CA G1	`2023-05-02` - `2024-05-02`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.glbimg.com RapidSSL TLS RSA CA G1	`2023-05-11` - `2024-05-10`	a year	crt.sh
barra.globo.com RapidSSL TLS RSA CA G1	`2023-05-15` - `2024-05-15`	a year	crt.sh
recomendacao.globo.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-12-15` - `2023-12-15`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-04` - `2024-05-03`	a year	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-08-09`	a year	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2023-09-07` - `2023-12-06`	3 months	crt.sh
usergate.globo.com RapidSSL TLS RSA CA G1	`2023-04-24` - `2024-04-23`	a year	crt.sh
*.prmutv.co R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
api.permutive.com R3	`2023-08-16` - `2023-11-14`	3 months	crt.sh
permutive.com Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-25`	a year	crt.sh
vtrk.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-12-05` - `2024-01-06`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
globo-ab.globo.com R3	`2023-08-09` - `2023-11-07`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.ch GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-07-27` - `2023-10-25`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-08-26` - `2023-11-24`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
cocoon.globo.com RapidSSL TLS RSA CA G1	`2023-09-07` - `2024-09-07`	a year	crt.sh
horizon.globo.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-10-22` - `2023-10-23`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
horizon-schemas.globo.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-03-15`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-09-10` - `2023-12-09`	3 months	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
horizon-track.globo.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-10-23` - `2023-10-24`	a year	crt.sh
api.globovideos.com RapidSSL TLS RSA CA G1	`2023-05-06` - `2024-05-06`	a year	crt.sh
*.youborafds01.com Go Daddy Secure Certificate Authority - G2	`2022-10-11` - `2023-11-12`	a year	crt.sh
*.video.glbimg.com RapidSSL TLS RSA CA G1	`2023-05-31` - `2024-05-31`	a year	crt.sh
analytics.rlcdn.com Amazon RSA 2048 M02	`2023-06-27` - `2024-07-24`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Frame ID: 3EB7EFE130C4F4975EB990F566E847FD
Requests: 297 HTTP requests in this frame

Frame: https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-topics/prod/topics.html
Frame ID: C79BC719DC6A7F2C93258D1A901DB399
Requests: 2 HTTP requests in this frame

Frame: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A9B0DC372C2B40D3FB5DD5D77537EEF6
Requests: 1 HTTP requests in this frame

Frame: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 781AB71237EF9A95216BDAA3AD359039
Requests: 9 HTTP requests in this frame

Frame: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7DF7211392A26DC2A54346FFAA56669C
Requests: 8 HTTP requests in this frame

Frame: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4DC0769E61CA3EA7427AB620F128839F
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=gshow.globo.com
Frame ID: 8324EEEB16C49970C195B36262AAEA4A
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 1E90AA815B8B2543ADE08E27B9E07393
Requests: 6 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/index.html
Frame ID: 842BF3187EA2643F31C9DBC80D5CEA22
Requests: 13 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/index.html
Frame ID: B563A2AF6252A7C76454EDE075771152
Requests: 12 HTTP requests in this frame

Frame: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 35306B537400BE9CA329B6AC309C240E
Requests: 7 HTTP requests in this frame

Frame: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2A1C3CCAB5B122EA453D38A20322A969
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html
Frame ID: 54477AA587C9D9326030EB6830B4CDF9
Requests: 11 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html
Frame ID: 2FAEDCD63D23D48938BF27E705B27542
Requests: 11 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.590.0_pt_br.html
Frame ID: 9F998C6CE94BB6C1B480EA663D1C9E19
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1E3ACD29E142C2E9D56C0E1D39EE855A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=gshow.globo.com
Frame ID: BCAEDDC34881FD36AF12D108A37814A6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D5C3B69F411417BB58264882A37213CA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C7F394F83F30DCA11E1B371F9AED50B7
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 240FC817FA3FFD70B4F9F32AF2BD0D57
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 8BA241CF99240A122001338F0A01EEF8
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hercai: Amor e Vingança; novela turca estreia no Globoplay | Mundo de novela | gshow

Page URL History Show full URLs

https://cutt.ly/WwcQocFp HTTP 301
https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-... Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

411
Requests

94 %
HTTPS

0 %
IPv6

48
Domains

95
Subdomains

73
IPs

8
Countries

5704 kB
Transfer

18232 kB
Size

84
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.globo.com/?utm_source=barraGCOM

Search URL Search Domain Scan URL

URL: https://g1.globo.com/?utm_source=barraGCOM
Title: g1

Search URL Search Domain Scan URL

URL: https://ge.globo.com/?utm_source=barraGCOM
Title: ge

Search URL Search Domain Scan URL

URL: https://globoplay.globo.com/?utm_source=barraGCOM

Search URL Search Domain Scan URL

URL: https://assine.globo.com/globocom/index.jsp?origemId=148&utm_source=barraGCOM
Title: ASSINE JÁ

Search URL Search Domain Scan URL

URL: https://globoplay.globo.com/hercai-amor-e-vinganca/t/ZKzQCbRGTL/?origemId=1020&utm_source=gshow&utm_medium=home&utm_campaign=gshow-edit&utm_term=hercai
Title: Hercai: Amor e Vingança

Search URL Search Domain Scan URL

URL: https://globoplay.globo.com/
Title: Globoplay

Search URL Search Domain Scan URL

URL: https://globoplay.globo.com/mae/t/Mmn9ZrYhJS/
Title: Mãe

Search URL Search Domain Scan URL

URL: https://globoplay.globo.com/amor-e-honra/t/wF7TG6Qc8M/
Title: Amor e Honra

Search URL Search Domain Scan URL

URL: https://globoplay.globo.com/terra-amarga/t/FRkDVPQBxD/
Title: Terra Amarga

Search URL Search Domain Scan URL

URL: https://globoplay.globo.com/sr-errado/t/sN8vbbVV2f/
Title: Senhor Errado

Search URL Search Domain Scan URL

URL: https://g1.globo.com/principios-editoriais-do-grupo-globo.html
Title: princípios editoriais

Search URL Search Domain Scan URL

URL: https://www.globo.com/privacidade.html
Title: política de privacidade

Search URL Search Domain Scan URL

URL: https://minhaconta.globo.com/
Title: minha conta

Search URL Search Domain Scan URL

URL: https://globoads.globo.com/
Title: anuncie conosco

Search URL Search Domain Scan URL

URL: https://globoplay.globo.com/todas-as-flores/t/pp7sN9wfdb?origemId=1376&utm_source=gcom&utm_medium=gshow&utm_campaign=aq-org_gcom_conteudo_up_alc_link_web_tier1_novela_tdflores&utm_content=link&utm_term=menu-gshow
Title: no globoplay

Search URL Search Domain Scan URL

URL: http://grupoglobo.globo.com/
Title: grupo globo

Search URL Search Domain Scan URL

URL: https://privacidade.globo.com/
Title: Portal da Privacidade

Search URL Search Domain Scan URL

URL: https://privacidade.globo.com/privacy-policy/
Title: Política de Privacidade.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cutt.ly/WwcQocFp HTTP 301
https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://sb.scorecardresearch.com/cs/6035227/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 80

https://sb.scorecardresearch.com/b?c1=2&c2=6035227&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1695261231672&ns_c=UTF-8&c7=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&c8=Hercai%3A%20Amor%20e%20Vingan%C3%A7a%3B%20novela%20turca%20estreia%20no%20Globoplay%20%7C%20Mundo%20de%20novela%20%7C%20gshow&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035227&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1695261231672&ns_c=UTF-8&c7=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&c8=Hercai%3A%20Amor%20e%20Vingan%C3%A7a%3B%20novela%20turca%20estreia%20no%20Globoplay%20%7C%20Mundo%20de%20novela%20%7C%20gshow&c9=

Request Chain 163

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/350497967/?random=565605644&cv=11&fst=1695261232135&bg=ffffff&guid=ON&async=1&gtm=45He39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&label=Un9pCOngyuIDEK_ZkKcB&hn=www.googleadservices.com&frm=0&tiba=Hercai%3A%20Amor%20e%20Vingan%C3%A7a%3B%20novela%20turca%20estreia%20no%20Globoplay%20%7C%20Mundo%20de%20novela%20%7C%20gshow&value=0&auid=89501441.1695261232&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=MKILZfiNE4Ce7_UPnpOvuA0&sscte=1&crd=&eitems=ChAI8LCqqAYQtI6Fo7_Yl9Q1Eh0Aj_HEt4TEnZLPQF_QjVScq2G_SiehIaLrmWQ3vg&pscrd=EktDaEFJOExDcXFBWVFtX25kaW9UWjlib2VFaVFBQ3VPbWtYeGZzNlBOekVja09YOGxvdUYzN3hEY1JDV1VXSXNKa1dBRElCZHhtSTgaVkNoQUk4TENxcUFZUXhLTGk2UHl3MVlraEVpd0E0VUZkQTdZSXphTWNsLVBIRHVha2ExSVJBZk8xeG5IaFd0Qmo1UGhvQW5MTllNM0hVeFlRaHVuaVBBIhMI-OW2nMy6gQMVAM-7CB2eyQvX HTTP 302
https://www.google.com/pagead/1p-conversion/350497967/?random=565605644&cv=11&fst=1695261232135&bg=ffffff&guid=ON&async=1&gtm=45He39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&label=Un9pCOngyuIDEK_ZkKcB&hn=www.googleadservices.com&frm=0&tiba=Hercai%3A%20Amor%20e%20Vingan%C3%A7a%3B%20novela%20turca%20estreia%20no%20Globoplay%20%7C%20Mundo%20de%20novela%20%7C%20gshow&value=0&auid=89501441.1695261232&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EktDaEFJOExDcXFBWVFtX25kaW9UWjlib2VFaVFBQ3VPbWtYeGZzNlBOekVja09YOGxvdUYzN3hEY1JDV1VXSXNKa1dBRElCZHhtSTgaVkNoQUk4TENxcUFZUXhLTGk2UHl3MVlraEVpd0E0VUZkQTdZSXphTWNsLVBIRHVha2ExSVJBZk8xeG5IaFd0Qmo1UGhvQW5MTllNM0hVeFlRaHVuaVBBIhMI-OW2nMy6gQMVAM-7CB2eyQvX&is_vtc=1&ocp_id=MKILZfiNE4Ce7_UPnpOvuA0&eitems=ChAI8LCqqAYQtI6Fo7_Yl9Q1Eh0Aj_HEt23fS_w3t01-IjHiY1jsYetnM_sYbpgIUg&random=761971321 HTTP 302
https://www.google.ch/pagead/1p-conversion/350497967/?random=565605644&cv=11&fst=1695261232135&bg=ffffff&guid=ON&async=1&gtm=45He39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&label=Un9pCOngyuIDEK_ZkKcB&hn=www.googleadservices.com&frm=0&tiba=Hercai%3A%20Amor%20e%20Vingan%C3%A7a%3B%20novela%20turca%20estreia%20no%20Globoplay%20%7C%20Mundo%20de%20novela%20%7C%20gshow&value=0&auid=89501441.1695261232&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EktDaEFJOExDcXFBWVFtX25kaW9UWjlib2VFaVFBQ3VPbWtYeGZzNlBOekVja09YOGxvdUYzN3hEY1JDV1VXSXNKa1dBRElCZHhtSTgaVkNoQUk4TENxcUFZUXhLTGk2UHl3MVlraEVpd0E0VUZkQTdZSXphTWNsLVBIRHVha2ExSVJBZk8xeG5IaFd0Qmo1UGhvQW5MTllNM0hVeFlRaHVuaVBBIhMI-OW2nMy6gQMVAM-7CB2eyQvX&is_vtc=1&ocp_id=MKILZfiNE4Ce7_UPnpOvuA0&eitems=ChAI8LCqqAYQtI6Fo7_Yl9Q1Eh0Aj_HEt23fS_w3t01-IjHiY1jsYetnM_sYbpgIUg&random=761971321&ipr=y

Request Chain 182

https://sb.scorecardresearch.com/c2/6035227/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 208

https://oajs.openx.net/esp?url=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&rid=esp&cc=1

Request Chain 275

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1945838435035663253

Request Chain 276

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=b76e5f91-a589-c323-304a-c19fe025eee7 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=b76e5f91-a589-c323-304a-c19fe025eee7&dcc=t

Request Chain 279

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBP7CC0wkFsI2JuTqtGs9T4&google_cver=1

Request Chain 390

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=6AA41BE29AD34AE99C246AC88A276915&RedC=c.clarity.ms&MXFR=035A70CCA8EF68121CA9635FACEF6666 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6AA41BE29AD34AE99C246AC88A276915&MUID=260773663B2A68A23A9760F53A2C696D

Request Chain 411

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODA5ODA4NmMzMTdhMmYyOWYyNDMyZDIwYjlkNGNlOGJmZThkNDgzZQ

Request Chain 414

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/eFitUpmELeb6_QPVCu0Edcn5EUdSAgOZEtemQ7w0kco?csrc=

Request Chain 415

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMSIROG8-16-9XZC

Request Chain 416

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE1TSVJPRzgtMTYtOVhaQw== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBPIS2SIpUepMab9Ey0Lijc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1TSVJPRzgtMTYtOVhaQw==&google_push=

Request Chain 417

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJGl6trrFs67l7_8nHSoIrA&google_cver=1

Request Chain 418

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=x5bo3DisSwyIsDnfvn_oRg&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=x5bo3DisSwyIsDnfvn_oRg

411 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml Show response
gshow.globo.com/novelas/mundo-de-novela/noticia/
Redirect Chain

https://cutt.ly/WwcQocFp
https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml

2 MB
212 KB

1146ms
375ms

Document
text/html

186.192.81.35
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.81.35 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-81-35.prt.globo.com

Software

Resource Hash

4cee5949a09977968388165babb80b86694295f16e248a7571ea7e8307921e2a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: max-age=10
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 21 Sep 2023 01:53:47 GMT
expires: Thu, 21 Sep 2023 01:53:57 GMT
show-page-version: 0
vary: X-Forwarded-Proto, User-Agent, Accept-Encoding
via: 2.0 CachOS
x-bip: 15714322 cmah15lx26ca03.globoi.com
x-cache-status: MISS
x-content-type-options: nosniff
x-mobile: desktop
x-request-id: 83d16d1e-ce79-4264-85fd-ad8e331337ee
x-served-from: rpaas-router-gshow-gcp-prod, Show Services GCP
x-thanos: 0A83DC25
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 809ead2b1e9901ef-CDG
content-type: text/html; charset=UTF-8
date: Thu, 21 Sep 2023 01:53:46 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 opensans-regular-normal.woff2
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/foundation/typefaces/ 10 KB
11 KB 844ms
272ms Font
font/woff 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/foundation/typefaces/opensans-regular-normal.woff2
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7

Request headers

Referer: https://gshow.globo.com/
Origin: https://gshow.globo.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:48 GMT
x-openstack-request-id: tx625561a7b7184dfda8a47-0064e8c8e4
last-modified: Mon, 18 Apr 2022 12:42:21 GMT
x-thanos: 0A8250E3
etag: 4124088fdd8c315a6d096b65b6cbf428
vary: Accept-Encoding, Origin
content-type: font/woff
access-control-allow-origin: https://gshow.globo.com
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp: 1650285740.30955
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 10352
x-trans-id: tx625561a7b7184dfda8a47-0064e8c8e4
x-request-id: 0b728346-8db8-46d1-8c1f-3dd825a729e3

GET
H2 200 opensans-semibold-normal.woff2
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/foundation/typefaces/ 16 KB
16 KB 1084ms
511ms Font
font/woff 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/foundation/typefaces/opensans-semibold-normal.woff2
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 3211f0105eedb5873f087c4d715050124d6891cd2746f9e28b78759a80a818ca

Request headers

Referer: https://gshow.globo.com/
Origin: https://gshow.globo.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:48 GMT
x-openstack-request-id: tx400b10cb8ab24f8d929c5-0064e8c8e4
last-modified: Mon, 18 Apr 2022 12:42:28 GMT
x-thanos: 0A8250E3
etag: 365c53275ca5dad1584b7e0bd3a46c1e
vary: Accept-Encoding, Origin
content-type: font/woff
access-control-allow-origin: https://gshow.globo.com
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp: 1650285747.84016
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 16172
x-trans-id: tx400b10cb8ab24f8d929c5-0064e8c8e4
x-request-id: fff290c0-0daa-4b7e-8c45-37b6ab499fc8

GET
H2 200 opensans-bold-normal.woff2
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/foundation/typefaces/ 10 KB
11 KB 1077ms
505ms Font
font/woff 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/foundation/typefaces/opensans-bold-normal.woff2
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: c7c63b43903d698f7c8b28360ce19c81b574db3288a8db01a29ac72ffba1327b

Request headers

Referer: https://gshow.globo.com/
Origin: https://gshow.globo.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:48 GMT
x-openstack-request-id: tx469e0d80872f4637a43e1-0064e8c8e4
last-modified: Mon, 09 May 2022 18:47:42 GMT
x-thanos: 0A8250E3
etag: 8593a5a07cf620d4512fcb71cbcd07a6
vary: Accept-Encoding, Origin
content-type: font/woff
access-control-allow-origin: https://gshow.globo.com
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp: 1652122061.03109
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 10284
x-trans-id: tx469e0d80872f4637a43e1-0064e8c8e4
x-request-id: 62b3c4cb-4586-4780-916e-5b8b418b6525

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
72 KB 520ms
84ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

e5b67149257bc5b172463989ab9e0f33a2229adc07012eb7a7c90468505bd6d1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 21 Sep 2023 01:53:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73017
x-xss-protection: 0
server: sffe
etag: "1fbcd51b50b3cf51"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 21 Sep 2023 01:53:48 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 100 KB
30 KB 586ms
142ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

f000319a2964c6c3874aa4984954f7eca528df0557aa9cdfae565ca31e899360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29877
x-xss-protection: 0
server: cafe
etag: 251 / 19621 / 31078044 / config-hash: 9843192085666301801
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 01:53:49 GMT

GET
H2 200 lib-pub-relay-gshow-latest.js Show response
s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-pub-relay/gshow/prod/ 2 KB
1 KB 987ms
514ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-pub-relay/gshow/prod/lib-pub-relay-gshow-latest.js
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 01307d989b9a7b9f729572dba8a8c5436ae828928cdd8bd6602a29c4ff649416

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
content-encoding: gzip
x-openstack-request-id: tx4b9a6de5e9774f2ba8167-00650ba1a3
last-modified: Tue, 05 Sep 2023 17:40:32 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1693935163.000000
content-type: application/javascript
x-timestamp: 1693935631.13815
cache-control: public, max-age=180
x-trans-id: tx4b9a6de5e9774f2ba8167-00650ba1a3
x-request-id: 26c259d0-ef9a-410a-9797-1c84914e4d07

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 298 KB
95 KB 541ms
99ms Script
application/javascript 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PS8KQR6

Requested by

Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.200 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6222fea68fff300087c11e1aec429536ba86edc7a600ab5f61dcea885cd6e2c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97360
x-xss-protection: 0
last-modified: Thu, 21 Sep 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Sep 2023 01:53:49 GMT

GET
H2 200 amp-social-share-0.1.js Show response
cdn.ampproject.org/v0/ 14 KB
5 KB 74ms
72ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-social-share-0.1.js

Requested by

Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

4095ef60dc2a51dadc1d2f407052a07ba2358e86c5b748a784328e2e6376722c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 21 Sep 2023 01:53:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4735
x-xss-protection: 0
server: sffe
etag: "f4656ca95aa76a9d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 21 Sep 2023 01:53:48 GMT

GET
H2 200 amp-timeago-0.1.js Show response
cdn.ampproject.org/v0/ 37 KB
9 KB 66ms
64ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-timeago-0.1.js

Requested by

Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

1c5e3616522e0f74d1294012414ac84d5e10691b0205307aa446eaf85a7c6cff

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 21 Sep 2023 01:53:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9077
x-xss-protection: 0
server: sffe
etag: "559a9a7a10d438b4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 21 Sep 2023 01:53:48 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/v0/ 7 KB
3 KB 68ms
66ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-fit-text-0.1.js

Requested by

Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

fc925f34ccc4d97d89b5b5b0ccca6a2ef842070eaa2be0c89dcd6d462a78e8a8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 21 Sep 2023 01:53:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2512
x-xss-protection: 0
server: sffe
etag: "ed0804112cc0f574"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 21 Sep 2023 01:53:48 GMT

GET
H2 200 amp-bind-0.1.js Show response
cdn.ampproject.org/v0/ 50 KB
16 KB 75ms
74ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-bind-0.1.js

Requested by

Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

9b7f4244fefd45a75e2d467f878917dbf5fd1f2cdf7fbe137caeb41ed4934703

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 21 Sep 2023 01:53:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16387
x-xss-protection: 0
server: sffe
etag: "16a91fea653d791a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 21 Sep 2023 01:53:48 GMT

GET
H2 200 amp-lightbox-gallery-0.1.js Show response
cdn.ampproject.org/v0/ 65 KB
19 KB 71ms
70ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-lightbox-gallery-0.1.js

Requested by

Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

f367910ad1f001579bc2c6efa6718493e550eac208d508b1018431fb93ec3adb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 21 Sep 2023 01:53:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19027
x-xss-protection: 0
server: sffe
etag: "980f0c4f455d8d34"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 21 Sep 2023 01:53:48 GMT

GET
H2 200 amp-carousel-0.1.js Show response
cdn.ampproject.org/v0/ 38 KB
11 KB 88ms
87ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.1.js

Requested by

Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

98c3bd2e43a30c99df9d6c32ebbefbf4f0d511dc1e71ac536c4474f186fa11b8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 21 Sep 2023 01:53:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11517
x-xss-protection: 0
server: sffe
etag: "28a7807ad18ceac4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 21 Sep 2023 01:53:48 GMT

GET
H2 200 amp-video-0.1.js Show response
cdn.ampproject.org/v0/ 52 KB
16 KB 69ms
67ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-video-0.1.js

Requested by

Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

3d5ab4eba40791fca18dcfb4d83af4d6beecaa444a6d45a38cf4cc86a3892d49

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 21 Sep 2023 01:53:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15910
x-xss-protection: 0
server: sffe
etag: "6c70c043ded8114b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 21 Sep 2023 01:53:48 GMT

GET
H2 200 share.bar.min.css
s3.glbimg.com/cdn/libs/share-bar/3.1.3/ 5 KB
1 KB 831ms
288ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/libs/share-bar/3.1.3/share.bar.min.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 487a65e276851aaf53d465f08bdca09aeb25b9adf2675d72fa850ceb8db8a7ee

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
content-encoding: gzip
x-openstack-request-id: tx973d739ce68d4ef3ad063-0065031f40
last-modified: Wed, 01 Aug 2018 19:23:10 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1533151389.28713
cache-control: max-age=604800
x-trans-id: tx973d739ce68d4ef3ad063-0065031f40
x-request-id: 2e5d005e-3a84-42d3-bbde-6414c74426f0

GET
H2 200 1686862038468327.jpg
s2-gshow.glbimg.com/mpjOhevGmAF-uK-ZZHiV9FVSas8=/64x64/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_e84042ef78cb4708aeebdf1c68c6cbd6/internal_photos/bs/2023/N/h/W4J5v9TEmYBhoigjYGTw/ 2 KB
2 KB 3552ms
2782ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-gshow.glbimg.com/mpjOhevGmAF-uK-ZZHiV9FVSas8=/64x64/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_e84042ef78cb4708aeebdf1c68c6cbd6/internal_photos/bs/2023/N/h/W4J5v9TEmYBhoigjYGTw/1686862038468327.jpg
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: afc4323c2dd95213e9782ef3b431bf34463a3cc815e5538bdd4e33811b827dda

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
via: 2.0 CachOS
x-bip: 17980558 cmah25lx27ca02.globoi.com
age: 0
x-cache-server: thumbor/nginx-cache
content-length: 1738
x-cached: MISS
x-request-id: e8c55839-ec4e-44cb-b6f1-5c624bdbc1e2
x-forwarded-host: s2-gshow.glbimg.com
x-thanos: 0A825C09
etag: "24abaac24a54dba6e7b875421972a57a217a6a9a"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Sat, 21 Oct 2023 01:53:49 GMT

GET
H2 200 1689094494129919.jpg
s2-gshow.glbimg.com/-F4X_qpXVnM65ce4bSC8C4j3SAo=/64x64/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_e84042ef78cb4708aeebdf1c68c6cbd6/internal_photos/bs/2023/3/t/NwtqbWRFKqmbqvAKE6bA/ 2 KB
2 KB 1313ms
543ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-gshow.glbimg.com/-F4X_qpXVnM65ce4bSC8C4j3SAo=/64x64/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_e84042ef78cb4708aeebdf1c68c6cbd6/internal_photos/bs/2023/3/t/NwtqbWRFKqmbqvAKE6bA/1689094494129919.jpg
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 11dbb949105f12d5499cf95da3c5d844f2af493387ca4511ac6cb1133b970aed

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
via: 2.0 CachOS
x-bip: 17328351 cmah25lx27ca02.globoi.com
age: 0
x-cache-server: thumbor/nginx-cache
content-length: 1594
x-cached: MISS
x-request-id: a551e6a4-983e-4bc5-9b4f-f8078f4db565
x-forwarded-host: s2-gshow.glbimg.com
x-thanos: 0A825C09
etag: "556fec4e856a89cbdd5b82aeacebe048da22b6d9"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Sat, 21 Oct 2023 01:53:49 GMT

GET
H2 200 skeleton-title.svg
s3.glbimg.com/v1/AUTH_1c3ee56c57864e2b9a34135c5ee67caf/gshow/components/show-shadow-video-flow-section/ 152 B
506 B 964ms
520ms Image
image/svg+xml 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.glbimg.com/v1/AUTH_1c3ee56c57864e2b9a34135c5ee67caf/gshow/components/show-shadow-video-flow-section/skeleton-title.svg
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 7fe5edc1233a99e69285bb14c0e55cf757206f59657c8343e4ddcae207bf1758

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
x-openstack-request-id: tx460b30b8bfd1476886d41-00650ba1df
last-modified: Mon, 19 Sep 2022 20:38:15 GMT
x-thanos: 0A865013
etag: c00e1f39634a88541720c821cef1785a
vary: Accept-Encoding, Origin
content-type: image/svg+xml
x-timestamp: 1663619894.95698
cache-control: public, max-age=180
accept-ranges: bytes
content-length: 152
x-trans-id: tx460b30b8bfd1476886d41-00650ba1df
x-request-id: 96de8afd-93eb-4d0b-8075-7859b0d8b1c0

GET
H2 200 skeleton-playlist.svg
s3.glbimg.com/v1/AUTH_1c3ee56c57864e2b9a34135c5ee67caf/gshow/components/show-shadow-video-flow-section/ 163 B
516 B 732ms
289ms Image
image/svg+xml 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.glbimg.com/v1/AUTH_1c3ee56c57864e2b9a34135c5ee67caf/gshow/components/show-shadow-video-flow-section/skeleton-playlist.svg
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 5cdb7f788c28141287f93e155304725c16c9cce3c46b34588ec1eed98fc40b9c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
x-openstack-request-id: tx9b08a8e92c164400b1e12-00650ba19d
last-modified: Mon, 19 Sep 2022 20:38:15 GMT
x-thanos: 0A865013
etag: 530f4ee5b2c11499b868d9bdadfca847
vary: Accept-Encoding, Origin
content-type: image/svg+xml
x-timestamp: 1663619894.95352
cache-control: public, max-age=180
accept-ranges: bytes
content-length: 163
x-trans-id: tx9b08a8e92c164400b1e12-00650ba19d
x-request-id: 209035c3-a94d-459d-b48b-6c9ed3fab488

GET
H2 200 bastian-202306515ae5110e462aa9ae560572eed62f1f.js Show response
s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/dsframework/build/mr_240588/client/ 228 KB
80 KB 1298ms
992ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/dsframework/build/mr_240588/client/bastian-202306515ae5110e462aa9ae560572eed62f1f.js
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: a5617077e1d76ad0ff4b79908f05be30dbc67d5e5264b9d90f7be0c36f0fd20a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
content-encoding: gzip
x-openstack-request-id: tx85a01ee58821414d91f92-00650a090e
last-modified: Wed, 21 Jun 2023 19:47:32 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: application/javascript
x-timestamp: 1687376851.62744
cache-control: public, max-age=2592000
x-trans-id: tx85a01ee58821414d91f92-00650a090e
x-request-id: c3363450-232e-41ab-8919-8d55f5396dd1

GET
H2 200 a7ef0daa-8cec-4760-9b8e-2ca484712f28.js Show response
s3.glbimg.com/v1/AUTH_c631e406debd4c4fac98a09d48dc17d1/bastian-post/prod/gshow/1f32de63-411c-4878-adad-c7d7897a0dfe/ 1 MB
379 KB 1049ms
742ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c631e406debd4c4fac98a09d48dc17d1/bastian-post/prod/gshow/1f32de63-411c-4878-adad-c7d7897a0dfe/a7ef0daa-8cec-4760-9b8e-2ca484712f28.js
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 1092b7aaf33c16c12fdc2bdea9d6d7aa952734df37d4309bd6a7c595069431b5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
content-encoding: gzip
x-openstack-request-id: tx612eaf8648bb4ac6bb445-00650ba211
last-modified: Wed, 20 Sep 2023 16:38:02 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: application/javascript
x-timestamp: 1695227881.61389
cache-control: public, max-age=180
x-trans-id: tx612eaf8648bb4ac6bb445-00650ba211
x-request-id: edd6303a-1d45-45e2-bb99-31032acd3e2f

GET
H2 200 a7ef0daa-8cec-4760-9b8e-2ca484712f28.css
s3.glbimg.com/v1/AUTH_c631e406debd4c4fac98a09d48dc17d1/bastian-post/prod/gshow/1f32de63-411c-4878-adad-c7d7897a0dfe/ 134 KB
22 KB 1064ms
757ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c631e406debd4c4fac98a09d48dc17d1/bastian-post/prod/gshow/1f32de63-411c-4878-adad-c7d7897a0dfe/a7ef0daa-8cec-4760-9b8e-2ca484712f28.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 9836a7543a0881993fcb2e20413e6189be326e9ff9e8218b90723f5cdc35f06f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
content-encoding: gzip
x-openstack-request-id: txf1ef05294e48485d85c0b-00650ba1f3
last-modified: Wed, 20 Sep 2023 16:38:07 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css; charset=utf-8
x-timestamp: 1695227886.65198
cache-control: public, max-age=180
x-trans-id: txf1ef05294e48485d85c0b-00650ba1f3
x-request-id: 767fad07-ca7c-481c-bb1a-9ba51315230d

GET
H2 200 api.min.js Show response
p.glbimg.com/api/stable/ 42 KB
13 KB 1107ms
511ms Script
text/javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://p.glbimg.com/api/stable/api.min.js

Requested by

Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

171a128c043d930abdd29b98c54e26baa4c852db3404d78b948fe0ff948a4a19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-location-rule: barra-gcs
date: Thu, 21 Sep 2023 01:53:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 2.0 CachOS
x-bip: 39051869 cmah19lx17ca02.globoi.com
age: 1154
x-cache-status: HIT
content-length: 12654
x-xss-protection: 1; mode=block
x-request-id: 11b22093-c684-40ff-ab20-ad60cab6f8a5
last-modified: Tue, 03 Jan 2023 00:49:51 GMT
x-thanos: 0A819C63
etag: W/"d82e539ab2fdc0f51354d1f15969ebbe"
vary: Accept-Encoding, Origin
x-served-from: estaticos-gcp-prod
content-type: text/javascript; charset=utf-8
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Fri, 22 Sep 2023 01:34:35 GMT

GET
H2 200 barra-globocom.min.css
barra.globo.com/gl/ba/oidcprodutos/css/ 22 KB
5 KB 1294ms
518ms Stylesheet
text/css 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://barra.globo.com/gl/ba/oidcprodutos/css/barra-globocom.min.css

Requested by

Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

d01b2cf5b15e8ea0ef57c0ccc66a390b354d8dbc11410035fb73eb12ab3ee514

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-location-rule: barra-legado
date: Thu, 21 Sep 2023 01:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 2.0 CachOS
x-bip: 16232626 cmah15lx26ca01.globoi.com
age: 261
x-cache-status: HIT
x-goog-meta-x-goog-reserved-source-generation: 1669739324870000
content-length: 4317
x-xss-protection: 1; mode=block
x-request-id: 129c8c5b-bf30-4f7d-9432-969bd6d2a4c7
last-modified: Fri, 02 Jun 2023 19:14:58 GMT
x-thanos: 0A83DC23
etag: W/"c580509368f67b01edaa2d4f8057bbbe"
vary: Accept-Encoding, Origin
x-served-from: estaticos-gcp-prod
content-type: text/css; charset=utf-8
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 21 Sep 2023 01:54:28 GMT

GET
H2 200 lgpd-lib.min.css
s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/ 11 KB
2 KB 716ms
503ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/lgpd-lib.min.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 507acc179bfa7c929b83831d028f83b5fa85a02c9426588657ece1da51ae6b43

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
content-encoding: gzip
x-openstack-request-id: txb37fbae4f2864d938ac6b-00650b08b6
last-modified: Mon, 09 Jan 2023 17:51:24 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css; charset=utf-8
x-timestamp: 1673286683.73068
cache-control: public, max-age=86400
x-trans-id: txb37fbae4f2864d938ac6b-00650b08b6
x-request-id: db227a86-5a82-46ed-936a-2b6115d6e40e

GET
H2 200 lgpd-lib.min.js Show response
s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/ 46 KB
15 KB 1204ms
992ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/lgpd-lib.min.js
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: ec0d8435d5d30bc297e0b2db3f87fe8fc998b3440d56f33205e702c57a84443d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
content-encoding: gzip
x-openstack-request-id: txab9bd0ad808744a7a7721-00650b08c0
last-modified: Mon, 09 Jan 2023 17:51:24 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
x-timestamp: 1673286683.73565
cache-control: public, max-age=86400
x-trans-id: txab9bd0ad808744a7a7721-00650b08c0
x-request-id: f7331529-c7db-4149-ab3c-f7b46c98a265

GET
H2 200 jquery.min.js Show response
s3.glbimg.com/cdn/libs/jquery/1.8.3/ 91 KB
38 KB 421ms
421ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/libs/jquery/1.8.3/jquery.min.js
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

Referer: https://gshow.globo.com/
Origin: https://gshow.globo.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
content-encoding: gzip
x-openstack-request-id: tx9a18aef25180449c94a18-006478b8eb
last-modified: Tue, 09 Oct 2018 19:06:54 GMT
x-thanos: 0A8250E3
vary: Accept-Encoding, Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp: 1539112013.52960
cache-control: max-age=31536000
x-trans-id: tx9a18aef25180449c94a18-006478b8eb
x-request-id: fcf60853-935e-498f-88c1-a6131dbdfc8b

GET
H2 200 chartbeat.min.js Show response
s3.glbimg.com/v1/AUTH_ba8e460c944543468c3c80cb9675751f/integracoes/chartbeat/ 11 KB
5 KB 691ms
504ms Script
application/json 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_ba8e460c944543468c3c80cb9675751f/integracoes/chartbeat/chartbeat.min.js
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 2ef71a48bf8407d91bab7ca25c6eb95f2ed116150b2dd22940c33e224a76d5dc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
content-encoding: gzip
x-openstack-request-id: txc50fdeef055c415b80cbe-00650ba1fe
last-modified: Fri, 31 Mar 2023 15:17:57 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: application/json
x-timestamp: 1680275876.41607
cache-control: public, max-age=180
x-trans-id: txc50fdeef055c415b80cbe-00650ba1fe
x-request-id: 193d65fd-a8bb-4cbc-b587-b7d619455913

GET
H2 200 player-plugin-login-screen.min.js Show response
s3.glbimg.com/cdn/libs/clappr-plugins/login-screen/1.2.1/ 14 KB
6 KB 476ms
289ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/libs/clappr-plugins/login-screen/1.2.1/player-plugin-login-screen.min.js
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: dc4e146a2655cfb114856a6c212558a39c3712385a04db65561821bc45ab0353

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
content-encoding: gzip
x-openstack-request-id: tx12816c935b064f52a02de-00644a8d06
last-modified: Mon, 20 Jun 2022 18:43:06 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1655750585.49324
cache-control: public, max-age=155520000
x-trans-id: tx12816c935b064f52a02de-00644a8d06
x-request-id: 79da08be-af66-436e-8ceb-e377711a26ce

GET
H2 200 api.min.js Show response
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/api/stable/web/ 44 KB
15 KB 706ms
519ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/api/stable/web/api.min.js
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 2fe3a6f51dffc0843daa46b85777e305e57b0423da47efae4b4ce5e30bb3f7de

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
content-encoding: gzip
x-openstack-request-id: txea3ec97cb7774d65b32d3-00650b96f7
last-modified: Mon, 18 Sep 2023 18:03:15 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1695059063.000000
content-type: application/javascript
x-timestamp: 1695060194.72983
cache-control: public, max-age=3600
x-trans-id: txea3ec97cb7774d65b32d3-00650b96f7
x-request-id: b1bd5bda-814f-4477-a43c-c903aa557440

GET
H2 200 share.bar.min.js Show response
s3.glbimg.com/cdn/libs/share-bar/3.1.3/ 9 KB
5 KB 948ms
761ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/libs/share-bar/3.1.3/share.bar.min.js
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: b6cf693ba917a94630c3fca98e24cbdc740b8631da9816c63adc5c7659a95113

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
content-encoding: gzip
x-openstack-request-id: tx98fed0353c2349228e076-00644a8d06
last-modified: Tue, 23 May 2017 14:27:40 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: application/javascript
x-timestamp: 1495549659.95807
cache-control: max-age=31536000
x-trans-id: tx98fed0353c2349228e076-00644a8d06
x-request-id: fd8a5504-aadf-42f9-b187-25dcf615be60

GET
H2 200 abdef33f115b0d3dc9c16b383d561679.js Show response
s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/ 628 KB
211 KB 428ms
427ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/abdef33f115b0d3dc9c16b383d561679.js
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 3cb0253d1aad7e8d715705c63e94a6a3eabca3007e06374d33c4f949786e8210

Request headers

Referer: https://gshow.globo.com/
Origin: https://gshow.globo.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
content-encoding: gzip
x-openstack-request-id: txef9ac391f80c466191fec-0065084b69
content-length: 215385
x-trans-id: txef9ac391f80c466191fec-0065084b69
x-request-id: 40777af4-b1fe-4e2e-88d0-ccb725b82342
last-modified: Mon, 07 Aug 2023 12:51:53 GMT
x-thanos: 0A8250E3
etag: 4ea90cf7a20642d4c09d56f37a470763
vary: Accept-Encoding, Origin
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: x-object-meta-cache-control, content-language, cache-control, expires, last-modified, etag, x-timestamp, pragma, x-trans-id, x-container-meta-cache-control, content-type, x-openstack-request-id, authorization
x-timestamp: 1691412712.50161
cache-control: public, max-age=604800
accept-ranges: bytes

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 520ms
78ms Script
text/javascript 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS8KQR6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 21 Sep 2023 01:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 246
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 21 Sep 2023 03:49:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 114 KB
44 KB 71ms
70ms Script
application/javascript 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2WNWT2&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS8KQR6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.200 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

101946a2d76f5764bc079f7d53bb32734f03db36b0828c54db304345068d5a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45453
x-xss-protection: 0
last-modified: Thu, 21 Sep 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Sep 2023 01:53:49 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 114 KB
45 KB 74ms
73ms Script
application/javascript 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PFFQ4H9&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS8KQR6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.200 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

47f560edca9c1e6f4b2a3c344d053bc68a77538402faa1af3b640718737a7918

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45485
x-xss-protection: 0
last-modified: Thu, 21 Sep 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Sep 2023 01:53:49 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 238 KB
67 KB 131ms
131ms Script
application/javascript 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MGM2D7G&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS8KQR6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.200 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d3112e913517190cac265b815169e01988d496c89eb7de219546dd00d7e3da7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68396
x-xss-protection: 0
last-modified: Thu, 21 Sep 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Sep 2023 01:53:49 GMT

GET
H2 200 lib-pub-ext-tags-gshow-latest.js Show response
s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-pub-external-tags/gshow/prod/ 4 KB
2 KB 853ms
853ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-pub-external-tags/gshow/prod/lib-pub-ext-tags-gshow-latest.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS8KQR6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 3ae768dadbdcadb249db3ffc92629a0a20396fc3b82ae2a1269ed9348f4e83c9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
content-encoding: gzip
x-openstack-request-id: txb1d97fc9befc405f8d2c9-00650ba18d
last-modified: Wed, 13 Sep 2023 14:43:37 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1694612322.000000
content-type: application/javascript
x-timestamp: 1694616216.89479
cache-control: public, max-age=180
x-trans-id: txb1d97fc9befc405f8d2c9-00650ba18d
x-request-id: b38a1f5b-16ca-4219-b4e9-2e16cea84a90

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 255 KB
87 KB 103ms
103ms Script
application/javascript 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W1G9LMC88G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS8KQR6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.200 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

477f579733d21e33e2bce608472c335098293f9a3fca27768ce91ffa90e26756

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88642
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Sep 2023 01:53:49 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/ 409 KB
129 KB 49ms
48ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31078044

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

520fd704b94c711b19d5c44660660a755d191c4400fd493bde84da71344e30e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 10:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55043
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131891
x-xss-protection: 0
server: cafe
etag: 12284941131365068139
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 19 Sep 2024 10:36:26 GMT

GET
H2 200 dmp.min.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/dmp/ 5 KB
3 KB 800ms
800ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/dmp/dmp.min.js
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 188ad1f5f1635b83df77cd27805c09bf37ec353c01f8bd731c8624612f28f353

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
content-encoding: gzip
x-openstack-request-id: tx250cbf896d9e42daa6724-00650b5fb4
last-modified: Fri, 16 Jun 2023 12:31:17 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1686918676.85556
cache-control: max-age=18000
x-trans-id: tx250cbf896d9e42daa6724-00650b5fb4
x-request-id: eff51c72-fdd9-4233-bffa-e080d29924fc

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 534ms
108ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-W1G9LMC88G&gtm=45je39i0&_p=1968325864&cid=1046947086.1695261230&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=1&sid=1695261229&sct=1&seg=0&dl=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&dt=Hercai%3A%20Amor%20e%20Vingan%C3%A7a%3B%20novela%20turca%20estreia%20no%20Globoplay%20%7C%20Mundo%20de%20novela%20%7C%20gshow&en=scroll&_fv=1&_nsi=1&_ss=2&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W1G9LMC88G&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:53:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gshow.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 regular.woff2
s3.glbimg.com/cdn/fonts/opensans/ 10 KB
11 KB 487ms
486ms Font
application/octet-stream 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/fonts/opensans/regular.woff2
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7

Request headers

Referer: https://gshow.globo.com/
Origin: https://gshow.globo.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
x-openstack-request-id: txe5bf3500e1454c589fe8d-00632c5cb7
last-modified: Tue, 25 Jun 2019 17:36:35 GMT
x-thanos: 0A8250E3
etag: 4124088fdd8c315a6d096b65b6cbf428
vary: Accept-Encoding, Origin
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp: 1561484194.26376
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 10352
x-trans-id: txe5bf3500e1454c589fe8d-00632c5cb7
x-request-id: 81153c08-68eb-432f-87d5-9355a1da3a76

GET
H2 200 opensans-light-normal.woff2
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/foundation/typefaces/ 10 KB
10 KB 580ms
580ms Font
font/woff 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/foundation/typefaces/opensans-light-normal.woff2
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: a51690a59260fd30a04d20955e8e5432f7f05f90c13f04c953789d67548a66b8

Request headers

Referer: https://gshow.globo.com/
Origin: https://gshow.globo.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
x-openstack-request-id: txd6443cd17c6c4355a392b-0064e8c930
last-modified: Mon, 18 Apr 2022 12:38:46 GMT
x-thanos: 0A8250E3
etag: 98b6233d6ac91b3538d60fee0ce3393b
vary: Accept-Encoding, Origin
content-type: font/woff
access-control-allow-origin: https://gshow.globo.com
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp: 1650285525.49592
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 10200
x-trans-id: txd6443cd17c6c4355a392b-0064e8c930
x-request-id: d30db8c6-f306-4491-84d0-d4f759392810

GET
H2 200 lib-analytics.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/Delivery/lib-analytics%20(data%20loader)/ 14 KB
5 KB 680ms
680ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/Delivery/lib-analytics%20(data%20loader)/lib-analytics.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MGM2D7G&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 2088b2c5cca092af48ff8008ceb32df2415de5d178d8808835b0774f994f28d2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
content-encoding: gzip
x-openstack-request-id: txda054babee434ad6b1c40-00650ba183
last-modified: Thu, 17 Aug 2023 21:07:18 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1692306437.60729
cache-control: public, max-age=180
x-trans-id: txda054babee434ad6b1c40-00650ba183
x-request-id: e73b0432-56e5-453e-bd1a-2c57709d0310

GET
H2 200 libanalytics.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/Delivery/libanalytics/prod/latest/ 49 KB
18 KB 677ms
677ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/Delivery/libanalytics/prod/latest/libanalytics.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MGM2D7G&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: c1a13f4bce76142811ac4b494a1d0a7ce270b384d661a8b0964d6f65a32d7696

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
content-encoding: gzip
x-openstack-request-id: tx5c742d5ed2dc4829aa4af-00650ba1b8
last-modified: Fri, 25 Aug 2023 18:05:37 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: application/javascript
x-timestamp: 1692986736.19619
cache-control: public, max-age=180
x-trans-id: tx5c742d5ed2dc4829aa4af-00650ba1b8
x-request-id: bc017026-9053-48c8-b7ec-00934d049de7

GET
DATA 200
OK truncated
/ 590 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b87b0bffd1a84de803f873debb1b373463f5349773c9a814baf14544d611af13

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 620 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d39cb7dd60f576511270f16f9d8ffe886acc01e5299470fe1f2700524aa483fd

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83264bb30fc7f4eaa2a3bc961f2cd8ba335962e31a427a50739619be203c1c18

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1003 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3c2033bc8eec5315f72ce5b10eac9103c82826b6b35882a64bb84711b72681f

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 695 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e2ffb754ab42ce5c1b72fa1bb2be6a17a26e1b281fd67f90676c5dcfbc804d2

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c77d602bb36cbc2fb86edcd20974138d6772fc19110bb9b867d7fde81755be72

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 bold.woff2
s3.glbimg.com/cdn/fonts/opensans/ 10 KB
11 KB 538ms
538ms Font
application/octet-stream 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/fonts/opensans/bold.woff2
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: c7c63b43903d698f7c8b28360ce19c81b574db3288a8db01a29ac72ffba1327b

Request headers

Referer: https://gshow.globo.com/
Origin: https://gshow.globo.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
x-openstack-request-id: tx97786c6ddaa04fd78901c-006478b8d7
last-modified: Tue, 25 Jun 2019 17:35:22 GMT
x-thanos: 0A8250E3
etag: 8593a5a07cf620d4512fcb71cbcd07a6
vary: Accept-Encoding, Origin
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp: 1561484121.35690
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 10284
x-trans-id: tx97786c6ddaa04fd78901c-006478b8d7
x-request-id: 734f4e98-eaff-4a88-875f-13fd926096b9

GET
H2 200 semibold.woff2
s3.glbimg.com/cdn/fonts/opensans/ 16 KB
16 KB 551ms
551ms Font
application/font-woff2 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/fonts/opensans/semibold.woff2
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 3211f0105eedb5873f087c4d715050124d6891cd2746f9e28b78759a80a818ca

Request headers

Referer: https://gshow.globo.com/
Origin: https://gshow.globo.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
x-openstack-request-id: tx7c3b33460eb347bb84899-006478b8d7
last-modified: Tue, 25 Jun 2019 17:36:47 GMT
x-thanos: 0A8250E3
etag: 365c53275ca5dad1584b7e0bd3a46c1e
vary: Accept-Encoding, Origin
content-type: application/font-woff2
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp: 1561484206.27623
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 16172
x-trans-id: tx7c3b33460eb347bb84899-006478b8d7
x-request-id: 663c5e66-e0d7-4044-b2de-8e7cca452512

GET
H2 200 item Show response
recomendacao.globo.com/rec/v2/ 39 KB
7 KB 2054ms
597ms Script
application/javascript 35.198.42.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://recomendacao.globo.com/rec/v2/item?client_id=gshow&url=https%3A//gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&content_id=FEED&page=1&limit=10&photo_size=540x304/top/smart,810x456/top/smart,1080x608/top/smart&callback=bstn.cb.recommendationFirstFetch

Requested by

Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.198.42.85 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.42.198.35.bc.googleusercontent.com

Software

Resource Hash

0d4d54ae6a2bb1627708894e62e5620d1f1e5d3e53044a6b219318b39e3cd7c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:51 GMT
content-encoding: gzip
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
vary: Accept-Encoding, Origin
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block

GET
H2 200 bastian-20230681fb40f941091c603b3e518df8e3f558.rest.css
s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/dsframework/build/mr_240588/client/ 41 KB
8 KB 619ms
619ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/dsframework/build/mr_240588/client/bastian-20230681fb40f941091c603b3e518df8e3f558.rest.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: a9905c3a890f50751e1802d0ebb7e54efd94aeff94169d61d28792740b104b61

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
content-encoding: gzip
x-openstack-request-id: txa6068ee1c72b40ae82280-00650a090e
last-modified: Wed, 21 Jun 2023 19:47:33 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1687376852.98638
cache-control: public, max-age=2592000
x-trans-id: txa6068ee1c72b40ae82280-00650a090e
x-request-id: 56de50fd-2cff-42be-89eb-79353bcc1067

GET
H2 200 hercai2.jpg
s2-gshow.glbimg.com/APofXOXbXV0bv5SghsWzhZ-GK6w=/0x0:875x583/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_e84042ef78cb4708aeebdf1c68c6cbd6/internal_photos/bs/2023/4/W/TQzo3yRHCcDRWWCCR2Zw/ 46 KB
47 KB 430ms
429ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-gshow.glbimg.com/APofXOXbXV0bv5SghsWzhZ-GK6w=/0x0:875x583/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_e84042ef78cb4708aeebdf1c68c6cbd6/internal_photos/bs/2023/4/W/TQzo3yRHCcDRWWCCR2Zw/hercai2.jpg
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 9e57f0dc3c64fde2323bab2ec7bbc9ee94f437b1e4138a0575acc870826512ce

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
via: 2.0 CachOS
x-bip: 21163298 cmah25lx27ca02.globoi.com
age: 0
x-cache-server: thumbor/nginx-cache
content-length: 47196
x-cached: MISS
x-request-id: 092f3b13-33cf-4f09-9052-feb46a4682c0
x-forwarded-host: s2-gshow.glbimg.com
x-thanos: 0A825C09
etag: "fb65fb85dde8c677cf0b8ee6803c4ba67bc40239"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Sat, 21 Oct 2023 01:53:49 GMT

GET
H2 200 hercai3.jpg
s2-gshow.glbimg.com/tC5r3hFQ8n9vv5mcLU8VGKykciI=/0x0:487x581/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_e84042ef78cb4708aeebdf1c68c6cbd6/internal_photos/bs/2023/c/a/kGAeRPSmOrTRwGjiKAzQ/ 51 KB
52 KB 1725ms
1724ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-gshow.glbimg.com/tC5r3hFQ8n9vv5mcLU8VGKykciI=/0x0:487x581/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_e84042ef78cb4708aeebdf1c68c6cbd6/internal_photos/bs/2023/c/a/kGAeRPSmOrTRwGjiKAzQ/hercai3.jpg
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: c69bb9db7a88f6f9c460b1ab1460630acdfccfd87196aebe9861818e94c474c3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
via: 2.0 CachOS
x-bip: 15627490 cmah25lx27ca02.globoi.com
age: 0
x-cache-server: thumbor/nginx-cache
content-length: 52616
x-cached: MISS
x-request-id: 3e6da92f-8895-4938-9c56-d1367fea869b
x-forwarded-host: s2-gshow.glbimg.com
x-thanos: 0A825C09
etag: "320ea67bd1e1c2884edcefe03d0d10978519dbe4"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Sat, 21 Oct 2023 01:53:49 GMT

GET
H2 200 hercai1.jpg
s2-gshow.glbimg.com/6BqJLyrSpFwoSvutTEm6aUHmUb0=/0x0:877x498/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_e84042ef78cb4708aeebdf1c68c6cbd6/internal_photos/bs/2023/T/N/Bn2vVaSzmb3JFZuqN6tQ/ 30 KB
30 KB 2662ms
2662ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-gshow.glbimg.com/6BqJLyrSpFwoSvutTEm6aUHmUb0=/0x0:877x498/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_e84042ef78cb4708aeebdf1c68c6cbd6/internal_photos/bs/2023/T/N/Bn2vVaSzmb3JFZuqN6tQ/hercai1.jpg
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: f9583d7227b629e90c1cf42a58496ef2eebe818bba68812a5569f61248dc4406

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:49 GMT
via: 2.0 CachOS
x-bip: 19614538 cmah25lx27ca02.globoi.com
age: 0
x-cache-server: thumbor/nginx-cache
content-length: 30668
x-cached: MISS
x-request-id: 5c8a60e1-1b81-4aab-bf39-48b00de0d377
x-forwarded-host: s2-gshow.glbimg.com
x-thanos: 0A825C09
etag: "567d509b813b1b2c42b7917281111d9d555bb26e"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Sat, 21 Oct 2023 01:53:49 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 54ms
52ms XHR
text/plain 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:53:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gshow.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
346 B 1453ms
339ms XHR
text/plain 108.177.15.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-251896-5&cid=1046947086.1695261230&jid=1889806223&gjid=185993074&_gid=1201443480.1695261230&_u=YADAAEAAAAAAACAAI~&z=1127957361

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 21 Sep 2023 01:53:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gshow.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/6035227/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

126ms
126ms

Script
application/javascript

13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:48:46 GMT
content-encoding: gzip
via: 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
last-modified: Wed, 19 Jul 2023 09:10:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 3906
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: bvTkMYBfYTcZxo4gyfNQEvLrwxSYTRx7R0ZG8zX_p59RfTXpuFx6RA==

Redirect headers

date: Thu, 21 Sep 2023 01:53:51 GMT
via: 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: bduD0Phl8c-BaIQyJkEJvYy64NG_EpHvYMNKF8hCnxI0S1oX5SQ-9w==

GET
H2 200 lib-double-verify-latest.js Show response
s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-double-verify/prod/ 2 KB
1 KB 327ms
326ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-double-verify/prod/lib-double-verify-latest.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-pub-external-tags/gshow/prod/lib-pub-ext-tags-gshow-latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 2242cfc76b87f635f63accdd9a832619e478aa939ed7547ab4eb38761b4a6276

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:50 GMT
content-encoding: gzip
x-openstack-request-id: txf4f97aec40b548a38eff4-00650ba1f1
last-modified: Thu, 17 Aug 2023 14:22:49 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1686160013.000000
content-type: application/javascript
x-timestamp: 1692282168.38240
cache-control: public, max-age=180
x-trans-id: txf4f97aec40b548a38eff4-00650ba1f1
x-request-id: 1e3090b5-0be1-4f17-a7ea-294e05b98f50

GET
H2 200 pub-8380869337985741 Show response
fundingchoicesmessages.google.com/i/ 155 KB
51 KB 1045ms
124ms Script
application/javascript 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-8380869337985741?ers=1

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-pub-external-tags/gshow/prod/lib-pub-ext-tags-gshow-latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f14.1e100.net

Software

ESF /

Resource Hash

0be74be83a8acf1abe24e1c1f504416f760d47ff505934cbe256a60263958215

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-b8EEuyP1gfkbIp1RrEuQRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-b8EEuyP1gfkbIp1RrEuQRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 topics.html Show response
s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-topics/prod/ Frame C79B 239 B
617 B 544ms
544ms Document
text/html 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-topics/prod/topics.html
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-pub-external-tags/gshow/prod/lib-pub-ext-tags-gshow-latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 303b2e8fdf03c4322848fdbfbdac1cbd49adada52dc8463a93bb1f610a06044d

Request headers

Referer: https://gshow.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: public, max-age=180
content-length: 239
content-type: text/html
date: Thu, 21 Sep 2023 01:53:51 GMT
etag: d1db4ea73764db8adb46df4c1dfe6ff2
last-modified: Thu, 17 Aug 2023 14:18:55 GMT
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1686170900.000000
x-openstack-request-id: tx836c04645c3d46e8b8380-00650ba220
x-request-id: 7f906df8-d59c-43e4-aa3f-ca99797e81e3
x-thanos: 0A865013
x-timestamp: 1692281934.75442
x-trans-id: tx836c04645c3d46e8b8380-00650ba220

GET
H2 200 lib-liveramp-ats-latest.js Show response
s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/liveramp/ats/prod/ 8 KB
3 KB 324ms
323ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/liveramp/ats/prod/lib-liveramp-ats-latest.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-pub-external-tags/gshow/prod/lib-pub-ext-tags-gshow-latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 8c55ec68fe16312d8692ce60ac47f69d87dd7e28edac837ec22f2f70e0eda3ed

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:50 GMT
content-encoding: gzip
x-openstack-request-id: tx0597f46e667742099adac-00650ba180
last-modified: Mon, 12 Dec 2022 21:39:25 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1670880857.000000
content-type: application/javascript
x-timestamp: 1670881164.62723
cache-control: public, max-age=180
x-trans-id: tx0597f46e667742099adac-00650ba180
x-request-id: 1a69c499-0162-4d52-a0a7-de28274bb2be

GET
H2 200 tm13574.js Show response
tag.navdmp.com/ 17 KB
6 KB 969ms
325ms Script
application/javascript 104.16.13.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/tm13574.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-pub-external-tags/gshow/prod/lib-pub-ext-tags-gshow-latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.13.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1acaf1b84c7c6a5a7ae96e4b9cce92c540c0c8ebbb0e56f8ff473917e2e9a72

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 07 Sep 2021 18:45:04 GMT
server: cloudflare
age: 3529
etag: W/"6137b330-4291"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 809ead48080024c0-ZRH
expires: Thu, 21 Sep 2023 01:55:02 GMT

GET
H2 200 t3m.js Show response
tags.t.tailtarget.com/ 64 KB
11 KB 966ms
322ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-12842-2/CT-1047
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-pub-external-tags/gshow/prod/lib-pub-ext-tags-gshow-latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: 775807392af29b7a91f1217ab6ed717ba35baaa024bdccc9273321f54ab51bb4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:13:41 GMT
content-encoding: gzip
via: 1.1 google
age: 2410
x-guploader-uploadid: ADPycdt1I3JCP5JKDWJ38iJfWPpW-Vx0-vd7RxSdROdyJuIg4CNeVKT61DmwD31JYHQ8ykjZqmlrm_3nclMzj-4CvNlqLuBvIS4w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11157
last-modified: Wed, 16 Feb 2022 19:26:59 GMT
server: nginx/1.8.1
etag: "7baa2c88b7abc79944366989908f0a4f"
vary: Accept-Encoding
x-goog-generation: 1645039619237034
x-goog-hash: md5=e6osiLerx5lENmmJkI8KTw==
content-type: application/javascript
cache-control: max-age=7200,public
x-goog-stored-content-length: 11157
accept-ranges: bytes
expires: Thu, 21 Sep 2023 03:13:41 GMT

GET
H2 200 d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js Show response
d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/ 1 MB
322 KB 964ms
339ms Script
application/javascript 104.18.41.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/dmp/dmp.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.41.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8735102c115e4801631c78b33ef72f88325bc9de8c1f7546047f135b1d5e378

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:51 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: d39f98ec-9259-4f8b-896d-7ab58be1f900
age: 0
x-guploader-uploadid: ADPycdvZIUad9L_UkHYHUlSQ31PulstD2laSwkQMPhI93CGY6k92yl8OLDKj5h-1BbKYUqsIajoNzyROIxcn97KlrIZ627mMZt_g
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
last-modified: Wed, 20 Sep 2023 21:50:29 GMT
server: cloudflare
etag: W/"259eb764bb3d63aef08308a1dd89072e"
vary: Accept-Encoding
x-goog-generation: 1695246629271467
content-type: application/javascript
x-goog-hash: crc32c=fFRBMA==, md5=JZ63ZLs9Y67wgwih3YkHLg==
cache-control: public, max-age=900
x-goog-stored-content-length: 349764
timing-allow-origin: *
cf-ray: 809ead480fc101f4-ZRH
expires: Thu, 21 Sep 2023 02:08:51 GMT

GET
H2 200 / Show response
usergate.globo.com/ 44 B
318 B 1194ms
299ms Fetch
text/plain 35.198.44.170
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://usergate.globo.com/
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/Delivery/lib-analytics%20(data%20loader)/lib-analytics.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.198.44.170 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 170.44.198.35.bc.googleusercontent.com
Software: /
Resource Hash: 2af921f96b618475ba87948891bf844483be715971a4d4b69c4b596afd6c1691

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:51 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://gshow.globo.com
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Content-Type,Cookie,X-App,GLBID,GST

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
1 KB 1025ms
135ms Fetch
application/json 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/Delivery/lib-analytics%20(data%20loader)/lib-analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

ac886c02b05fc6d0a7dad92333fc95e0779758b04627f385a29debbb296e7d35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 642
x-xss-protection: 0
expires: Thu, 21 Sep 2023 01:53:51 GMT

GET
H2 200 / Show response
usergate.globo.com/ 44 B
317 B 1188ms
301ms Fetch
text/plain 35.198.44.170
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://usergate.globo.com/
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/Delivery/libanalytics/prod/latest/libanalytics.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.198.44.170 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 170.44.198.35.bc.googleusercontent.com
Software: /
Resource Hash: 2af921f96b618475ba87948891bf844483be715971a4d4b69c4b596afd6c1691

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:51 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://gshow.globo.com
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Content-Type,Cookie,X-App,GLBID,GST

GET
H2 200 pub.js Show response
pub.doubleverify.com/signals/ 34 KB
12 KB 494ms
71ms Script
text/javascript 104.18.167.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.doubleverify.com/signals/pub.js

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-double-verify/prod/lib-double-verify-latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.167.224 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

634c0414b0a86da42f77418c43aec79278039c12b66b6dd13215314365d26df6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
content-security-policy: frame-ancestors 'self'
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Server-Timing, Cf-Ray
cache-control: private, max-age=14400, stale-while-revalidate=345600, stale-if-error=345600
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 809ead490c4e24c6-ZRH
alt-svc: h3=":443"; ma=86400

GET
H2 200 usr Show response
usr.navdmp.com/ 77 B
287 B 197ms
188ms Script
application/javascript 104.16.13.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=13574&upd=1&new=1&wst=0&wct=1&wla=1&dsy=0
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.13.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc677e2b22e7ddd410da9466c06a3eefc7d241ab01bb55d15441e81ac2065afd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Thu, 21 Sep 2023 01:53:51 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
cf-ray: 809ead4898b224c0-ZRH
expires: Thu, 21 Sep 2023 02:53:51 GMT

GET
H2 200 pxid Show response
d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co/v2.0/ 46 B
394 B 248ms
74ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co/v2.0/pxid?k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by: Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 40ec14f5660ff25f7382b18a218ef727e130fff31f98ce1a7381cd0c2b942f35

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 21 Sep 2023 01:53:51 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://gshow.globo.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66

GET
H2 200 getuidj Show response
ib.adnxs.com/ 11 B
572 B 223ms
71ms XHR
application/json 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:53:51 GMT
an-x-request-uuid: a0f9b73d-6f7d-48e3-8bc8-8454f02b38a0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gshow.globo.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.219.12.203; 80.219.12.203; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
BLOB 200
OK fb7f4a8c-fc07-490e-9860-c557bf56c467
https://gshow.globo.com/ 732 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://gshow.globo.com/fb7f4a8c-fc07-490e-9860-c557bf56c467
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3bae0c2f78e57fd2a649e203b03e2ddf1f89b0cac077d08aebce5d0afda9022

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 749180
Content-Type

GET
BLOB 200
OK 30dafc67-a81a-4909-914a-6d449063bfd2
https://gshow.globo.com/ 732 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://gshow.globo.com/30dafc67-a81a-4909-914a-6d449063bfd2
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3bae0c2f78e57fd2a649e203b03e2ddf1f89b0cac077d08aebce5d0afda9022

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 749180
Content-Type

GET
H2 200 AGSKWxWrwT_dcrTs_esTmjEgbv3sYm0fwTaAp0JC-lKMpBSKrPx2_dERYFJY0bPYW2c4oT18DZdoxgRZYf1tT5wF0V-gXfSIPTJmaB15gdnVSxPyZ1O_U2HjE9xsdAMRodlymA8f1as= Show response
fundingchoicesmessages.google.com/f/ 13 KB
7 KB 108ms
108ms Script
application/javascript 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWrwT_dcrTs_esTmjEgbv3sYm0fwTaAp0JC-lKMpBSKrPx2_dERYFJY0bPYW2c4oT18DZdoxgRZYf1tT5wF0V-gXfSIPTJmaB15gdnVSxPyZ1O_U2HjE9xsdAMRodlymA8f1as=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk1MjYxMjMxLDYyNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9nc2hvdy5nbG9iby5jb20vbm92ZWxhcy9tdW5kby1kZS1ub3ZlbGEvbm90aWNpYS9oZXJjYWktYW1vci1lLXZpbmdhbmNhLW5vdmVsYS10dXJjYS1lc3RyZWlhLW5vLWdsb2JvcGxheS5naHRtbCIsbnVsbCxbWzgsIm04Z2lYWTZlZGZZIl0sWzksImRlIl0sWzE2LCJbMSwxLDFdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.m8giXY6edfY.es5.O/d=1/rs=AJlcJMwiUA8CJMhqwuleaLV3UrjhrI0qFw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f14.1e100.net

Software

ESF /

Resource Hash

24c5e40cc6be732119b35060d3ad36ff03191b47c4db66c2bc3c656231bda7c6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-xJGsFsdXpNmtpavIzFy04w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-xJGsFsdXpNmtpavIzFy04w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 251 B
380 B 199ms
78ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by: Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 96b368c50d16304c33d3ae37656b03b87bf36ba420d75dc7894d482ce031f9ae

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 21 Sep 2023 01:53:51 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://gshow.globo.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185

GET
H2 200 lib-topics-0.0.3.js Show response
s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-topics/prod/ Frame C79B 2 KB
1 KB 274ms
274ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-topics/prod/lib-topics-0.0.3.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-topics/prod/topics.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: a939c8679b33e480b74428d7198dae942bd4f10716e9d44a104d34a4544bd2b1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-topics/prod/topics.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:51 GMT
content-encoding: gzip
x-openstack-request-id: tx0157bb2588084e92ae82f-00650ba1dc
last-modified: Thu, 17 Aug 2023 14:19:00 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1686170900.000000
content-type: application/javascript
x-timestamp: 1692281939.01790
cache-control: public, max-age=180
x-trans-id: tx0157bb2588084e92ae82f-00650ba1dc
x-request-id: eefcbb17-e13f-4089-bc93-15ca0b30007c

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035227&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1695261231672&ns_c=UTF-8&c7=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035227&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1695261231672&ns_c=UTF-8&c7=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amo...

0
226 B

57ms
55ms

Image
text/plain

13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035227&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1695261231672&ns_c=UTF-8&c7=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&c8=Hercai%3A%20Amor%20e%20Vingan%C3%A7a%3B%20novela%20turca%20estreia%20no%20Globoplay%20%7C%20Mundo%20de%20novela%20%7C%20gshow&c9=
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:51 GMT
via: 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: ka2tL4QnL9CryDhXs2qXn-xQ9GrNDu9Wwt_PmYKrJyoP7xAISYKXqw==
x-cache: Miss from cloudfront

Redirect headers

date: Thu, 21 Sep 2023 01:53:51 GMT
via: 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=6035227&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1695261231672&ns_c=UTF-8&c7=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&c8=Hercai%3A%20Amor%20e%20Vingan%C3%A7a%3B%20novela%20turca%20estreia%20no%20Globoplay%20%7C%20Mundo%20de%20novela%20%7C%20gshow&c9=
content-length: 0
x-amz-cf-id: s87BgDsM7NB8QoZisqFVv8dS22qOOHg-pxVMXHOcMcVAsd_JXC3_dA==

GET
H2 200 d39f98ec-9259-4f8b-896d-7ab58be1f900-models.bin Show response
cdn.permutive.com/models/v2/ 112 KB
79 KB 236ms
85ms XHR
application/x-binary 104.19.150.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/models/v2/d39f98ec-9259-4f8b-896d-7ab58be1f900-models.bin
Requested by: Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 008a9e7d891db96cb0dce94a888f6a8a466472682f4142455703a44c75d9f734

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 21 Sep 2023 01:53:51 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-goog-meta-oid: d39f98ec-9259-4f8b-896d-7ab58be1f900
age: 0
x-guploader-uploadid: ADPycduYr4lhDSq6B3sblLJkIUJi7osNAFbxobbfJEqBZ14dqU1LTeRaEyJayZWpo4Lv7yZ9Se_ZAOwskD4dVakE5lj65u38ThI7
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 80328
last-modified: Tue, 19 Sep 2023 13:01:28 GMT
server: cloudflare
etag: "2c9db34d682e6c0db2d14f5fa3aff773"
vary: Accept-Encoding
x-goog-generation: 1695128488466207
content-type: application/x-binary
access-control-allow-origin: *
x-goog-hash: crc32c=krKalg==, md5=LJ2zTWgubA2y0U9fo6/3cw==
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=900, no-transform
x-goog-stored-content-length: 80328
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 809ead4b0b8424c0-ZRH
expires: Thu, 21 Sep 2023 01:53:51 GMT

POST
H2 204 /
vtrk.doubleverify.com/ 0
183 B 305ms
110ms Ping
text/plain 46.137.158.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vtrk.doubleverify.com/?t=event&ec=page&ea=load-pq&v=1&ctx=27566431&cmp=DV1036776&cid=fb5bbef9-cc9f-47a0-867b-c44a65993baa&z=616523701278&cd105=mode&cd160=b19cd7f3-0776-4afe-9890-0a413ed01f50&cd161=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&cd50=upt&cd51=31da3c5&cd180=network&cm180=498&cm181=17&cm182=311&cm183=95&cm184=71&cm185=4&cm186=618
Requested by: Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.137.158.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-158-119.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://gshow.globo.com
date: Thu, 21 Sep 2023 01:53:51 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS

GET
H2 200 pub.json Show response
pub.doubleverify.com/dvtag/signals/ids/ 13 B
363 B 515ms
97ms Fetch
application/json 104.18.167.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.doubleverify.com/dvtag/signals/ids/pub.json?ctx=27566431&cmp=DV1036776&url=https%3A%2F%2Fgshow.globo.com&ids=1

Requested by

Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.167.224 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44d6d1f2648e7469518e4c7c2434917f72f734dfb30716ea66a139ff4b6eb53b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self'
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://gshow.globo.com
access-control-expose-headers: Server-Timing, Cf-Ray
cache-control: private, max-age=900
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 809ead4cedd92397-ZRH
content-length: 13
alt-svc: h3=":443"; ma=86400

GET
H2 200 pub.json Show response
pub.doubleverify.com/dvtag/signals/bsc/ 42 B
122 B 515ms
98ms Fetch
application/json 104.18.167.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.doubleverify.com/dvtag/signals/bsc/pub.json?ctx=27566431&cmp=DV1036776&url=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&bsc=1

Requested by

Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.167.224 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7d69089413787e07cf4b00d88b5c18f82e47983af577488727fb41eb3ee8750

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self'
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://gshow.globo.com
access-control-expose-headers: Server-Timing, Cf-Ray
cache-control: public, max-age=14400
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 809ead4ceddb2397-ZRH
content-length: 42
alt-svc: h3=":443"; ma=86400

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
77 B 180ms
170ms Script
application/x-javascript 104.16.13.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=135a312924c58b32afdfdda9a110&acc=13574&url=https%3A//gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&tit=Hercai%3A%20Amor%20e%20Vingan%E7a%3B%20novela%20turca%20estreia%20no%20Globoplay%20%7C%20Mundo%20de%20novela%20%7C%20gshow&h1=MUNDO%20DE%20NOVELA
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.13.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:51 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 809ead4a4aa424c0-ZRH
content-length: 6
content-type: application/x-javascript

GET
H2 204 usermatch.gif Show response
beacon.krxd.net/ 0
337 B 242ms
76ms Script
text/plain 52.215.100.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/usermatch.gif?partner=navegg&partner_uid=135a312924c58b32afdfdda9a110
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.100.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-100-89.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: beacon-n024-dub-prod.krxd.net
date: Thu, 21 Sep 2023 01:53:51 GMT
cache-control: private, no-cache, no-store
x-request-time: D=40 t=1695261231
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
70 B 69ms
69ms XHR
text/plain 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1968325864&t=event&_s=1&dl=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&ul=en-us&de=UTF-8&dt=Hercai%3A%20Amor%20e%20Vingan%C3%A7a%3B%20novela%20turca%20estreia%20no%20Globoplay%20%7C%20Mundo%20de%20novela%20%7C%20gshow&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=debug-ab-3.0.14&ea=gshow-mc-video-immersive-lightbox-v1&el=choose.call&_u=aADAAEABAAAAACAAI~&jid=1113077573&gjid=2063716141&cid=1046947086.1695261230&tid=UA-6912161-21&_gid=1201443480.1695261230&_r=1&_slc=1&z=1211572547

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:53:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gshow.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET selected-alternatives
globo-ab.globo.com/v2/ 0
0

GET
H2 200 settings.min.js Show response
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/settings/stable/ 3 KB
2 KB 309ms
308ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/settings/stable/settings.min.js
Requested by: Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 8e1abad13842cfce1f10ec038a49780b0c8889d90f314fd084e946536e043f1c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: txbcb76717373347c1bc0f3-00650ba230
last-modified: Sat, 02 Sep 2023 17:44:45 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1693675470.000000
content-type: application/javascript
x-timestamp: 1693676684.90264
cache-control: public, max-age=
x-trans-id: txbcb76717373347c1bc0f3-00650ba230
x-request-id: 3e042582-1c63-4ce2-b1b0-fc4b10664705

GET
H2 200 barra-globocom.min.js Show response
barra.globo.com/gl/ba/oidcprodutos/js/ 47 KB
15 KB 272ms
271ms Script
text/javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://barra.globo.com/gl/ba/oidcprodutos/js/barra-globocom.min.js

Requested by

Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

2fd4127f29989aedfa099d8177f3478d9cc0e7ad4a33c254cc239f859d293a46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-location-rule: barra-legado
date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 2.0 CachOS
x-bip: 17435838 cmah15lx26ca01.globoi.com
age: 262
x-cache-status: HIT
x-goog-meta-x-goog-reserved-source-generation: 1669739329085304
content-length: 14762
x-xss-protection: 1; mode=block
x-request-id: e8e4c6db-41fa-457e-9d8f-6e4fa66d81ed
last-modified: Fri, 02 Jun 2023 19:13:19 GMT
x-thanos: 0A83DC23
etag: W/"4d1f2796b3fc03109c27c5c58190db4f"
vary: Accept-Encoding, Origin
x-served-from: estaticos-gcp-prod
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 21 Sep 2023 01:54:29 GMT

GET 00a6e086622ea57d2ea45a111a34f729.css
s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/ 0
0

GET
H2 200 glb-pv-min.js Show response
s.glbimg.com/bu/rt/js/ 2 KB
1 KB 285ms
276ms Script
text/javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/bu/rt/js/glb-pv-min.js

Requested by

Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-location-rule: barra-gcs
date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 2.0 CachOS
x-bip: 29224180 cmah19lx17ca02.globoi.com
age: 1156
x-cache-status: HIT
content-length: 945
x-xss-protection: 1; mode=block
x-request-id: 95edc4b2-0305-467a-bb13-de056f7886a1
last-modified: Fri, 11 Nov 2022 21:36:41 GMT
x-thanos: 0A819C63
etag: W/"aaaef25ae81d7253ced007ce6451d65e"
vary: Accept-Encoding, Origin
x-served-from: estaticos-gcp-prod
content-type: text/javascript; charset=utf-8
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Fri, 22 Sep 2023 01:34:35 GMT

GET
H2 200 fn-cdn-client.min.js Show response
s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/client/1.1.9/ 8 KB
3 KB 375ms
374ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/client/1.1.9/fn-cdn-client.min.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/abdef33f115b0d3dc9c16b383d561679.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 379d3feeca569fbbae17983fcc9f2d058848efa5b6a1965e9c777b51e4f5c9e6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx54c3c8d1707e45d396353-0064d6341a
last-modified: Fri, 11 Aug 2023 13:01:26 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1691758885.86692
cache-control: public, max-age=155520000
x-trans-id: tx54c3c8d1707e45d396353-0064d6341a
x-request-id: a702ba01-d636-411c-9ec5-288ac5462979

POST
H2 200 identify Show response
api.permutive.com/v2.0/ 50 B
264 B 192ms
76ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by: Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: c38812ded9bbe406c0fb07309aaad9f4f8a2b01050e3e4e997ed74da7650b8d0

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://gshow.globo.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

GET
H2 200 ww.js Show response
cdn.ampproject.org/rtv/012309082229000/ 51 KB
15 KB 490ms
57ms Fetch
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309082229000/ww.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

854e654af8d6d85bb2e0bd12427b928d0bdcf58c4fadaae8edcc79fa550f2721

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: text/plain
Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Sep 2023 19:01:46 GMT
age: 111126
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14443
x-xss-protection: 0
server: sffe
etag: "d97ceda4d2eaaac4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Sep 2024 19:01:46 GMT

GET
H2 200 lib-pub-core-gshow-latest.js Show response
s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/gshow-prod/lib-pub-core/ 52 KB
17 KB 301ms
301ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/gshow-prod/lib-pub-core/lib-pub-core-gshow-latest.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-pub-relay/gshow/prod/lib-pub-relay-gshow-latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 2516d58befe847f6a1d157a4ee9682b7fc15ac34067976d21c733736239385d1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: txec5a9a0a557f41128d68a-00650ba1a5
last-modified: Tue, 19 Sep 2023 19:48:11 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1695152645.000000
content-type: application/javascript
x-timestamp: 1695152890.50039
cache-control: public, max-age=180
x-trans-id: txec5a9a0a557f41128d68a-00650ba1a5
x-request-id: bfd90693-f3fe-43ab-b8a3-ab5e9de6b620

GET
H2 200 globocom-horizon.min.js Show response
s3.glbimg.com/v1/AUTH_ba8e460c944543468c3c80cb9675751f/libs/horizon/1.10.0/ 31 KB
11 KB 296ms
287ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_ba8e460c944543468c3c80cb9675751f/libs/horizon/1.10.0/globocom-horizon.min.js?loading-agent=global-webdeps
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: cc74def6d5272eaaee05c6c9d393282f774ffb09b89c474a8f3077d5510f9b86

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx3d4d1b57fb3445689d4d7-00644a8d09
last-modified: Mon, 11 Jul 2022 21:03:00 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1657573379.43913
cache-control: public, max-age=15552000
x-trans-id: tx3d4d1b57fb3445689d4d7-00644a8d09
x-request-id: 6a0fa3ff-bca0-43de-82b1-69c4a164d0e9

GET
H2 200 preact.js Show response
s3.glbimg.com/v1/AUTH_47600d3497184478b773a886f1305b22/libs/ 10 KB
5 KB 311ms
298ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_47600d3497184478b773a886f1305b22/libs/preact.js?loading-agent=global-webdeps
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 4b979c04e68277d51b505ae1195a8cc6a8e70cea3fefe20f68dceb18693a6979

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: txd4bec15ebad44b43a08a8-00650ba183
last-modified: Mon, 24 Jul 2023 20:19:06 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1690229905.000000
content-type: application/javascript
x-timestamp: 1690229945.03842
cache-control: public, max-age=180
x-trans-id: txd4bec15ebad44b43a08a8-00650ba183
x-request-id: d1c849d2-eddf-4015-b98c-0bc33d868fd2

GET
H2 200 cadun.js Show response
s.glbimg.com/pc/ca/ 14 KB
5 KB 446ms
432ms Script
text/javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/ca/cadun.js?loading-agent=global-webdeps

Requested by

Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

9f07eb1d3485dabe204a944ab51fd4d7b4f2247c58f170714cfb40ff118af06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-location-rule: barra-gcs
date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 2.0 CachOS
x-bip: 40219153 cmah19lx17ca02.globoi.com
age: 1156
x-cache-status: HIT
content-length: 4958
x-xss-protection: 1; mode=block
x-request-id: 242768be-6087-481a-a1c1-831b0e6e33b8
last-modified: Fri, 11 Nov 2022 21:56:44 GMT
x-thanos: 0A819C63
etag: W/"d90f88fa40b545a289d34957b165ffb3"
vary: Accept-Encoding, Origin
x-served-from: estaticos-gcp-prod
content-type: text/javascript; charset=utf-8
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Fri, 22 Sep 2023 01:34:35 GMT

GET
H2 200 globo-ab.min.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.4.0/ 24 KB
6 KB 292ms
279ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.4.0/globo-ab.min.js?loading-agent=global-webdeps
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: e8bf9ccc765b5576c8b86e1f75a308e112cea4c1ead476dcf94720d10fa6fb0d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: txa1f3b6f155344521b82ef-00650ba21a
last-modified: Thu, 12 May 2022 20:00:29 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1652385628.79171
cache-control: public, max-age=180
x-trans-id: txa1f3b6f155344521b82ef-00650ba21a
x-request-id: ea09b1bb-daf2-41b4-a28d-4a312820eba2

GET
H2 200 globo-ab-v2.min.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/ 34 KB
12 KB 316ms
302ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/globo-ab-v2.min.js?loading-agent=global-webdeps
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 60b0f8f7a630b8cf83d4c29ddd3e6e614b119208fe97a96cae6dc6311541671b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx2e5e29f72da441d094cf5-00650b08a7
last-modified: Wed, 24 Oct 2018 17:17:43 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1540401462.48634
cache-control: public, max-age=86400
x-trans-id: tx2e5e29f72da441d094cf5-00650b08a7
x-request-id: e6cdb1e3-55ca-4d21-a874-8e6fbc822b0b

GET
H2 200 globo-ab.min.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.0/ 21 KB
6 KB 317ms
304ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.0/globo-ab.min.js?loading-agent=global-webdeps
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: bb396c659a45cda460f579b753cf3a53f83eb8198bd344af0a2e2d9030ef910f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx7513aee2e2264a949ea24-00650ba1be
last-modified: Tue, 19 May 2020 15:37:59 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1589902678.74751
cache-control: public, max-age=180
x-trans-id: tx7513aee2e2264a949ea24-00650ba1be
x-request-id: 0bb75526-b3bb-47db-936a-8728f76080ee

GET
H2 200 style.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-overline/ 5 KB
947 B 305ms
292ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-overline/style.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: a45bbdf55a2c594021d2faa355e485242a71c282e06d549ec3efd746a9199673

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx6cc08dae5f78434394cb4-0064e8c152
last-modified: Wed, 12 Apr 2023 12:46:19 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1681303578.16693
cache-control: max-age=2592000
x-trans-id: tx6cc08dae5f78434394cb4-0064e8c152
x-request-id: db6d4f04-b12c-4428-a888-5bb2d832f801

GET
H2 200 style.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-list/ 5 KB
988 B 291ms
277ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-list/style.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 3d9b24ebf1e1440618066d2eb32b139687abc28010a2d42ffe49c5e465c684e3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx5f105ab21bd04c05ba81e-0064e8c152
last-modified: Tue, 17 Jan 2023 18:01:27 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1673978486.07407
cache-control: max-age=2592000
x-trans-id: tx5f105ab21bd04c05ba81e-0064e8c152
x-request-id: 169cbe59-c63e-4b86-a085-6f88f0defbbc

GET
H2 200 style.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-quote/ 5 KB
918 B 308ms
295ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-quote/style.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: bf7e879b202b19e0dc0d3324c7298259d082e84be7f316607a75b9f43548b7f5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: txedf69242940a44c3b7d7e-0064e8c152
last-modified: Tue, 24 Jan 2023 21:20:09 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1674595208.56401
cache-control: max-age=2592000
x-trans-id: txedf69242940a44c3b7d7e-0064e8c152
x-request-id: 2447068e-9e0d-4497-95f0-52a9a740f436

GET
H2 200 style.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-caption/ 5 KB
914 B 311ms
298ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-caption/style.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 05f6416b6fcb58461685fa34306415b844c2c96b5c53dc3928e918802fa78808

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: txd5c0742ecac84c12b31be-0064e8c153
last-modified: Fri, 27 Jan 2023 13:00:57 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1674824456.24761
cache-control: max-age=2592000
x-trans-id: txd5c0742ecac84c12b31be-0064e8c153
x-request-id: 3b7860e4-a182-495b-a232-8a556b860281

GET
H2 200 style.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-helper-text/ 980 B
592 B 289ms
276ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-helper-text/style.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 8454b483ca003c4edc06424838d8157f4ae8f563d560972ca53716c83b329016

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: txc433ada9adc946678c149-0064e8c152
last-modified: Wed, 12 Apr 2023 12:46:30 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1681303589.01029
cache-control: max-age=2592000
x-trans-id: txc433ada9adc946678c149-0064e8c152
x-request-id: 137da448-9d6e-4b01-b805-2a18d0d1d01d

GET
H2 200 style.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-label/ 4 KB
868 B 312ms
299ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-label/style.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: a02e8c5a21d97e49d0391f1a498ca802d0c04c2bee9bb50a3633fae1c755cea9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx6bd11da9c9494ae7bb952-0064ecf05c
last-modified: Mon, 28 Aug 2023 19:06:33 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1693249592.26814
cache-control: max-age=7776000
x-trans-id: tx6bd11da9c9494ae7bb952-0064ecf05c
x-request-id: 2e9a0acc-bcfd-4339-b3d1-718e7b768551

GET
H2 200 style.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-subtitle/ 6 KB
996 B 305ms
293ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-subtitle/style.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: a6f620b5bfb37bd0aee4bd3c3916826a61418f54b2efd4d163070aa532539614

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx380d660e9939417a9511c-0064e8c152
last-modified: Wed, 12 Apr 2023 12:45:58 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1681303557.56435
cache-control: max-age=2592000
x-trans-id: tx380d660e9939417a9511c-0064e8c152
x-request-id: 03950bff-f2ee-4e66-880b-ac945d651df7

GET
H2 200 style.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-footnote/ 2 KB
662 B 305ms
292ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-footnote/style.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 9377e9b33b72489df476c5026529524c5c1bf0522d6c054a37eeabf1e6d9bc8e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: txcc6fbd6f98cc457483406-0064e8c152
last-modified: Mon, 06 Feb 2023 13:53:49 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1675691628.67094
cache-control: max-age=2592000
x-trans-id: txcc6fbd6f98cc457483406-0064e8c152
x-request-id: 28d82ab3-1217-4472-9fbb-dc3548f5c5cc

GET
H2 200 style.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-footer/ 6 KB
1 KB 307ms
294ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-footer/style.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 42b87f91c4a57aa36b426f365aac5ea6ce83b6c56e3cdebfc844e8a6cbb4380f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx87069ace0395451b9dae4-0064ad58e6
last-modified: Tue, 11 Jul 2023 13:24:17 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1689081856.97877
cache-control: max-age=7776000
x-trans-id: tx87069ace0395451b9dae4-0064ad58e6
x-request-id: d384e396-ec67-4287-a7b2-81e8b9193a68

GET
H2 200 style.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-action-list/ 1 KB
555 B 306ms
294ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-action-list/style.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: d52f2da87a0f493d4158764603e6c0e14b0fc355b399d06ef064297d4bc66074

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx2f329a2bb6784f1e86a86-0064da72e9
last-modified: Mon, 14 Aug 2023 18:30:06 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1692037805.32513
cache-control: max-age=7776000
x-trans-id: tx2f329a2bb6784f1e86a86-0064da72e9
x-request-id: e637c242-d3ff-4719-8d2e-2d2e10430f24

GET
H2 200 style.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-divider/ 329 B
674 B 312ms
300ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-divider/style.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 1f31673eb7f4c8ab5bd0080346c1c6bf010a6f5086e20a4c2c740d8946bb5ade

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
x-openstack-request-id: txed5cc339a30f433995a75-0064c13412
last-modified: Wed, 26 Apr 2023 14:02:33 GMT
x-thanos: 0A865013
etag: 4a19c63c06daf06edd3a8e03745b1bfd
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1682517752.40099
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 329
x-trans-id: txed5cc339a30f433995a75-0064c13412
x-request-id: a23f0873-fa9e-4799-bc03-13a74c30e2e0

GET
H2 200 style.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-card/ 28 KB
3 KB 312ms
300ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-card/style.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: edb43bdff8eaa772af2fe178cd9368de860df60e858a49f32ef067174272df15

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: txfed86e6f171a4474ad90f-0064caaba4
last-modified: Thu, 04 May 2023 19:15:10 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1683227709.17595
cache-control: max-age=7776000
x-trans-id: txfed86e6f171a4474ad90f-0064caaba4
x-request-id: 3ab95a57-366a-49dd-8211-0a471a2196a3

GET
H2 200 style.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-radio-button/ 7 KB
1 KB 317ms
305ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-radio-button/style.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: ee6786c4e23a87377ca7db3e8c4335eaf5ab334c6ab4a3c25ca9f2b49c28ee10

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx59e78510de7a49b583f36-0064d8cbee
last-modified: Mon, 15 May 2023 12:22:24 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1684153343.50383
cache-control: max-age=7776000
x-trans-id: tx59e78510de7a49b583f36-0064d8cbee
x-request-id: a050ba0f-173a-4fa6-9281-9867c00d5230

GET
H2 200 style.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-checkbox/ 14 KB
2 KB 313ms
301ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-checkbox/style.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: f73a555af6896e548d074d1e257ade8644e523f560c8605292b69456c14cbb56

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: txdd730bcccfe24bc3b651d-0064db7547
last-modified: Wed, 17 May 2023 12:51:07 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1684327866.67019
cache-control: max-age=7776000
x-trans-id: txdd730bcccfe24bc3b651d-0064db7547
x-request-id: 78e752de-4a49-4faa-a30b-e578d1af79d3

GET
H2 200 style.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-image/ 237 B
582 B 307ms
296ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-image/style.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: c5bc403fff2c528efe71dd9ffcf408058551eec168dc41b741cd7686d831be71

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
x-openstack-request-id: tx158f1d903341452e8247c-0064e7a7dc
last-modified: Fri, 26 May 2023 18:54:18 GMT
x-thanos: 0A865013
etag: 58eb42b5bb6ab8716fc0d94ea3a9bced
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1685127257.45190
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 237
x-trans-id: tx158f1d903341452e8247c-0064e7a7dc
x-request-id: a15a7abb-4902-4b14-870d-ac16687ba5ae

GET
H2 200 style.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-content-image/ 2 KB
620 B 308ms
296ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-content-image/style.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 826bbf13891662f58b4b697fee8539b38208b49e8ad4b60a78073b6ca8d6c1cd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx8829f7e0ffc74e40a77ac-0064f71d81
last-modified: Tue, 06 Jun 2023 12:34:03 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1686054842.64852
cache-control: max-age=7776000
x-trans-id: tx8829f7e0ffc74e40a77ac-0064f71d81
x-request-id: 43e91b76-2f8b-4fdb-8c58-e3d58a8465ba

GET
H2 200 style.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-header/ 7 KB
1 KB 310ms
299ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-header/style.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 8888330db8c4a71ed6011c9bf25f8e612e419cedb9a3e352ddf09ba1c10c25ba

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx41d281773df84c28a5b42-0064c42244
last-modified: Fri, 28 Jul 2023 20:16:11 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1690575370.18810
cache-control: max-age=7776000
x-trans-id: tx41d281773df84c28a5b42-0064c42244
x-request-id: de41795d-39fa-474e-a50a-3b2cd4813576

GET
H2 200 style.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-tag/ 6 KB
1 KB 314ms
303ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-tag/style.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: b021e7200efd53a081e90c7d7af625d4980ac42520840b7c38f85f727a9a1eaf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx0c4c0025471b4513992e5-0064e37495
last-modified: Mon, 21 Aug 2023 14:27:41 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1692628060.24303
cache-control: max-age=7776000
x-trans-id: tx0c4c0025471b4513992e5-0064e37495
x-request-id: cb0e8206-69b1-4749-8170-d8c73c1496de

GET
H2 200 style.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-dropdown/ 7 KB
1 KB 316ms
306ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-dropdown/style.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 69299d156663e1bc7ffa2f292637f863fa3198307b522139ba02baed43bf3b7e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx1475d2482df141888efde-0065021caf
last-modified: Wed, 13 Sep 2023 20:31:09 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1694637068.59024
cache-control: max-age=7776000
x-trans-id: tx1475d2482df141888efde-0065021caf
x-request-id: 96367b6e-3afa-4df6-98ae-bb44f8412181

GET
H2 200 style.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-drawer/ 8 KB
2 KB 317ms
306ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-drawer/style.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 2e9b496c8cfaa3bbd8ea4a41afa3fe42b3057a49a7060848f33b8786dfe0c227

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: txf3e6e6822079465ca2771-0065021caf
last-modified: Wed, 13 Sep 2023 20:31:10 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1694637069.89265
cache-control: max-age=7776000
x-trans-id: txf3e6e6822079465ca2771-0065021caf
x-request-id: 1a954b57-dcfb-465c-b5cd-3799ede63706

GET
H2 200 style.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-login/ 6 KB
1 KB 316ms
306ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-login/style.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 26568d28443ae4f25b40e938910624852517832f68fd34cafc110fe2f758fe93

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx50f48b654b724fb697683-00650222e1
last-modified: Wed, 13 Sep 2023 20:58:53 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1694638732.99627
cache-control: max-age=7776000
x-trans-id: tx50f48b654b724fb697683-00650222e1
x-request-id: c86647b2-9e2d-42dc-b6f9-4297c640e040

GET
H2 200 style.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-chip/ 14 KB
2 KB 321ms
312ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-chip/style.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 9f2239dd66687d6e539bd8902faf4d65db2a344c14a47ff8a04214929d5ec878

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx680ee1e008214082819af-0065085498
last-modified: Mon, 18 Sep 2023 13:44:40 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1695044679.17664
cache-control: max-age=7776000
x-trans-id: tx680ee1e008214082819af-0065085498
x-request-id: ad132121-4110-4afa-b056-d959ec5cadcb

GET
H2 200 tokens.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-divider/standard/standard/web/css/ 496 B
840 B 319ms
310ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-divider/standard/standard/web/css/tokens.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: c249804017b74220d38424f349cead8190ec6c37e4db76843f83edf7f2c28daf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
x-openstack-request-id: txe9105fafc51a4863b0a45-0064c13412
last-modified: Wed, 26 Apr 2023 14:11:43 GMT
x-thanos: 0A865013
etag: 6248152e78e9a3eab9189282e1f96734
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1682518302.61062
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 496
x-trans-id: txe9105fafc51a4863b0a45-0064c13412
x-request-id: 4bc966ec-7925-4f50-821f-c06e03c3301e

GET
H2 200 tokens.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-action-list/standard/standard/web/css/ 848 B
557 B 321ms
312ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-action-list/standard/standard/web/css/tokens.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 25be1aa1973f659c8326f419b37037ef6a783a5df29edee5362ab40aa2838dc3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: txad223945b83d408aaac3c-0064e8c152
last-modified: Thu, 06 Apr 2023 17:18:09 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1680801488.63161
cache-control: max-age=2592000
x-trans-id: txad223945b83d408aaac3c-0064e8c152
x-request-id: 2725a149-1396-4c37-8fcb-126cdc3375c3

GET
H2 200 tokens.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-quote/standard/standard/web/css/ 5 KB
1 KB 323ms
314ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-quote/standard/standard/web/css/tokens.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 1eb478b8203be39dbef4b22c3a45f03eec71ec6bac0c459932d37f0072671f91

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx1919e1bd2bcb4179bd9b6-0064e8c2c5
last-modified: Tue, 07 Mar 2023 21:42:04 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1678225323.15316
cache-control: max-age=2592000
x-trans-id: tx1919e1bd2bcb4179bd9b6-0064e8c2c5
x-request-id: ee96f546-93c4-4f2f-af62-462d29d9f7da

GET
H2 200 tokens.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-image/standard/standard/web/css/ 406 B
749 B 323ms
314ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-image/standard/standard/web/css/tokens.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 80ecd4c0f5b7d0c48e5551f35b6c10b3a23049ba8f99b53233010108ae2f75b8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
x-openstack-request-id: tx8cfec3efc0ef47968957e-0064e7b361
last-modified: Fri, 26 May 2023 19:40:43 GMT
x-thanos: 0A865013
etag: 519fe8ba1074ee7e0cf90e5d600c0655
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1685130042.22266
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 406
x-trans-id: tx8cfec3efc0ef47968957e-0064e7b361
x-request-id: 3d903ba1-3a71-4ba7-809a-97673b659ad8

GET
H2 200 tokens.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-drawer/standard/standard/web/css/ 3 KB
920 B 322ms
313ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-drawer/standard/standard/web/css/tokens.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: b86c2efd6ea96ff4942e63c07e7feb250af9c1ba2ea1cd3d157faf40abeecfdd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: txcdd29da9b3454f9dbf04d-006500a763
last-modified: Tue, 12 Sep 2023 18:00:09 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1694541608.12389
cache-control: max-age=7776000
x-trans-id: txcdd29da9b3454f9dbf04d-006500a763
x-request-id: ab7d43af-0bb9-4f4a-9b61-a951d73275b3

GET
H2 200 tokens.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-tag/standard/standard/web/css/ 6 KB
1 KB 323ms
315ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-tag/standard/standard/web/css/tokens.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 69b639a4cf004bc1efbf7d9c0329ed061390593269c83ab6930dbe8f06a7ff72

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: txc66d76c95d9b40a7b524a-0064e4a836
last-modified: Tue, 22 Aug 2023 12:19:13 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1692706752.97177
cache-control: max-age=7776000
x-trans-id: txc66d76c95d9b40a7b524a-0064e4a836
x-request-id: 5e082c09-4b21-4433-a3d4-6477c4056229

GET
H2 200 tokens.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-login/standard/standard/web/css/ 2 KB
718 B 324ms
315ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-login/standard/standard/web/css/tokens.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: abb20916157744c1460053ec9c52f739d1c3a7e56f216a158f518d1c4765b7c8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: txf4944f97db574ad4aae35-006500a79e
last-modified: Tue, 12 Sep 2023 18:01:18 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1694541677.73107
cache-control: max-age=7776000
x-trans-id: txf4944f97db574ad4aae35-006500a79e
x-request-id: 39bc8138-3d54-415f-b377-43dd6ac854b6

GET
H2 200 tokens.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-radio-button/standard/standard/web/css/ 6 KB
1 KB 324ms
316ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-radio-button/standard/standard/web/css/tokens.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: c24fb58bb0a304c4a1ccd04af1f3dd1e0567d2cc045163f4752677d0df4fe38d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: txf1152829a6c94a8a9500c-0064d54253
last-modified: Fri, 12 May 2023 19:57:44 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1683921463.31496
cache-control: max-age=7776000
x-trans-id: txf1152829a6c94a8a9500c-0064d54253
x-request-id: 5455f598-2bcc-41bb-9753-0409f343bcbe

GET
H2 200 tokens.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-footnote/standard/standard/web/css/ 2 KB
773 B 315ms
307ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-footnote/standard/standard/web/css/tokens.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: a9be6894c16a82d126a1dceed00945b3dad7b42ca6b2151835d699621f797eaf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: txebabe9e7d80b4549bae2b-0064e8c2c5
last-modified: Tue, 07 Mar 2023 21:41:41 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1678225300.78491
cache-control: max-age=2592000
x-trans-id: txebabe9e7d80b4549bae2b-0064e8c2c5
x-request-id: 8b0c0cda-0eea-4111-8d8b-93aa75f097f8

GET
H2 200 tokens.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-list/standard/standard/web/css/ 6 KB
1 KB 318ms
309ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-list/standard/standard/web/css/tokens.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 92039a309e5eb907e99f1e83b6708b601ec9419e56a30b1d132d435330d7a28c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx14f6be9173a7428485968-0064e8c2c5
last-modified: Tue, 07 Mar 2023 21:44:31 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1678225470.67078
cache-control: max-age=2592000
x-trans-id: tx14f6be9173a7428485968-0064e8c2c5
x-request-id: 56766846-dc9b-421a-8f60-8c77676b2d66

GET
H2 200 tokens.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-checkbox/standard/standard/web/css/ 10 KB
1 KB 316ms
308ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-checkbox/standard/standard/web/css/tokens.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 6cacd0088781052e14b3d1f2f09eb7f46d929b362668b7c96efd116cfaef19b8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx10963092111941068cef8-0064d915a5
last-modified: Mon, 15 May 2023 17:35:14 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1684172113.03588
cache-control: max-age=7776000
x-trans-id: tx10963092111941068cef8-0064d915a5
x-request-id: 81f29710-85d9-49e2-ab96-46c8227167d8

GET
H2 200 tokens.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-label/standard/standard/web/css/ 5 KB
997 B 319ms
311ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-label/standard/standard/web/css/tokens.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: f524e3488738d005bb160c6b3d9548be553ee203dddd3ff3ac3eb6e38fe41548

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx51a1879b0bed42e1894fc-0064e8c2c5
last-modified: Tue, 07 Mar 2023 21:42:11 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1678225330.56745
cache-control: max-age=2592000
x-trans-id: tx51a1879b0bed42e1894fc-0064e8c2c5
x-request-id: 9620e89b-92f2-4080-88b5-ce7b9945c856

GET
H2 200 tokens.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-dropdown/standard/standard/web/css/ 3 KB
898 B 316ms
308ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-dropdown/standard/standard/web/css/tokens.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: b7eaac300049a5cdfdc2a822125478ffa9e5e9498371bc41f16c4a9eece05d15

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: txd886fbefefa94951ad1f1-006500a763
last-modified: Tue, 12 Sep 2023 18:00:30 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1694541629.55884
cache-control: max-age=7776000
x-trans-id: txd886fbefefa94951ad1f1-006500a763
x-request-id: 2668bb00-de49-4515-ab86-e41aba676d60

GET
H2 200 tokens.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-card/standard/standard/web/css/ 16 KB
2 KB 318ms
310ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-card/standard/standard/web/css/tokens.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 80e623f1b04b0fa527e631be10ff0eca19c42227275fb6ff5237fb81ad5ad5ce

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: txbbb076c79b144f3281a7e-0064c7a7b2
last-modified: Tue, 02 May 2023 12:20:56 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1683030055.40946
cache-control: max-age=7776000
x-trans-id: txbbb076c79b144f3281a7e-0064c7a7b2
x-request-id: f7418e71-9a2d-4e8a-be30-c812e366a7ff

GET
H2 200 tokens.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-helper-text/standard/standard/web/css/ 1 KB
666 B 316ms
309ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-helper-text/standard/standard/web/css/tokens.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: ffc56b1b42bb1ff5ec3fe5bf46fccaf81fa2396377ae7560c829704889fa2bb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: txac5831400b904173a8a62-0064e63f8f
last-modified: Mon, 22 May 2023 19:20:10 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1684783209.73871
cache-control: max-age=7776000
x-trans-id: txac5831400b904173a8a62-0064e63f8f
x-request-id: 689ccd2e-f027-40f6-b985-467762c1bf4c

GET
H2 200 tokens.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-header/standard/standard/web/css/ 5 KB
912 B 320ms
313ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-header/standard/standard/web/css/tokens.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 000c03906cda926faf0884dcc08f6bb5a167ab76a30bb6f5590b2c75fa9d13e7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: txd3d12efdae664a72969ce-00649d84d5
last-modified: Wed, 28 Jun 2023 13:24:12 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1687958651.76002
cache-control: max-age=7776000
x-trans-id: txd3d12efdae664a72969ce-00649d84d5
x-request-id: af84a80d-c0ec-43c8-a610-baadbb9eb108

GET
H2 200 tokens.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-caption/standard/standard/web/css/ 5 KB
987 B 333ms
325ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-caption/standard/standard/web/css/tokens.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: f100491b7d7981ddeb342708f91b51c21425be30b8911c7cc871ea1bd5e23fc6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx0899260304634e63adc5b-0064e8c2c5
last-modified: Tue, 07 Mar 2023 21:44:29 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1678225468.92563
cache-control: max-age=2592000
x-trans-id: tx0899260304634e63adc5b-0064e8c2c5
x-request-id: 28a67c3c-3abe-4eab-92aa-fee383b6d554

GET
H2 200 tokens.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-subtitle/standard/standard/web/css/ 5 KB
1 KB 334ms
327ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-subtitle/standard/standard/web/css/tokens.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 0f83647432a091ea550dd41c6e132ebe6e70870634d556a9a81c950296cfe897

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: txff71658698e54c76a2b4c-0064e8c2c5
last-modified: Tue, 07 Mar 2023 21:41:20 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1678225279.35247
cache-control: max-age=2592000
x-trans-id: txff71658698e54c76a2b4c-0064e8c2c5
x-request-id: b83f8a6f-5cd2-47d9-bd90-eac10acbd8d2

GET
H2 200 tokens.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-chip/standard/standard/web/css/ 13 KB
2 KB 334ms
327ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-chip/standard/standard/web/css/tokens.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: c3d31e3795516f553ed4a0a6e69bda1fd8e6b14fb939fcca1816973b6bdc9acf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: txf01b9aaee71744d99b690-0065030e9d
last-modified: Thu, 14 Sep 2023 13:44:32 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1694699071.46566
cache-control: max-age=7776000
x-trans-id: txf01b9aaee71744d99b690-0065030e9d
x-request-id: f2a7b8fd-50fe-4130-9279-8dfc5f692f50

GET
H2 200 tokens.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-content-image/standard/standard/web/css/ 2 KB
658 B 335ms
328ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-content-image/standard/standard/web/css/tokens.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 93593261fb5f21755ee5b0a45f888ee9853b37d70edc3ba6634e92a876df5a85

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx13cdb58d08634a27816d3-0064959f6c
last-modified: Fri, 23 Jun 2023 13:33:52 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1687527231.64100
cache-control: max-age=7776000
x-trans-id: tx13cdb58d08634a27816d3-0064959f6c
x-request-id: 39076ecf-f23d-4c11-ad6a-8fde5cb93766

GET
H2 200 tokens.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-footer/standard/standard/web/css/ 5 KB
987 B 336ms
329ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-footer/standard/standard/web/css/tokens.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: bae6869bc32029429b2ea8742557a79977bdb1f51582749a497add9c677eba49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx752fce76fbf94c04be065-0064f4e350
last-modified: Tue, 07 Mar 2023 21:41:18 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1678225277.37316
cache-control: max-age=2592000
x-trans-id: tx752fce76fbf94c04be065-0064f4e350
x-request-id: 4756ac43-08fc-4fe0-aec7-a9fa0fff5871

GET
H2 200 tokens.css
s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-overline/standard/standard/web/css/ 6 KB
1008 B 333ms
326ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b922f1376f6c452e9bb337cc7d996a6e/codex/codex-component/codex-overline/standard/standard/web/css/tokens.css
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 511b0bc9d32da780033612d9a2141082ca35ef3e9d0a1b413ba0d04700f13a35

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx5806c6e4fa644f8eb92f2-0064e267a6
last-modified: Mon, 22 May 2023 19:19:33 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1684783172.60568
cache-control: max-age=7776000
x-trans-id: tx5806c6e4fa644f8eb92f2-0064e267a6
x-request-id: 69074648-0998-48da-99d4-0cab553947c4

GET
H2 200 conversion.js Show response
d.tailtarget.com/ 15 KB
6 KB 55ms
47ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/conversion.js
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 13:30:09 GMT
content-encoding: gzip
age: 44623
x-guploader-uploadid: ADPycdurIpTJToNKphfSQ0nO8jgO0mVsLpcBeYbu-25rVNBpnryqd_8_1SL4GUXVjNLOXAVQWvJIMHhd2IJqial5gCjQeJBxh5TO
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6116
last-modified: Thu, 14 Sep 2023 12:59:30 GMT
server: UploadServer
etag: "c39451e5dec2be7fc7d6df76b55be662"
x-goog-hash: crc32c=SdVkEQ==, md5=w5RR5d7Cvn/H1t92tVvmYg==
x-goog-generation: 1694696370171925
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 6116
accept-ranges: bytes
expires: Thu, 21 Sep 2023 13:30:09 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 65ms
64ms XHR
text/plain 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1968325864&t=pageview&_s=1&dl=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&ul=en-us&de=UTF-8&dt=Hercai%3A%20Amor%20e%20Vingan%C3%A7a%3B%20novela%20turca%20estreia%20no%20Globoplay%20%7C%20Mundo%20de%20novela%20%7C%20gshow&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAAAACgAI~&jid=843000279&gjid=1263881464&cid=1046947086.1695261230&uid=&tid=UA-296593-29&_gid=1201443480.1695261230&_r=1&_slc=1&gtm=45He39i0n81PS8KQR6&cd10=&cd11=&cd1=web&cd4=Ate%203%20meses&cd5=multi-content&cd12=False&cd16=materia&cd18=266%20a%20370&cd23=direct&cd24=Ate%202%20meses&cd25=21-07-2023&cd26=GSHOW%2CNovelas%2CMundo%20de%20novela&cd31=0&cd32=novelas%2Fmundo-de-novela&cd33=materia&cd36=desktop&cd52=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd75=&cd76=c3dbba6c-769e-4552-a02a-1c592c8fc171&cd196=4&cd197=8&cd198=0&cd199=4g&cd200=false&cm6=297&z=1730018046

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:53:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gshow.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6bzo30tuuk Show response
www.clarity.ms/tag/ 1 KB
2 KB 596ms
156ms Script
application/x-javascript 13.107.213.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/6bzo30tuuk?ref=gtm
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS8KQR6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.213.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 79c3e4feb9606390af3d9ebe4f74506d47906104575bf1b80a2348c1b58fa8eb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
date: Thu, 21 Sep 2023 01:53:52 GMT
x-azure-ref: 0MKILZQAAAADYJkvFdJz3TKWP9FhE0FenWlJIRURHRTEzMDcANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
content-length: 1191
expires: -1

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/350497967/ 3 KB
2 KB 215ms
72ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/350497967/?random=1695261232135&cv=11&fst=1695261232135&bg=ffffff&guid=ON&async=1&gtm=45He39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&label=Un9pCOngyuIDEK_ZkKcB&hn=www.googleadservices.com&frm=0&tiba=Hercai%3A%20Amor%20e%20Vingan%C3%A7a%3B%20novela%20turca%20estreia%20no%20Globoplay%20%7C%20Mundo%20de%20novela%20%7C%20gshow&value=0&bttype=purchase&auid=89501441.1695261232&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS8KQR6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

fb7d182069a7b31b3b889c379c73f7445eb319e0725b8d5a5ee8d0975a542858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1717
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 70 KB
24 KB 521ms
62ms Script
application/x-javascript 13.35.255.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.255.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-255-75.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: ff18779bb7f76122171e9faa51b7af30bc0239d361c926489b02032bb5bccb54

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:04:15 GMT
content-encoding: gzip
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
last-modified: Wed, 09 Aug 2023 00:52:49 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 6577
etag: W/"64d2e361-1197e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: uKJkWFJcSOygzTT14fss3VGbKEuUSnS4RYiDsOcovVhEbJUAcXYFoA==
expires: Fri, 22 Sep 2023 00:04:15 GMT

GET
H2 200 horizon-common-hit.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 45 KB
15 KB 463ms
462ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 6fc8c519813ae69ffb5c95d87821ffbc940db1a1a2070bdbfed21d0e53fc4991

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: txc701dec48b8f4d2bae594-00650ba1f4
last-modified: Tue, 27 Jun 2023 00:08:13 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1687824492.72874
cache-control: public, max-age=180
x-trans-id: txc701dec48b8f4d2bae594-00650ba1f4
x-request-id: 71f2928b-3d26-473d-aeee-35f068916adc

GET
H2 200 00a6e086622ea57d2ea45a111a34f729.css
s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/ 20 KB
4 KB 285ms
284ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/00a6e086622ea57d2ea45a111a34f729.css
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: f98688edbbadeabc0117ac5175c50ac8e887afcbbef409000d529195ecadb880

Request headers

Referer: https://gshow.globo.com/
Origin: https://gshow.globo.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx40030dec9a5b4a149e922-006509b2a3
content-length: 3754
x-trans-id: tx40030dec9a5b4a149e922-006509b2a3
x-request-id: 5da7ddde-9340-44f2-8adb-a5fd604ee766
last-modified: Tue, 11 Jul 2023 13:53:19 GMT
x-thanos: 0A8250E3
etag: 0d1c119cb704ea504ec03f94c299a7f3
vary: Accept-Encoding, Origin
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: x-object-meta-cache-control, content-language, cache-control, expires, last-modified, etag, x-timestamp, pragma, x-trans-id, x-container-meta-cache-control, content-type, x-openstack-request-id, authorization
x-timestamp: 1689083598.94110
cache-control: public, max-age=604800
accept-ranges: bytes

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
72 B 63ms
60ms XHR
text/plain 108.177.15.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-296593-29&cid=1046947086.1695261230&jid=843000279&gjid=1263881464&_gid=1201443480.1695261230&_u=aADAAEABAAAAACgAI~&z=1378064726

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 21 Sep 2023 01:53:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gshow.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 base.js Show response
d.tailtarget.com/ 20 KB
8 KB 47ms
46ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/base.js
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 16:40:08 GMT
content-encoding: gzip
age: 33224
x-guploader-uploadid: ADPycdvtA9aPINB8e2A0dy-mb1-Wwa8wEEuJbaP2us2Ck-b0J0n4vBaXhDQj5wZA8tTd64fugcpRmsE7OM4Id7rgAI6KOg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8334
last-modified: Thu, 14 Sep 2023 12:59:30 GMT
server: UploadServer
etag: "20de3c90b2d9541b062276e079f0eaa7"
x-goog-hash: crc32c=yMCztg==, md5=IN48kLLZVBsGInbgefDqpw==
x-goog-generation: 1694696370056280
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 8334
accept-ranges: bytes
expires: Thu, 21 Sep 2023 16:40:08 GMT

POST
H2 204 /
vtrk.doubleverify.com/ 0
182 B 76ms
75ms Ping
text/plain 46.137.158.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vtrk.doubleverify.com/?t=event&ec=page&ea=load-signals&v=1&ctx=27566431&cmp=DV1036776&cid=fb5bbef9-cc9f-47a0-867b-c44a65993baa&z=361611328592&cd105=mode&cd160=7fb792dc-6aed-42d0-8f60-1f31bd4a5ccb&cd161=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&cd50=upt&cd51=31da3c5&cd180=network&cd52=loadSignals&cm56=1&cm57=1&cm58=1&cm59=1&cm60=1&cm187=517&cm180=517&cm181=0&cm182=0&cm183=0&cm184=98&cm185=1&cm186=567&cd191=809ead4ceddb2397&cm188=517&cm170=0&cm61=0&cd171=80023001%2C84011001%2C80022004&cm62=3&cd53=1&cm54=569
Requested by: Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.137.158.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-158-119.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://gshow.globo.com
date: Thu, 21 Sep 2023 01:53:52 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS

GET
H2 200 selected-alternatives Show response
globo-ab.globo.com/v2/ 294 B
832 B 1029ms
531ms Fetch
application/json 34.95.229.88
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://globo-ab.globo.com/v2/selected-alternatives?experiments=player-isolated-experiment-02&skipImpressions=true

Requested by

Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.95.229.88 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

88.229.95.34.bc.googleusercontent.com

Software

Resource Hash

7ce55fdb9ea5d08df384da56f2559b2a1075b262cf39eda900fea72d2443a06d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
strict-transport-security: max-age=300; includeSubDomains
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://gshow.globo.com
access-control-allow-credentials: true
trace-id: e1bc9850f7d91648
access-control-allow-headers: user,User-Agent,Content-Type,GLBUID,GLBID,GLBEXP,x-client-user-agent,x-client-version,x-device-id,x-platform-id,x-canonical-uri,GLOBO_ID

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 526ms
88ms Image
image/gif 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-296593-29&cid=1046947086.1695261230&jid=843000279&_u=aADAAEABAAAAACgAI~&z=162700065

Requested by

Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:53:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ch/ads/ 42 B
408 B 527ms
84ms Image
image/gif 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-296593-29&cid=1046947086.1695261230&jid=843000279&_u=aADAAEABAAAAACgAI~&z=162700065

Requested by

Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:53:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 horizon-client-js.min.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 11 KB
4 KB 310ms
309ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-client-js.min.js
Requested by: Host: s.glbimg.com
URL: https://s.glbimg.com/bu/rt/js/glb-pv-min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx2d5f6b7c53dd44e7baca6-00650ba029
last-modified: Fri, 13 Nov 2020 17:21:38 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1605288097.88717
cache-control: public, max-age=600
x-trans-id: tx2d5f6b7c53dd44e7baca6-00650ba029
x-request-id: c9b64442-874b-496e-bd7b-a7dcad15b8f2

POST
H2 200 segment Show response
api.permutive.com/adv/v2/ 14 B
78 B 63ms
62ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/adv/v2/segment?new-session=true&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by: Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 21 Sep 2023 01:53:52 GMT
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14
content-type: application/json

GET
H2 200 u Show response
b.t.tailtarget.com/ 72 B
513 B 273ms
160ms Script
application/x-javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?env=_ttq_ttGlobo
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: b0e416efe4ce773bfad5716a6cd6b314669fa4f323fc208691074f65b9b37a3d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/x-javascript
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

/
www.google.ch/pagead/1p-conversion/350497967/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/350497967/?random=565605644&cv=11&fst=1695261232135&bg=ffffff&guid=ON&async=1&gtm=45He39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgshow...
https://www.google.com/pagead/1p-conversion/350497967/?random=565605644&cv=11&fst=1695261232135&bg=ffffff&guid=ON&async=1&gtm=45He39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgshow.globo.com%2Fnovelas%...
https://www.google.ch/pagead/1p-conversion/350497967/?random=565605644&cv=11&fst=1695261232135&bg=ffffff&guid=ON&async=1&gtm=45He39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2...

42 B
154 B

84ms
83ms

Image
image/gif

142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/pagead/1p-conversion/350497967/?random=565605644&cv=11&fst=1695261232135&bg=ffffff&guid=ON&async=1&gtm=45He39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&label=Un9pCOngyuIDEK_ZkKcB&hn=www.googleadservices.com&frm=0&tiba=Hercai%3A%20Amor%20e%20Vingan%C3%A7a%3B%20novela%20turca%20estreia%20no%20Globoplay%20%7C%20Mundo%20de%20novela%20%7C%20gshow&value=0&auid=89501441.1695261232&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EktDaEFJOExDcXFBWVFtX25kaW9UWjlib2VFaVFBQ3VPbWtYeGZzNlBOekVja09YOGxvdUYzN3hEY1JDV1VXSXNKa1dBRElCZHhtSTgaVkNoQUk4TENxcUFZUXhLTGk2UHl3MVlraEVpd0E0VUZkQTdZSXphTWNsLVBIRHVha2ExSVJBZk8xeG5IaFd0Qmo1UGhvQW5MTllNM0hVeFlRaHVuaVBBIhMI-OW2nMy6gQMVAM-7CB2eyQvX&is_vtc=1&ocp_id=MKILZfiNE4Ce7_UPnpOvuA0&eitems=ChAI8LCqqAYQtI6Fo7_Yl9Q1Eh0Aj_HEt23fS_w3t01-IjHiY1jsYetnM_sYbpgIUg&random=761971321&ipr=y

Requested by

Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml

Protocol

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:53:53 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:53:52 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.ch/pagead/1p-conversion/350497967/?random=565605644&cv=11&fst=1695261232135&bg=ffffff&guid=ON&async=1&gtm=45He39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&label=Un9pCOngyuIDEK_ZkKcB&hn=www.googleadservices.com&frm=0&tiba=Hercai%3A%20Amor%20e%20Vingan%C3%A7a%3B%20novela%20turca%20estreia%20no%20Globoplay%20%7C%20Mundo%20de%20novela%20%7C%20gshow&value=0&auid=89501441.1695261232&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EktDaEFJOExDcXFBWVFtX25kaW9UWjlib2VFaVFBQ3VPbWtYeGZzNlBOekVja09YOGxvdUYzN3hEY1JDV1VXSXNKa1dBRElCZHhtSTgaVkNoQUk4TENxcUFZUXhLTGk2UHl3MVlraEVpd0E0VUZkQTdZSXphTWNsLVBIRHVha2ExSVJBZk8xeG5IaFd0Qmo1UGhvQW5MTllNM0hVeFlRaHVuaVBBIhMI-OW2nMy6gQMVAM-7CB2eyQvX&is_vtc=1&ocp_id=MKILZfiNE4Ce7_UPnpOvuA0&eitems=ChAI8LCqqAYQtI6Fo7_Yl9Q1Eh0Aj_HEt23fS_w3t01-IjHiY1jsYetnM_sYbpgIUg&random=761971321&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fn-config.min.json Show response
s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/config/1.1.9/ 4 KB
1 KB 309ms
289ms Fetch
application/json 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/config/1.1.9/fn-config.min.json
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/client/1.1.9/fn-cdn-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: e3e446fda8d1490300e8ce56b5dd16bd2a71dd57c60d1b8cff83a9a9e6a19215

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: txa791a9ee179041b087c02-0064da64a5
last-modified: Fri, 11 Aug 2023 13:00:54 GMT
x-thanos: 0A8250E3
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://gshow.globo.com
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp: 1691758853.03827
cache-control: public, max-age=155520000
x-trans-id: txa791a9ee179041b087c02-0064da64a5
x-request-id: 4e2ac94e-c550-4ea3-8b76-4071d449649f

GET
H2 200 tv4.min.js Show response
s3.glbimg.com/cdn/libs/tv4/1.3.0/ 28 KB
10 KB 457ms
443ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/libs/tv4/1.3.0/tv4.min.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_ba8e460c944543468c3c80cb9675751f/libs/horizon/1.10.0/globocom-horizon.min.js?loading-agent=global-webdeps
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx44670d907cd5415b9f95b-00644a8d0a
last-modified: Fri, 25 May 2018 14:11:50 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: application/javascript
x-timestamp: 1527257509.32548
cache-control: public, max-age=31536000
x-trans-id: tx44670d907cd5415b9f95b-00644a8d0a
x-request-id: c4589dc4-e377-4eaf-b847-10195404106f

GET
H2 200 11366_gshow.js Show response
ads.rubiconproject.com/prebid/ 361 KB
114 KB 234ms
82ms Script
text/javascript 23.56.202.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/prebid/11366_gshow.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/gshow-prod/lib-pub-core/lib-pub-core-gshow-latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-202-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2b15c54f429ed4d36662231338dc4d18268b1c6a43556faee02d2520c470318e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
last-modified: Fri, 11 Aug 2023 02:31:48 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
content-length: 116133
expires: Thu, 21 Sep 2023 01:53:52 GMT

GET
H2 200 publicidade.css
s3.glbimg.com/cdn/libs/publicidade/1.2.2/ 4 KB
1 KB 445ms
445ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/libs/publicidade/1.2.2/publicidade.css
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/gshow-prod/lib-pub-core/lib-pub-core-gshow-latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 1e095279c2fa9fe4fb378f29b98f96e85eca3d8ca9b2382e0137d280cf473367

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx7486820c66604c089cb6a-00644a8d0b
last-modified: Mon, 20 Jun 2022 19:54:24 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1655754863.75188
cache-control: public, max-age=311040000
x-trans-id: tx7486820c66604c089cb6a-00644a8d0b
x-request-id: 1710d07c-ad6c-43e1-8598-06839610f68e

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 139 KB
31 KB 523ms
77ms Script
text/javascript 104.22.53.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31078044

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccebb3668d65d3268223556ecdbe14e98305dd0abeffe6308c75e7fb21188fc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 Sep 2023 09:30:49 GMT
server: cloudflare
x-amz-request-id: HA1WN0Y3GVHPD61K
age: 2491
etag: W/"1a5f44cdb786ba83a7fa05963228f464"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 809ead523cdc0166-CDG
x-amz-id-2: 7A0o04W0js1V+c10aphH6KASozwsVO1gCtuePn0NpQoAEcruxVz6hC65R1kQpWcH6UDmi+I4KHn+d8VwK04nKA==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 558ms
105ms Script
text/javascript 18.66.127.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31078044
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.127.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-127-127.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: tte_Zq9MCmRAYf9XeFwo9sUIgrBbXCUY
Date: Wed, 20 Sep 2023 05:20:17 GMT
Via: 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 74017
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Wed, 06 Sep 2023 03:40:59 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: a21aLxheCCxbzSmote9Xd-dytg6iYujbbfTFDpKK2n6re-FznYEMNQ==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 494ms
63ms Script
application/javascript 104.16.86.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31078044

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 28139
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-yyz4527-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZnBtdrbpwkNw%2F2cvsftvvhw7jr067SFUkSB5fzOeO2uSs8lxpuZ4NW%2F5gmgUaVJckDGuUCp74G7PPIZ9r6l1q3ba%2BKBlsMc9ybEWMOwvPIXFKipJ7vkor4q1DDDtFBv7938%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 809ead52ebc101f0-ZRH

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 159ms
52ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31078044
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 04:27:21 GMT
content-encoding: gzip
age: 2064391
x-guploader-uploadid: ADPycdvO63Bs2hpfvrq4P31AF9LvzTxHSA_jJUqYOnbEjFh1BfJWVElI9jTga5pYHwO5mvT4IwwwIh1cSCracbb_xVSxAQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Tue, 27 Aug 2024 04:27:21 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
14 KB 514ms
69ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31078044

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Sep 2023 09:22:37 GMT
server: nginx
etag: W/"64f9965d-ab99"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 22 Sep 2023 01:53:53 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 229ms
87ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31078044
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 02:44:08 GMT
content-encoding: gzip
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 83385
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: Nz3aDdfmlKIFThvK-1kdZBRQhjD2TwRpr1cLAEK97cL79iOldLQAaA==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 197ms
76ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31078044
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 6d13eb747f91f5ded1c24d3e3613d997
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 436ms
435ms Fetch
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1928937688576847&correlator=1368696945275414&eid=31078022%2C31078023%2C31078044&output=ldjh&gdfp_req=1&vrg=202309180101&ptt=17&impl=fif&iu_parts=95377733%2Ctvg_Gshow%2CMundo_de_Novela&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&didk=3223810205&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1695261232496&lmt=1695254032&adxs=892&adys=1334&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&vis=1&psz=300x0&msz=300x0&fws=4&ohw=1600&ga_vid=1046947086.1695261230&ga_sid=1695261233&ga_hid=1968325864&ga_fc=true&dlt=1695261228087&idt=1433&prev_scp=tvg_pos%3DMATERIA1%26rc%3DMATERIA1_0&cust_params=permutive%3D%26BSC%3D80023001%252C84011001%252C80022004%26IDS%3D0%26prmtvsdk%3Dweb%26ext-bsafety%3D%26safe%3D%26ambient%3Dweb%26cor_pagina%3DE72500%26ext-ctx-mc%3D5%252C60%252C13%252C2%252C153%252C27%252C348%252C85%252C30%252C121%26tipo_pagina%3Dmulti-content%26tvg_cma%3DGSHOW%252CNovelas%252CMundo%2520de%2520novela%26tvg_pgName%3Dmateria%26tvg_pgStr%3Dgshow%252Fnovelas%252Fmundo%2520de%2520novela%26tvg_random%3D8%26tvg_temas%3Dcolgate%252CCEF%252Capple%252Cunilever%252Cheineken%252Cnamorados%252Cbbrasil%26tvg_topico%3D%26tvg_url%3Dgshow.globo.com%252Fnovelas%252Fmundo-de-novela%252Fnoticia%252Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml%26as_obra%3D%26as_tempo%3D%26as_assun%3D%26as_canal%3D%26ext-canal%3D%26ext-obra%3D%26tvg_prop%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3Dc3dbba6c-769e-4552-a02a-1c592c8fc171%26nvg_gender%3D%26nvg_age%3D%26nvg_educat%3D%26nvg_marita%3D%26nvg_income%3D%26nvg_connec%3D%26nvg_city%3D%26nvg_region%3D%26nvg_countr%3D%26nvg_everyo%3D%26nvg_custom%3D%26nvg_brand%3D%26nvg_intere%3D%26nvg_produc%3D%26nvg_career%3D%26nvg_everyb%3D%26nvg_pgende%3D%26nvg_page%3D%26nvg_peduca%3D%26nvg_pmarit%3D%26nvg_pincom%3D%26nvg_lookal%3D%26permutive-id%3D0b31f6f0-8b82-4b24-9558-4a66c3d8cb92%26ptime%3D1695261232433%26prmtvvid%3D%26prmtvwid%3D&adks=1996672512&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31078044

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

3bfd44d0e6b4e1ceeabb398f8d06748a21b604835e0c1ced0984af7a4e38d0a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10833
x-xss-protection: 0
google-lineitem-id: 6357826751
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138444889174
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gshow.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 120ms
119ms Fetch
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1928937688576847&correlator=3597745710709421&eid=31078022%2C31078023%2C31078044&output=ldjh&gdfp_req=1&vrg=202309180101&ptt=17&impl=fif&iu_parts=95377733%2CtouchPoint%2Csubcontent%2Cgshow&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C80x35&fluid=height&ifi=2&didk=1575591890&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1695261232508&lmt=1695254032&adxs=760&adys=4297&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&vis=1&psz=1600x4266&msz=1600x0&fws=4&ohw=1600&ga_vid=1046947086.1695261230&ga_sid=1695261233&ga_hid=1968325864&ga_fc=true&dlt=1695261228087&idt=1433&cust_params=permutive%3D%26BSC%3D80023001%252C84011001%252C80022004%26IDS%3D0%26prmtvsdk%3Dweb%26ext-bsafety%3D%26safe%3D%26ambient%3Dweb%26cor_pagina%3DE72500%26ext-ctx-mc%3D5%252C60%252C13%252C2%252C153%252C27%252C348%252C85%252C30%252C121%26tipo_pagina%3Dmulti-content%26tvg_cma%3DGSHOW%252CNovelas%252CMundo%2520de%2520novela%26tvg_pgName%3Dmateria%26tvg_pgStr%3Dgshow%252Fnovelas%252Fmundo%2520de%2520novela%26tvg_random%3D8%26tvg_temas%3Dcolgate%252CCEF%252Capple%252Cunilever%252Cheineken%252Cnamorados%252Cbbrasil%26tvg_topico%3D%26tvg_url%3Dgshow.globo.com%252Fnovelas%252Fmundo-de-novela%252Fnoticia%252Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml%26as_obra%3D%26as_tempo%3D%26as_assun%3D%26as_canal%3D%26ext-canal%3D%26ext-obra%3D%26tvg_prop%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3Dc3dbba6c-769e-4552-a02a-1c592c8fc171%26nvg_gender%3D%26nvg_age%3D%26nvg_educat%3D%26nvg_marita%3D%26nvg_income%3D%26nvg_connec%3D%26nvg_city%3D%26nvg_region%3D%26nvg_countr%3D%26nvg_everyo%3D%26nvg_custom%3D%26nvg_brand%3D%26nvg_intere%3D%26nvg_produc%3D%26nvg_career%3D%26nvg_everyb%3D%26nvg_pgende%3D%26nvg_page%3D%26nvg_peduca%3D%26nvg_pmarit%3D%26nvg_pincom%3D%26nvg_lookal%3D%26permutive-id%3D0b31f6f0-8b82-4b24-9558-4a66c3d8cb92%26ptime%3D1695261232433%26prmtvvid%3D%26prmtvwid%3D&adks=3844566960&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31078044

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

69802eb4048039c638a293731f644d5567b4d80d300a7ded52089ac54d0f838d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12132
x-xss-protection: 0
google-lineitem-id: 6379847465
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138445874561
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gshow.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
10 KB 312ms
311ms Fetch
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1928937688576847&correlator=4122505367256848&eid=31078022%2C31078023%2C31078044&output=ldjh&gdfp_req=1&vrg=202309180101&ptt=17&impl=fif&iu_parts=95377733%2Ctvg_Gshow%2CMundo_de_Novela&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x150%7C970x90&ifi=3&didk=1256737170&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1695261232513&lmt=1695254032&adxs=315&adys=408&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&vis=1&psz=1360x250&msz=1360x250&fws=4&ohw=1600&ga_vid=1046947086.1695261230&ga_sid=1695261233&ga_hid=1968325864&ga_fc=true&dlt=1695261228087&idt=1433&prev_scp=tvg_pos%3DMATERIA_TOPO%26rc%3DMATERIA_TOPO_0&cust_params=permutive%3D%26BSC%3D80023001%252C84011001%252C80022004%26IDS%3D0%26prmtvsdk%3Dweb%26ext-bsafety%3D%26safe%3D%26ambient%3Dweb%26cor_pagina%3DE72500%26ext-ctx-mc%3D5%252C60%252C13%252C2%252C153%252C27%252C348%252C85%252C30%252C121%26tipo_pagina%3Dmulti-content%26tvg_cma%3DGSHOW%252CNovelas%252CMundo%2520de%2520novela%26tvg_pgName%3Dmateria%26tvg_pgStr%3Dgshow%252Fnovelas%252Fmundo%2520de%2520novela%26tvg_random%3D8%26tvg_temas%3Dcolgate%252CCEF%252Capple%252Cunilever%252Cheineken%252Cnamorados%252Cbbrasil%26tvg_topico%3D%26tvg_url%3Dgshow.globo.com%252Fnovelas%252Fmundo-de-novela%252Fnoticia%252Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml%26as_obra%3D%26as_tempo%3D%26as_assun%3D%26as_canal%3D%26ext-canal%3D%26ext-obra%3D%26tvg_prop%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3Dc3dbba6c-769e-4552-a02a-1c592c8fc171%26nvg_gender%3D%26nvg_age%3D%26nvg_educat%3D%26nvg_marita%3D%26nvg_income%3D%26nvg_connec%3D%26nvg_city%3D%26nvg_region%3D%26nvg_countr%3D%26nvg_everyo%3D%26nvg_custom%3D%26nvg_brand%3D%26nvg_intere%3D%26nvg_produc%3D%26nvg_career%3D%26nvg_everyb%3D%26nvg_pgende%3D%26nvg_page%3D%26nvg_peduca%3D%26nvg_pmarit%3D%26nvg_pincom%3D%26nvg_lookal%3D%26permutive-id%3D0b31f6f0-8b82-4b24-9558-4a66c3d8cb92%26ptime%3D1695261232433%26prmtvvid%3D%26prmtvwid%3D&adks=3108422164&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31078044

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

6167de1fce14d1b96a4234bdd7dfe95409d625ec6cbd17c66e870efbf9b75b29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10164
x-xss-protection: 0
google-lineitem-id: 6357826751
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138444889186
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gshow.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A9B0 6 KB
3 KB 556ms
85ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31078044

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gshow.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 01:53:53 GMT
expires: Fri, 20 Sep 2024 01:53:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET choose
globo-mab.globo.com/mab/mc-gshow-lazy-load-advwblt.v2:desktop:banner-materia2/ 0
0

GET choose
globo-mab.globo.com/mab/mc-gshow-lazy-load-advwblt.v2:desktop:banner-materia/ 0
0

GET
H2 200 entretenimento-ui.js Show response
s3.glbimg.com/v1/AUTH_47600d3497184478b773a886f1305b22/libs/ 293 KB
104 KB 293ms
293ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_47600d3497184478b773a886f1305b22/libs/entretenimento-ui.js?loading-agent=global-webdeps
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: a46ecc97cb1e2fb006db1f0519ce80c6ad3ef436010ef43317af0d434eabaa86

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx3ea71f23328a44f8a5ae5-00650ba184
last-modified: Mon, 28 Aug 2023 14:38:48 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1693233527.51737
cache-control: public, max-age=180
x-trans-id: tx3ea71f23328a44f8a5ae5-00650ba184
x-request-id: fcfc439c-c8f9-4267-bdb7-eb5a0d8462f7

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/6035227/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
382 B

90ms
88ms

Script
application/javascript

13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:42:22 GMT
via: 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jul 2023 14:48:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 4298
x-amz-server-side-encryption: AES256
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 0
x-amz-cf-id: 75KGqdJcJ8f9aJ06eOHBVX-YY18JVZqO6nWd0D9J4JxAcvmqJFfLwA==

Redirect headers

date: Thu, 21 Sep 2023 01:53:52 GMT
via: 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
location: /internal-c2/default/cs.js
content-length: 0
x-amz-cf-id: dzc-2bGwLgY0CNH0Qp4eY_1W2wY4QffeKY5I0GjQtElflv8i5iRQ2w==

GET
H2 200 logo_globoplay.svg
s3.glbimg.com/v1/AUTH_ba8e460c944543468c3c80cb9675751f/logos/globoplay/ 5 KB
2 KB 310ms
309ms Image
image/svg+xml 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.glbimg.com/v1/AUTH_ba8e460c944543468c3c80cb9675751f/logos/globoplay/logo_globoplay.svg
Requested by: Host: barra.globo.com
URL: https://barra.globo.com/gl/ba/oidcprodutos/css/barra-globocom.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: c637bc70cc671cda4cc4885f7b5f53537f9ded298f7ddcb6a784ca244606f0ea

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://barra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx9729511012fc4fe5b4c2c-00650ba17c
last-modified: Mon, 17 Oct 2022 13:20:36 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: image/svg+xml
x-timestamp: 1666012835.41302
cache-control: public, max-age=180
x-trans-id: tx9729511012fc4fe5b4c2c-00650ba17c
x-request-id: 3d8cd34e-7084-4e03-bd23-8d7e7124fd9a

GET
H2 200 p
sb.scorecardresearch.com/ 43 B
394 B 81ms
79ms Image
image/gif 13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=6035227&ns__t=1695261232588&ns_c=UTF-8&c8=Hercai%3A%20Amor%20e%20Vingan%C3%A7a%3B%20novela%20turca%20estreia%20no%20Globoplay%20%7C%20Mundo%20de%20novela%20%7C%20gshow&c7=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&c9=
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
via: 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: GkOD6jVqQZkNMO4imiXdVDiFBPD78YmtLSBv05F9bFnTuWQsioe3TQ==

GET
H2 200 globoid-js.min.js Show response
s3.glbimg.com/cdn/libs/globoid-js/1.4.5/ 168 KB
62 KB 519ms
518ms Script
text/html 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/libs/globoid-js/1.4.5/globoid-js.min.js?loading-agent=global-webdeps
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: d2dad34ff5b30384c3e674cae34beb61be4f910a4d42c4b45d70a8f71fe911cb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx5b3380a3c0c842df949d1-00644a8d0a
last-modified: Tue, 05 Jul 2022 19:01:56 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/html
x-timestamp: 1657047715.01384
cache-control: public, max-age=155520000
x-trans-id: tx5b3380a3c0c842df949d1-00644a8d0a
x-request-id: ff87b1da-a459-476f-9ca0-303fe0ecd2f9

POST chooseAndIncrement
globo-mab.globo.com/mab/bastian-advwblt-r5:gshow:desktop:multicontent:ep/ 0
0

POST chooseAndIncrement
globo-mab.globo.com/mab/bastian-advwblt-r5:gshow:desktop:multicontent:dinamico/ 0
0

GET
H2 200 selected-alternatives Show response
globo-ab.globo.com/v2/ 249 B
813 B 608ms
529ms XHR
application/json 34.95.229.88
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://globo-ab.globo.com/v2/selected-alternatives?skipImpressions=true&experiments=gshow-tp-bottom-v2

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.0/globo-ab.min.js?loading-agent=global-webdeps

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.95.229.88 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

88.229.95.34.bc.googleusercontent.com

Software

Resource Hash

c72b97acef2504dfff6fa93c60b549077fd0eb40637236c8282f42c994504ffe

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
strict-transport-security: max-age=300; includeSubDomains
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://gshow.globo.com
access-control-allow-credentials: true
trace-id: 52f2de9ed09ab447
access-control-allow-headers: user,User-Agent,Content-Type,GLBUID,GLBID,GLBEXP,x-client-user-agent,x-client-version,x-device-id,x-platform-id,x-canonical-uri,GLOBO_ID

OPTIONS
H2 204 logged
cocoon.globo.com/v2/user/ Frame 0
0 1276ms
867ms Preflight 35.244.153.86
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cocoon.globo.com/v2/user/logged
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.86 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 86.153.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: POST
Origin: https://gshow.globo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://gshow.globo.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Sep 2023 01:53:53 GMT
server: nginx
via: 1.1 google

GET
H2 200 login.css
s.glbimg.com/pc/ca/ 846 B
922 B 286ms
277ms Stylesheet
text/css 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/ca/login.css

Requested by

Host: s.glbimg.com
URL: https://s.glbimg.com/pc/ca/cadun.js?loading-agent=global-webdeps

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

d3decc75ba01ec53d1204eee13646967c5ec5ae009d0172ff3a06d38e0c8ef44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-location-rule: barra-gcs
date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 2.0 CachOS
x-bip: 32898003 cmah19lx17ca02.globoi.com
age: 1157
x-cache-status: HIT
content-length: 419
x-xss-protection: 1; mode=block
x-request-id: 3436b573-9953-42e2-afb7-df8ba30d2dfd
last-modified: Fri, 11 Nov 2022 21:56:44 GMT
x-thanos: 0A819C63
etag: W/"263666896930a877f4ad09cc6d6e75ea"
vary: Accept-Encoding, Origin
x-served-from: estaticos-gcp-prod
content-type: text/css; charset=utf-8
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Fri, 22 Sep 2023 01:34:35 GMT

POST
H3 200 logged Show response
cocoon.globo.com/v2/user/ 187 B
208 B 1296ms
923ms XHR
application/json 35.244.153.86
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cocoon.globo.com/v2/user/logged
Requested by: Host: s.glbimg.com
URL: https://s.glbimg.com/pc/ca/cadun.js?loading-agent=global-webdeps
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.153.86 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 86.153.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6d1ba7ff82d4245cf11c3b8853e6f53885f8ba2f464ad803c1911ef883100322

Request headers

Referer: https://gshow.globo.com/
X-Requested-With: XMLHttpRequest
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:55 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
access-control-allow-origin: https://gshow.globo.com
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
content-length: 187
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 container.html Show response
6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 781A 6 KB
3 KB 369ms
86ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31078044

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gshow.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 01:53:53 GMT
expires: Fri, 20 Sep 2024 01:53:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 horizon-pageview
horizon.globo.com/auth-session/activity/gshow/ 0
373 B 802ms
337ms Image
text/plain 35.211.79.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horizon.globo.com/auth-session/activity/gshow/horizon-pageview?object=http%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&Referrer=&tags=materia%252Cmulti-content%252Cnovelas%252Fmundo-de-novela&client_version=0.3.11

Requested by

Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.211.79.33 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

33.79.211.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
strict-transport-security: max-age=60
content-length: 0
x-served-from: hzt-tsuru
content-type: text/plain; charset=UTF-8

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 720ms
343ms Image
image/gif 44.196.12.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=gshow.globo.com&p=%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&u=D-qTUdCc4f9vgFsoL&d=gshow.globo.com&g=65728&g0=GSHOW%2CNovelas%2CMundo%20de%20novela%2Cmateria&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=8811&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&b=6839&t=BHt0c7Bs3czVCPt0yeCMwS80CZqbN&V=141&i=Hercai%3A%20Amor%20e%20Vingan%C3%A7a%3B%20novela%20turca%20estreia%20no%20Globoplay%20%7C%20Mundo%20de%20novela%20%7C%20gshow&tz=-120&sn=1&sv=_ApgvCGOjmqizJ0nD4btcMDSS9aU&sd=1&im=067b9fff&_
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.12.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-12-222.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 21 Sep 2023 01:53:53 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
BLOB 200
OK 4629ed08-0fe3-4158-a6c0-723cca573972
https://gshow.globo.com/ 51 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://gshow.globo.com/4629ed08-0fe3-4158-a6c0-723cca573972
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b3974deab9eb5e48e5d66b3f37c0c8edaa15d4208e1e3b6451a33182ead9860

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 52052
Content-Type: text/javascript

GET
H2 200 b Show response
b.t.tailtarget.com/ 146 B
578 B 156ms
155ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-12842-2&tY=1&tS=1&tU=0100007F30A20B6538072F7902F2AF16&tX=b.52&tZ=91134115&env=_ttq_ttGlobo
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 3d85695016f2a420865eea1178fe8fb46702babb243e950b4d34e83773651875

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 57ms
57ms Image
image/gif 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1968325864&t=event&_s=2&dl=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&ul=en-us&de=UTF-8&dt=Hercai%3A%20Amor%20e%20Vingan%C3%A7a%3B%20novela%20turca%20estreia%20no%20Globoplay%20%7C%20Mundo%20de%20novela%20%7C%20gshow&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=debug-ab-3.0.14&ea=gshow-mc-video-immersive-lightbox-v1&el=choose.fail.%7B%22type%22%3A%22timeout%22%2C%22status%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fglobo-ab.globo.com%2Fv2%2Fselected-alternatives%3FskipImpressions%3Dtrue%26experiments%3Dgshow-mc-video-immersive-lightbox-v1%22%2C%22timeout%22%3A1000%2C%22msg%22%3A%22%22%7D&_u=aADAAEABAAAAACgAIAC~&jid=&gjid=&cid=1046947086.1695261230&tid=UA-6912161-21&_gid=1201443480.1695261230&z=1743233783

Requested by

Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 04:47:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75997
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 680ms
78ms XHR
application/json 104.16.86.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230921

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/11366_gshow.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fd6b812d56865b9c24a9ed4492c49396d63b1807c8b217235505d0b1afb0b40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 35569
x-jsd-version: 1.0.1819
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-jnb7022-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"639-zUoBAJPuyqTAmrklzHFFxrwoC3M"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KHTYv3%2BHJ4RyupQhUg0aJDOtMNmQeuihV687d0cBglw2IHesOsZ%2BpJW5XymvpLF2TkClvh3wUS309sdOuBSNBkCzbbP0XTQQNKrwzk6bSC%2FLT3Uv8tapOvWIjRAQqZNXrj4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 809ead550dc724c0-ZRH

GET
H2 200 fn-common.min.js Show response
s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/common/1.1.0/ 14 KB
6 KB 320ms
317ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/common/1.1.0/fn-common.min.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/client/1.1.9/fn-cdn-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 7c4bce80d6d6519334f8236b1343cc317054b751ad9a540b3ac840f064f7adca

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx391941f16e584acda8614-00644a8d0b
last-modified: Mon, 20 Jun 2022 19:23:31 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1655753010.82716
cache-control: public, max-age=311040000
x-trans-id: tx391941f16e584acda8614-00644a8d0b
x-request-id: 4306b535-6d27-49d6-9b3b-cd23fef54322

GET
H2 200 fn-common-spritesheet-icons.min.svg Show response
s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/common/1.1.0/ 3 KB
2 KB 317ms
314ms Fetch
image/svg+xml 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/common/1.1.0/fn-common-spritesheet-icons.min.svg
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/client/1.1.9/fn-cdn-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 430fb785269052d908a5fb8184d94ba5e047f240a420ce88fc1fb6e74a286a55

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx67c076ec99914f9ea4530-0062b0c97e
last-modified: Mon, 20 Jun 2022 19:23:10 GMT
x-thanos: 0A8250E3
vary: Accept-Encoding, Origin
content-type: image/svg+xml
access-control-allow-origin: https://gshow.globo.com
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp: 1655752989.99752
cache-control: public, max-age=155520000
x-trans-id: tx67c076ec99914f9ea4530-0062b0c97e
x-request-id: 7b80aa5c-3b52-4f3c-8621-a41c73fa0080

GET
H2 200 fn-search-desktop.min.js Show response
s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/search/1.1.0/ 20 KB
6 KB 325ms
322ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/search/1.1.0/fn-search-desktop.min.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/client/1.1.9/fn-cdn-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 1cb5c8c391554c673fe25af67c9d2265b0a357ec8dc74a981dee5d61dfb32906

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx74ed33c7145a4e0aa53d0-006458f236
last-modified: Fri, 28 Apr 2023 15:06:08 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1682694367.64139
cache-control: public, max-age=155520000
x-trans-id: tx74ed33c7145a4e0aa53d0-006458f236
x-request-id: e229f775-79af-4f16-85b1-5afd09cc91f7

GET
H2 200 fn-search-desktop.min.css
s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/search/1.1.0/ 7 KB
2 KB 320ms
317ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/search/1.1.0/fn-search-desktop.min.css
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/client/1.1.9/fn-cdn-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: b46942abb3f27ffb3f342f1f8c1fc61acc3046362e7cc3f0dd9462177258c3e1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx8a6edecad3524baa98b57-006458f236
last-modified: Fri, 28 Apr 2023 15:06:04 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1682694363.16900
cache-control: public, max-age=155520000
x-trans-id: tx8a6edecad3524baa98b57-006458f236
x-request-id: 72082426-9089-40bc-b405-b83494897673

GET
H2 200 fn-menu.min.css
s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/menu/0.5.4/ 10 KB
2 KB 321ms
319ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/menu/0.5.4/fn-menu.min.css
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/client/1.1.9/fn-cdn-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 5804ca869a4085ce7e8010df4c465eadada561d257df9a1ddbd63d6d8b507479

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: txcf7f0ac1cf2a4124a7624-0064d63b2c
last-modified: Fri, 11 Aug 2023 13:01:40 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1691758899.41391
cache-control: public, max-age=155520000
x-trans-id: txcf7f0ac1cf2a4124a7624-0064d63b2c
x-request-id: 1a8973f2-ea4c-429d-acc6-25f2b815bee4

GET
H2 200 fn-menu.min.js Show response
s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/menu/0.5.4/ 11 KB
5 KB 312ms
310ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/menu/0.5.4/fn-menu.min.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/client/1.1.9/fn-cdn-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 2dd055a45a158881e82d9b2bca48eeca91687ff44b64e70fb176ff1aa7d248b1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: tx1594d630fe7b4752a36f7-0064d633e5
last-modified: Fri, 11 Aug 2023 13:01:46 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1691758905.55294
cache-control: public, max-age=155520000
x-trans-id: tx1594d630fe7b4752a36f7-0064d633e5
x-request-id: ff1dba50-a52a-4e4e-9c4d-800470d52ab9

GET
H2 200 fn-header-desktop.min.js Show response
s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/header/1.1.3/ 19 KB
6 KB 313ms
311ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/header/1.1.3/fn-header-desktop.min.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/client/1.1.9/fn-cdn-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: c5bbd51a4f0135f611f516edc2e193bc8d83be735909697af4791db6d95a1a45

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: txf2723c17fc4b419080efd-00649ace6a
last-modified: Mon, 26 Jun 2023 23:51:25 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1687823484.11817
cache-control: public, max-age=155520000
x-trans-id: txf2723c17fc4b419080efd-00649ace6a
x-request-id: 9a77175c-036d-4645-95de-3e26b33529e2

GET
H2 200 fn-header-desktop.min.css
s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/header/1.1.3/ 13 KB
3 KB 311ms
309ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/header/1.1.3/fn-header-desktop.min.css
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/client/1.1.9/fn-cdn-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 0dc487084d88f0b36f6d01be27e062acec8bc25c11ce70547ba872ae144d77a0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: gzip
x-openstack-request-id: txe1fabd1fd77f4b899bf67-00649ace6a
last-modified: Mon, 26 Jun 2023 23:51:21 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1687823480.16779
cache-control: public, max-age=155520000
x-trans-id: txe1fabd1fd77f4b899bf67-00649ace6a
x-request-id: 6800ceb4-e0c2-4e37-b337-4261415ae2f1

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.10/ 57 KB
20 KB 51ms
50ms Script
application/javascript 13.107.213.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.10/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/6bzo30tuuk?ref=gtm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.213.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:52 GMT
content-encoding: br
last-modified: Wed, 20 Sep 2023 10:54:15 GMT
x-azure-ref-originshield: 0W5wLZQAAAAD5wbCwjffYTbI8ij9KXfeiRlJBMjMxMDUwNDE4MDM1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "0x8DBB9C7EECE7CB6"
x-azure-ref: 0MKILZQAAAACDpB04YhivRZ5geZDilmryWlJIRURHRTEzMDcANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: f6ae76eb-d01e-0055-52d5-eb3e50000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&rid=esp&cc=1

85 B
203 B

161ms
160ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&rid=esp&cc=1
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 7eec4e6795a21c73debdf12ae3270ea8f4424a4d905ad8e795ed228826d1b815

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-xGTQOhgvZNSbsN5ZRaq9A8mRdLM"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gshow.globo.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Thu, 21 Sep 2023 01:53:53 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://gshow.globo.com
location: /esp?url=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 container.html Show response
6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7DF7 6 KB
3 KB 244ms
105ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31078044

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gshow.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 01:53:53 GMT
expires: Fri, 20 Sep 2024 01:53:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 schemas Show response
horizon-schemas.globo.com/ 144 KB
14 KB 1270ms
559ms XHR
application/json 186.192.81.117
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://horizon-schemas.globo.com/schemas
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_ba8e460c944543468c3c80cb9675751f/libs/horizon/1.10.0/globocom-horizon.min.js?loading-agent=global-webdeps
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.81.117 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-81-117.prt.globo.com
Software: /
Resource Hash: ac121a04ee29cdc5c52c004c59aec3d9e06d82148568c810e15d192fd652623c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
content-encoding: gzip
via: 2.0 CachOS
x-bip: 74687090 cmah25lx23ca01.globoi.com
age: 6385
content-length: 13618
x-request-id: 8c91f227-999b-4c3b-93cc-dfb5489707d2
x-thanos: 0A825C07
vary: Accept-Encoding, X-Forwarded-Proto, Accept-Encoding, Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://gshow.globo.com
cache-control: max-age=7200, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: user,User-Agent,Content-Type,GLBID,GLBUID,GST

GET
H2 200 videos-mc-shadow Show response
recomendacao.globo.com/rec/v2/item/gshow/ 33 KB
6 KB 334ms
333ms Fetch
application/json 35.198.42.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://recomendacao.globo.com/rec/v2/item/gshow/videos-mc-shadow?limit=10&registerImpression=false

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/abdef33f115b0d3dc9c16b383d561679.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.198.42.85 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.42.198.35.bc.googleusercontent.com

Software

Resource Hash

af8df8caeae1d89f0fca50e198c18eaa228f82e38338fbf3abb6a341d4044a14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
content-encoding: gzip
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
vary: Accept-Encoding, Origin
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://gshow.globo.com
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 minipost Show response
recomendacao.globo.com/rec/v2/item/gshow/ 13 KB
3 KB 1786ms
1073ms Fetch
application/json 35.198.42.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://recomendacao.globo.com/rec/v2/item/gshow/minipost?limit=3&registerImpression=false&url=https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/abdef33f115b0d3dc9c16b383d561679.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.198.42.85 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.42.198.35.bc.googleusercontent.com

Software

Resource Hash

6106f4a1c82a3a1abfb279b5c6776b6e412b6caf078ef7c14c0bf43ff9773af8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:54 GMT
content-encoding: gzip
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
vary: Accept-Encoding, Origin
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://gshow.globo.com
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 virginia-380813546-18403663537007563-5628683566106555842-n.jpg
s2.glbimg.com/XS_HWx_MO90a4NqnzqMX3PFWhNQ=/320x184/top/smart/i.s3.glbimg.com/v1/AUTH_e84042ef78cb4708aeebdf1c68c6cbd6/internal_photos/bs/2023/b/F/AKP465TSu5c2lk3HOGjA/ 7 KB
7 KB 352ms
288ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/XS_HWx_MO90a4NqnzqMX3PFWhNQ=/320x184/top/smart/i.s3.glbimg.com/v1/AUTH_e84042ef78cb4708aeebdf1c68c6cbd6/internal_photos/bs/2023/b/F/AKP465TSu5c2lk3HOGjA/virginia-380813546-18403663537007563-5628683566106555842-n.jpg
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: faaac3c67eaf3bcdacc70ea40c1e37abf00804b1d8f7218c4b36a859365f4357

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
via: 2.0 CachOS
x-bip: 24019398 cmah25lx27ca02.globoi.com
age: 24045
x-cache-server: thumbor/nginx-cache
content-length: 6726
x-cached: MISS
x-request-id: b9061391-a3e5-4395-be4f-f7bc91a67037
x-forwarded-host: s2.glbimg.com
x-thanos: 0A825C09
etag: "be20171d4b3d28567817bbbc4b7931c60859facd"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Fri, 20 Oct 2023 19:13:08 GMT

GET
H2 200 11957114
s2.glbimg.com/A0jaVJT8QybAk98MeUGz0aRGGEI=/320x184/top/smart/s01.video.glbimg.com/deo/vi/14/71/ 9 KB
10 KB 574ms
511ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/A0jaVJT8QybAk98MeUGz0aRGGEI=/320x184/top/smart/s01.video.glbimg.com/deo/vi/14/71/11957114
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: b389203bfe97a07dfd66d477970cf4f4c6e88bf2712b83c2d56819ac0595522d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
via: 2.0 CachOS
x-bip: 16872388 cmah25lx27ca02.globoi.com
age: 23406
x-cache-server: thumbor/nginx-cache
content-length: 9716
x-cached: MISS
x-request-id: 983bf028-b0fb-4f52-bf98-0aebc59c8ddb
x-forwarded-host: s2.glbimg.com
x-thanos: 0A825C09
etag: "956b74670195d3de13c9d0518f4f5819c7ad3a34"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Fri, 20 Oct 2023 19:23:46 GMT

GET
H2 200 377775441-18391387780008972-2109810386176578029-n.jpg
s2.glbimg.com/XpuIjhhKW_87V4QmUgNaSxLMFhg=/320x184/top/smart/i.s3.glbimg.com/v1/AUTH_e84042ef78cb4708aeebdf1c68c6cbd6/internal_photos/bs/2023/P/B/dVPDuiSRKBuJw738lDag/ 14 KB
14 KB 698ms
635ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/XpuIjhhKW_87V4QmUgNaSxLMFhg=/320x184/top/smart/i.s3.glbimg.com/v1/AUTH_e84042ef78cb4708aeebdf1c68c6cbd6/internal_photos/bs/2023/P/B/dVPDuiSRKBuJw738lDag/377775441-18391387780008972-2109810386176578029-n.jpg
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: b5823768ee5dbe764198e1a40c5ec7b5ca705c1378a582ab5f8cfd8665dde5d5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
via: 2.0 CachOS
x-bip: 22857299 cmah25lx27ca02.globoi.com
age: 23406
x-cache-server: thumbor/nginx-cache
content-length: 14376
x-cached: MISS
x-request-id: 7bcb3a82-d8de-4c6e-98fe-f60a68669dbf
x-forwarded-host: s2.glbimg.com
x-thanos: 0A825C09
etag: "60488f039de6250fcc20f0412cb4063392998fd7"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Fri, 20 Oct 2023 19:23:46 GMT

GET
H2 200 marcelino-jesus-3.jpg
s2.glbimg.com/Ypd5x6QwzQ5n4L9V_qeJgeVKiek=/320x184/top/smart/i.s3.glbimg.com/v1/AUTH_e84042ef78cb4708aeebdf1c68c6cbd6/internal_photos/bs/2023/i/l/sFVessRHeKloMAQM5XTw/ 4 KB
5 KB 866ms
804ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/Ypd5x6QwzQ5n4L9V_qeJgeVKiek=/320x184/top/smart/i.s3.glbimg.com/v1/AUTH_e84042ef78cb4708aeebdf1c68c6cbd6/internal_photos/bs/2023/i/l/sFVessRHeKloMAQM5XTw/marcelino-jesus-3.jpg
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 3a09d55202f3a4c7c50f795a8be0edd92e632b8c7b991d2f25dbf5ad48803b0c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
via: 2.0 CachOS
x-bip: 22687855 cmah25lx27ca02.globoi.com
age: 19172
x-cache-server: thumbor/nginx-cache
content-length: 4360
x-cached: MISS
x-request-id: 64367452-e204-412f-8f6c-208616eca97d
x-forwarded-host: s2.glbimg.com
x-thanos: 0A825C09
etag: "77cd1f3c4ae9c1049925616c453c174f3508f401"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Fri, 20 Oct 2023 20:34:20 GMT

GET
H2 200 11956565
s2.glbimg.com/Lhk-lTEpaqzYJFqy-bLJ9pknMEw=/320x184/top/smart/s01.video.glbimg.com/deo/vi/65/65/ 11 KB
11 KB 388ms
348ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/Lhk-lTEpaqzYJFqy-bLJ9pknMEw=/320x184/top/smart/s01.video.glbimg.com/deo/vi/65/65/11956565
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 24c2db886755889f62a3b8d520bc9412249dc26c130d228f04b46debcb6a9fd9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
via: 2.0 CachOS
x-bip: 21723271 cmah25lx27ca02.globoi.com
age: 24045
x-cache-server: thumbor/nginx-cache
content-length: 10834
x-cached: MISS
x-request-id: fc02eb56-825f-4cc5-90e4-738048392676
x-forwarded-host: s2.glbimg.com
x-thanos: 0A825C09
etag: "656ab57b827f6154ce23472ad488339bdb291157"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Fri, 20 Oct 2023 19:13:08 GMT

GET
H2 200 emoji-tudomais.png
s3.glbimg.com/v1/AUTH_1c3ee56c57864e2b9a34135c5ee67caf/gshow/emojis/ 10 KB
10 KB 292ms
290ms Image
image/png 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.glbimg.com/v1/AUTH_1c3ee56c57864e2b9a34135c5ee67caf/gshow/emojis/emoji-tudomais.png
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 67dbbc65ceb136b3782af0c328fc708eef8ad354de00714f0b6c51f6576e07b8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
x-openstack-request-id: tx7cdfeb55f06b4df3b7bcc-00650ba1e1
last-modified: Thu, 28 Oct 2021 15:51:08 GMT
x-thanos: 0A865013
etag: 543ea504301c6fe8164e8c566dc6ce91
vary: Accept-Encoding, Origin
content-type: image/png
x-timestamp: 1635436267.78627
cache-control: public, max-age=180
accept-ranges: bytes
content-length: 10177
x-trans-id: tx7cdfeb55f06b4df3b7bcc-00650ba1e1
x-request-id: bf0f8e7f-f7c7-4603-8ac7-1a0f69b2e5f0

GET
H2 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
517 B 176ms
176ms Image
image/gif 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=6.363486600130003

Requested by

Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f14.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-veA7o6IEQ4rnL5t__CCDwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
content-security-policy: script-src 'report-sample' 'nonce-veA7o6IEQ4rnL5t__CCDwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
253 B 209ms
208ms Image
image/gif 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=6.400312884095888

Requested by

Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f14.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-J5_l0kqMST2H5nPxRQ9c-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
content-security-policy: script-src 'report-sample' 'nonce-J5_l0kqMST2H5nPxRQ9c-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4DC0 6 KB
3 KB 52ms
51ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31078044

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gshow.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 01:53:53 GMT
expires: Fri, 20 Sep 2024 01:53:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 781A 24 KB
7 KB 827ms
73ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com
URL: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 07:30:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 152579
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Sep 2024 07:30:54 GMT

GET
H2 200 17970837369999524197
tpc.googlesyndication.com/simgad/ Frame 781A 11 KB
11 KB 1614ms
861ms Image
image/png 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17970837369999524197?

Requested by

Host: 6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com
URL: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

c916cbcf825cece792688f4a4a1bb4ee7dd317861b55d9ddd5e7e97219d9aedb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 18:01:11 GMT
x-content-type-options: nosniff
age: 201162
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11391
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 17:20:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 17 Sep 2024 18:01:11 GMT

GET
H2 200 15646015062792372035
tpc.googlesyndication.com/simgad/ Frame 781A 412 B
717 B 1613ms
860ms Image
image/png 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15646015062792372035?

Requested by

Host: 6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com
URL: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

ea3b75fdd7b0cb63e2b29fb54c5438d3bf60c2eeabedb0db490243cd1d3a4416

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:22:11 GMT
x-content-type-options: nosniff
age: 466302
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 412
x-xss-protection: 0
last-modified: Fri, 17 Feb 2023 19:38:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 14 Sep 2024 16:22:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 781A 182 KB
57 KB 832ms
68ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com
URL: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 01:53:53 GMT

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 285 B
559 B 666ms
147ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: a41876d9e29973a0c90022bee13e3fa7cbfdd58802f6e67aebd15ad873a859f5

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: cd15c5040da305b962aeb0bffc05f419
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With
content-length: 285
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 bold.woff2
s3.glbimg.com/cdn/fonts/opensans/ 10 KB
11 KB 281ms
281ms Font
application/octet-stream 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/fonts/opensans/bold.woff2
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/menu/0.5.4/fn-menu.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: c7c63b43903d698f7c8b28360ce19c81b574db3288a8db01a29ac72ffba1327b

Request headers

Referer: https://s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/menu/0.5.4/fn-menu.min.css
Origin: https://gshow.globo.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
x-openstack-request-id: tx97786c6ddaa04fd78901c-006478b8d7
last-modified: Tue, 25 Jun 2019 17:35:22 GMT
x-thanos: 0A8250E3
etag: 8593a5a07cf620d4512fcb71cbcd07a6
vary: Accept-Encoding, Origin
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp: 1561484121.35690
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 10284
x-trans-id: tx97786c6ddaa04fd78901c-006478b8d7
x-request-id: 1a7e6d5f-ec09-4716-8eda-09eb5fae4b86

GET
H2 200 regular.woff2
s3.glbimg.com/cdn/fonts/opensans/ 10 KB
11 KB 556ms
556ms Font
application/octet-stream 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/fonts/opensans/regular.woff2
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/menu/0.5.4/fn-menu.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7

Request headers

Referer: https://s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/menu/0.5.4/fn-menu.min.css
Origin: https://gshow.globo.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
x-openstack-request-id: txe5bf3500e1454c589fe8d-00632c5cb7
last-modified: Tue, 25 Jun 2019 17:36:35 GMT
x-thanos: 0A8250E3
etag: 4124088fdd8c315a6d096b65b6cbf428
vary: Accept-Encoding, Origin
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp: 1561484194.26376
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 10352
x-trans-id: txe5bf3500e1454c589fe8d-00632c5cb7
x-request-id: 3d1f9b32-b17d-4841-b174-fef8f3761e83

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
129 B 60ms
60ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by: Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 07e52aa4112a14afa12f583cdde26ecc4a621218edf1347ec2dd7418373ca21d

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://gshow.globo.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111

GET
H2 200 ca Show response
tt-12842-2.seg.t.tailtarget.com/ 79 B
340 B 169ms
150ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-12842-2.seg.t.tailtarget.com/ca?tZ=908739253&env=_ttq_ttGlobo
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 3d448477b67dbd9f58e69b22832cc68393c4ee72293aa8a7c1b0e87d75467ca7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
324 B 583ms
117ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://gshow.globo.com
date: Thu, 21 Sep 2023 01:53:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/ Frame 7DF7 23 KB
9 KB 1550ms
859ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/abg_lite_fy2021.js

Requested by

Host: 6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com
URL: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 19:56:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 19:56:55 GMT

GET
H2 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame 7DF7 109 KB
38 KB 933ms
109ms Script
text/javascript 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
Origin: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 03:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80383
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 03:34:11 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7DF7 24 KB
6 KB 813ms
123ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com
URL: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 07:30:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 152579
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Sep 2024 07:30:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7DF7 182 KB
57 KB 1814ms
1115ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com
URL: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 01:53:53 GMT

POST
H/1.1 204
No Content collect Show response
y.clarity.ms/ 0
295 B 844ms
253ms XHR
text/plain 104.211.35.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://y.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.211.35.148 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://gshow.globo.com
Date: Thu, 21 Sep 2023 01:53:54 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 235 B
694 B 645ms
184ms XHR
application/json 54.171.14.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.14.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-14-223.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 3f99adcc500b48d537c168359c23ee7b7e6d485b265219f283c85c1f3358dec7

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:53:53 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://gshow.globo.com
cache-control: no-cache
x-server: 10.45.3.80
access-control-allow-credentials: true
content-length: 235
expires: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/ Frame 4DC0 23 KB
9 KB 966ms
307ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/abg_lite_fy2021.js

Requested by

Host: 6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com
URL: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 19:56:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 19:56:55 GMT

GET
H2 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame 4DC0 109 KB
38 KB 1554ms
764ms Script
text/javascript 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
Origin: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 03:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80383
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 03:34:11 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4DC0 24 KB
6 KB 735ms
79ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com
URL: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 07:30:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 152579
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Sep 2024 07:30:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4DC0 182 KB
57 KB 1777ms
1110ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com
URL: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 01:53:53 GMT

GET
DATA 200
OK truncated
/ 203 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3152d2e11040b6f612408cbd83dcf06309b391a66a914d19bb73fe319c7d6a9e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 204 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ffa236ef255768221883891f6972f553182fa76515c55bd7cdf41f5a35e7b679

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 light.woff2
s3.glbimg.com/cdn/fonts/opensans/ 10 KB
10 KB 477ms
476ms Font
application/octet-stream 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/fonts/opensans/light.woff2
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/menu/0.5.4/fn-menu.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: a51690a59260fd30a04d20955e8e5432f7f05f90c13f04c953789d67548a66b8

Request headers

Referer: https://s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/menu/0.5.4/fn-menu.min.css
Origin: https://gshow.globo.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
x-openstack-request-id: tx04084090a746489d8a130-006478b8d9
last-modified: Tue, 25 Jun 2019 17:36:08 GMT
x-thanos: 0A8250E3
etag: 98b6233d6ac91b3538d60fee0ce3393b
vary: Accept-Encoding, Origin
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp: 1561484167.30297
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 10200
x-trans-id: tx04084090a746489d8a130-006478b8d9
x-request-id: 1cfd8e6e-2d11-4800-a3a1-c54b734f332e

GET
H2 200 suggest Show response
gshow.globo.com/busca/ 196 B
513 B 579ms
578ms XHR
application/json 186.192.81.35
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://gshow.globo.com/busca/suggest?score=true&size=3&measure_featured_content_click=true
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/cdn/libs/jquery/1.8.3/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.81.35 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-81-35.prt.globo.com
Software: /
Resource Hash: 53776ce125223514633d55cfcb3537f77d40978f9cb3880a60dffef5f619c6b8

Request headers

Accept: */*
Referer: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
X-Requested-With: XMLHttpRequest
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
content-encoding: gzip
via: 2.0 CachOS
x-bip: 4178410 cmah15lx26ca03.globoi.com
age: 0
x-thanos: 0A83DC25
etag: W/"008499a0d31cd5c5f0500e0586c9a5cdb1d0274b"
x-served-from: rpaas-router-gshow-gcp-prod
vary: X-Forwarded-Proto, User-Agent, Accept-Encoding
content-type: application/json; charset=UTF-8
cache-control: max-age=300
accept-ranges: bytes
content-length: 133
x-request-id: 3d58a442-6562-4705-a84c-bf7e38750255
expires: Thu, 21 Sep 2023 01:58:53 GMT

GET
H2 200 regular.woff2
s3.glbimg.com/cdn/fonts/proximanova/ 20 KB
21 KB 555ms
554ms Font
application/font-woff2 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/fonts/proximanova/regular.woff2
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 961d2527913673b9488d10ca5f8ceb13ad768457a5918d1595b9fafbd8ad08a3

Request headers

Referer: https://gshow.globo.com/
Origin: https://gshow.globo.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
x-openstack-request-id: tx37d584111bd947bea2129-006478b8d8
last-modified: Tue, 25 Jun 2019 17:42:57 GMT
x-thanos: 0A8250E3
etag: a28c6bf751afd0731507d904609fe5da
vary: Accept-Encoding, Origin
content-type: application/font-woff2
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp: 1561484576.57450
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 20904
x-trans-id: tx37d584111bd947bea2129-006478b8d8
x-request-id: 3d63f77e-f3b7-4d0a-b887-46487d569fac

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8324 15 KB
6 KB 1311ms
523ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=gshow.globo.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://gshow.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 01:53:53 GMT
server: Kestrel
server-processing-duration-in-ticks: 265377
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 204 AGSKWxVNmVA8iPUvJvOk5P8UIscoc281K9ukb447E09_of2PKGiuEEVPPtdTyXnuRh1YiwwSqjggPp5dIANmBTLuGppvXYksAWhSlDwvo4S7j1OaDgYoeo9137k6TpCobAVa7xICpJo= Show response
fundingchoicesmessages.google.com/el/ 0
1 KB 1560ms
253ms XHR
text/html 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVNmVA8iPUvJvOk5P8UIscoc281K9ukb447E09_of2PKGiuEEVPPtdTyXnuRh1YiwwSqjggPp5dIANmBTLuGppvXYksAWhSlDwvo4S7j1OaDgYoeo9137k6TpCobAVa7xICpJo=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gg3mVNVh9it5IuWQAd6rnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Sep 2023 01:53:54 GMT
content-security-policy: script-src 'report-sample' 'nonce-gg3mVNVh9it5IuWQAd6rnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://gshow.globo.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 11961570
s2.glbimg.com/K7QGz4OAGbCidSClQi2_VRYYxJo=/188x106/top/smart/filters:max_age(3600)/https://s01.video.glbimg.com/deo/vi/70/15/ 3 KB
3 KB 358ms
355ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/K7QGz4OAGbCidSClQi2_VRYYxJo=/188x106/top/smart/filters:max_age(3600)/https://s01.video.glbimg.com/deo/vi/70/15/11961570
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: fd74c8189b8a4f25c543173ab9c5a74ca4d1d3d7d3d9e16e0f7ee5d725e4d44d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
via: 2.0 CachOS
x-bip: 23567395 cmah25lx27ca02.globoi.com
age: 644
x-cache-server: thumbor/nginx-cache
content-length: 2590
x-cached: HIT
x-request-id: d30561ef-2775-4d7e-9435-883c6b1dc5c4
x-forwarded-host: s2.glbimg.com
x-thanos: 0A825C09
etag: "783abe34a4c1c6965ba22aa9b6bf011671f8e97f"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=3600,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 21 Sep 2023 02:22:30 GMT

GET
H2 200 11963063
s2.glbimg.com/PnM_ivQf-F3T_Bi-38t87bCTcwY=/188x106/top/smart/filters:max_age(3600)/https://s01.video.glbimg.com/deo/vi/63/30/ 2 KB
2 KB 358ms
356ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/PnM_ivQf-F3T_Bi-38t87bCTcwY=/188x106/top/smart/filters:max_age(3600)/https://s01.video.glbimg.com/deo/vi/63/30/11963063
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 2bdb772630106dff0280e2ec4713874d9ac7c99be0727c16cc2f7fddf465ed1a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
via: 2.0 CachOS
x-bip: 22334392 cmah25lx27ca02.globoi.com
age: 578
x-cache-server: thumbor/nginx-cache
content-length: 1750
x-cached: HIT
x-request-id: 7050fdae-add8-48b5-9c7d-0bed25d7724a
x-forwarded-host: s2.glbimg.com
x-thanos: 0A825C09
etag: "f31bcb8f58db617a7a9fa45c918f4e531a39eb3f"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=3600,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 21 Sep 2023 02:42:01 GMT

GET
H2 200 11963059
s2.glbimg.com/uH1SUxvnyxdgwhe7FW3co3pW2rY=/188x106/top/smart/filters:max_age(3600)/https://s01.video.glbimg.com/deo/vi/59/30/ 2 KB
3 KB 359ms
357ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/uH1SUxvnyxdgwhe7FW3co3pW2rY=/188x106/top/smart/filters:max_age(3600)/https://s01.video.glbimg.com/deo/vi/59/30/11963059
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 90a5778e6ad226ac5daa809b322eb69071cc143fe4b93742b9e52d56cda16854

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
via: 2.0 CachOS
x-bip: 11499558 cmah25lx27ca02.globoi.com
age: 578
x-cache-server: thumbor/nginx-cache
content-length: 2338
x-cached: HIT
x-request-id: bc9cddb4-18cc-4c4b-860b-2d071022f9b1
x-forwarded-host: s2.glbimg.com
x-thanos: 0A825C09
etag: "d8cf1541f8ed8f88768f766661709a702c246e0b"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=3600,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 21 Sep 2023 02:43:21 GMT

GET
H2 200 11962596
s2.glbimg.com/Hri8sh_K-_tCV4xbxRxPh1FT1n4=/188x106/top/smart/filters:max_age(3600)/https://s01.video.glbimg.com/deo/vi/96/25/ 2 KB
3 KB 303ms
285ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/Hri8sh_K-_tCV4xbxRxPh1FT1n4=/188x106/top/smart/filters:max_age(3600)/https://s01.video.glbimg.com/deo/vi/96/25/11962596
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: c8adce3d01eea5559c2afd2dc58bd20aea0c5c8b04057d301599fa6c19c03cb4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
via: 2.0 CachOS
x-bip: 21821193 cmah25lx27ca02.globoi.com
age: 524
x-cache-server: thumbor/nginx-cache
content-length: 2310
x-cached: HIT
x-request-id: 48eb4ad4-6517-41e0-b9fc-26d784b6ff6f
x-forwarded-host: s2.glbimg.com
x-thanos: 0A825C09
etag: "f3494137257590f71a90ac6d55c23b6547b4c5db"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=3600,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 21 Sep 2023 02:43:34 GMT

GET
H2 200 11963058
s2.glbimg.com/ZlZDdFaz6gHLFLvUh7B4zuCMKDk=/188x106/top/smart/filters:max_age(3600)/https://s01.video.glbimg.com/deo/vi/58/30/ 5 KB
5 KB 845ms
845ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/ZlZDdFaz6gHLFLvUh7B4zuCMKDk=/188x106/top/smart/filters:max_age(3600)/https://s01.video.glbimg.com/deo/vi/58/30/11963058
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 305c29b47e5019cc905893a2004f5d4784d80798eda7f79d7472841619823d82

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:54 GMT
via: 2.0 CachOS
x-bip: 21821196 cmah25lx27ca02.globoi.com
age: 579
x-cache-server: thumbor/nginx-cache
content-length: 4874
x-cached: HIT
x-request-id: 63d2db57-e836-4ec6-a05e-da6532e8fce0
x-forwarded-host: s2.glbimg.com
x-thanos: 0A825C09
etag: "188c71871264226398c170e61c2bf05bf9873ed4"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=3600,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 21 Sep 2023 02:43:26 GMT

GET
H2 200 11962567
s2.glbimg.com/hC0UwBrh1he_Qf3LddMih0hWANg=/188x106/top/smart/filters:max_age(3600)/https://s01.video.glbimg.com/deo/vi/67/25/ 5 KB
5 KB 821ms
820ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/hC0UwBrh1he_Qf3LddMih0hWANg=/188x106/top/smart/filters:max_age(3600)/https://s01.video.glbimg.com/deo/vi/67/25/11962567
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: fb7869c4e2517187da082c8830377e78f95bb7b096f5051eb7dd9cf7b17ff664

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:54 GMT
via: 2.0 CachOS
x-bip: 18249930 cmah25lx27ca02.globoi.com
age: 1823
x-cache-server: thumbor/nginx-cache
content-length: 5208
x-cached: HIT
x-request-id: 33d8e540-5c2c-41c9-ba45-e8314a743c6a
x-forwarded-host: s2.glbimg.com
x-thanos: 0A825C09
etag: "7b1c896e7d49cf9e0364d34c103d7d57e73715f0"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=3600,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 21 Sep 2023 02:21:57 GMT

GET
H2 200 11962554
s2.glbimg.com/brBwI-eQiko7gHUlzX0QgUDprsk=/188x106/top/smart/filters:max_age(3600)/https://s01.video.glbimg.com/deo/vi/54/25/ 3 KB
3 KB 807ms
806ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/brBwI-eQiko7gHUlzX0QgUDprsk=/188x106/top/smart/filters:max_age(3600)/https://s01.video.glbimg.com/deo/vi/54/25/11962554
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 900f1dcf1e47a552533349248bb25c55d7b1d60f8ac4164575ec74fd5bc72996

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:54 GMT
via: 2.0 CachOS
x-bip: 21781339 cmah25lx27ca02.globoi.com
age: 1788
x-cache-server: thumbor/nginx-cache
content-length: 2692
x-cached: HIT
x-request-id: 29fa466d-1454-4c6a-918c-1191b23a40b6
x-forwarded-host: s2.glbimg.com
x-thanos: 0A825C09
etag: "75e830a572c8d106fbd7377200f32982c5cab878"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=3600,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 21 Sep 2023 02:23:28 GMT

GET
H2 200 11963039
s2.glbimg.com/JpC8505fl9VMELEbU_gkCxYgqLg=/188x106/top/smart/filters:max_age(3600)/https://s01.video.glbimg.com/deo/vi/39/30/ 2 KB
2 KB 820ms
818ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/JpC8505fl9VMELEbU_gkCxYgqLg=/188x106/top/smart/filters:max_age(3600)/https://s01.video.glbimg.com/deo/vi/39/30/11963039
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 7dcfa7a4fa62e019d7fd2a17f5a2f1e29c7695aa08e7ac732c536f7d28444d0c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:54 GMT
via: 2.0 CachOS
x-bip: 23244506 cmah25lx27ca02.globoi.com
age: 1692
x-cache-server: thumbor/nginx-cache
content-length: 2152
x-cached: HIT
x-request-id: 58c71e77-6bea-4e04-93d7-f5072179de5d
x-forwarded-host: s2.glbimg.com
x-thanos: 0A825C09
etag: "47bb8c3ca1591f275319c9ffc0572b0964e1b729"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=3600,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 21 Sep 2023 02:23:39 GMT

GET
H2 200 11962496
s2.glbimg.com/TUiXS_IZyIFAUZFJ9P-Ge30qfUA=/188x106/top/smart/filters:max_age(3600)/https://s01.video.glbimg.com/deo/vi/96/24/ 3 KB
4 KB 819ms
819ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/TUiXS_IZyIFAUZFJ9P-Ge30qfUA=/188x106/top/smart/filters:max_age(3600)/https://s01.video.glbimg.com/deo/vi/96/24/11962496
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: d0eda79d2610b2145f3bc1d1c1a5e4de13dbf2d813a3acb34a9118c4080fc8ac

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:54 GMT
via: 2.0 CachOS
x-bip: 21948063 cmah25lx27ca02.globoi.com
age: 1823
x-cache-server: thumbor/nginx-cache
content-length: 3504
x-cached: HIT
x-request-id: 74eff111-0cac-48fb-863b-8b804b2cc8ce
x-forwarded-host: s2.glbimg.com
x-thanos: 0A825C09
etag: "f739da2d9a42a7c94b3b334b7588d56548d75c7c"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=3600,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 21 Sep 2023 02:23:16 GMT

GET
H2 200 11963040
s2.glbimg.com/b5T5qsUQwyJC14nupKbaeihlqxw=/188x106/top/smart/filters:max_age(3600)/https://s01.video.glbimg.com/deo/vi/40/30/ 4 KB
4 KB 800ms
800ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/b5T5qsUQwyJC14nupKbaeihlqxw=/188x106/top/smart/filters:max_age(3600)/https://s01.video.glbimg.com/deo/vi/40/30/11963040
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 4c56a3b3d13ebd1079ac9717fc01713e86e061c0dad4e027107e03cd45ed7375

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:54 GMT
via: 2.0 CachOS
x-bip: 18898395 cmah25lx27ca02.globoi.com
age: 1692
x-cache-server: thumbor/nginx-cache
content-length: 3846
x-cached: HIT
x-request-id: 172a9c91-c6c5-45e6-bcf5-58cf12563adc
x-forwarded-host: s2.glbimg.com
x-thanos: 0A825C09
etag: "777dd14cc0c224b694c3156ee51ae12dfa86e451"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=3600,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 21 Sep 2023 02:23:30 GMT

GET
H2 200 / Show response
usergate.globo.com/ 29 B
300 B 523ms
522ms XHR
text/plain 35.198.44.170
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://usergate.globo.com/
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.198.44.170 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 170.44.198.35.bc.googleusercontent.com
Software: /
Resource Hash: a85987916d9a779c207a70946433700ce4ec87279c96adcd9c66f0f8f1f39689

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://gshow.globo.com
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Content-Type,Cookie,X-App,GLBID,GST

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 1E90 572 B
790 B 593ms
230ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 53b0af069f14542703c25f82bf9c1babb3354d88c4f2bfa35105fad7a1183053

Request headers

Referer: https://gshow.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 374
content-type: text/html
date: Thu, 21 Sep 2023 01:53:54 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
298 B 257ms
208ms Image
image/gif 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-12842-2&tE=0&tF=&tI=_neuchatel_neuchatel_ch_1695261232849_1356532939&tJ=&tU=0100007F30A20B6538072F7902F2AF16&tX=b.52&tY=1&tZ=494642856
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 player.min.js Show response
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/ 2 MB
749 KB 289ms
271ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js
Requested by: Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: feaa8751094d14f899a36eef1867b158cf502c9b22352b070b7e2e50ef367a9f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:53 GMT
content-encoding: gzip
x-openstack-request-id: tx2075525f05e2480f906c7-00650b9876
last-modified: Wed, 13 Sep 2023 18:08:15 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1694540590.000000
content-type: application/javascript
x-timestamp: 1694628494.40181
cache-control: public, max-age=3600
x-trans-id: tx2075525f05e2480f906c7-00650b9876
x-request-id: f30e99c7-11d1-433a-9b20-52702a6deee2

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
34 B 172ms
169ms XHR
text/plain 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by: Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 21 Sep 2023 01:53:53 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 14 KB
7 KB 471ms
467ms XHR
application/json 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/11366_gshow.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

2d9cb97f8b163abd283e03f4918e4b4ab40a493a8573fc80d1e788162100077f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:53:54 GMT
content-encoding: gzip
an-x-request-uuid: a88a5bff-fb97-44c5-af69-9af2eba360b5
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gshow.globo.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.219.12.203; 80.219.12.203; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
193 B 1428ms
368ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.0&cb=95356753087&lsavail=1

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/11366_gshow.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://gshow.globo.com
date: Thu, 21 Sep 2023 01:53:54 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 647 B
984 B 1501ms
477ms XHR
application/json 213.19.162.21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11366&site_id=296580&zone_id=1495210&size_id=55&alt_size_ids=57&eid_pubcid.org=d82674e3-3b40-459f-861a-a3d34aa58411%5E1&rf=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&tg_i.domain=gshow.globo.com&tg_i.page=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&tg_i.adunit=95377733_tvg_Gshow%2FMundo_de_Novela&tg_i.aupname=%2F95377733.*%26banner_materia__.*%26tvg_pos%3DMATERIA%2Cposition%3Dbtf&tg_i.pbadslot=%2F95377733%2Ftvg_Gshow%2FMundo_de_Novela%23banner_materia__ac2da8f2-aac6-4983-b687-5df644a3b8d9&tk_flint=dmpbjs_v7.54.0&x_source.tid=bd25d907-f339-4e7e-8539-5a3de06e39b2&l_pb_bid_id=6102f3f0750089&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=bd25d907-f339-4e7e-8539-5a3de06e39b2&rp_maxbids=1&p_gpid=%2F95377733%2Ftvg_Gshow%2FMundo_de_Novela%23banner_materia__ac2da8f2-aac6-4983-b687-5df644a3b8d9&slots=1&rand=0.5249314621520957
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/11366_gshow.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.19.162.21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b48f3e94323df821e96f73d74abbcebbe1c8a8ec0f9e659f8623bb74e82e0da5

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:53:54 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://gshow.globo.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 1000ms
512ms XHR
application/json 5.196.111.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/11366_gshow.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS: ip65.ip-5-196-111.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:53:53 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://gshow.globo.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 1 KB
2 KB 990ms
449ms XHR
application/json 5.196.111.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/11366_gshow.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS: ip65.ip-5-196-111.eu
Software: /
Resource Hash: f78a3059b09e1d22f9d35b2f80c4f424a90fe9e956573b922c63da1eece2f2f4

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:53:53 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://gshow.globo.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 612 B
1 KB 1405ms
397ms XHR
application/json 213.19.162.21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11366&site_id=296580&zone_id=1495224&size_id=55&alt_size_ids=57&eid_pubcid.org=d82674e3-3b40-459f-861a-a3d34aa58411%5E1&rf=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&tg_i.domain=gshow.globo.com&tg_i.page=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&tg_i.adunit=95377733_tvg_Gshow%2FMundo_de_Novela&tg_i.aupname=%2F95377733.*%26banner_materia2%26tvg_pos%3DMATERIA2%2Cposition%3Dbtf&tg_i.pbadslot=%2F95377733%2Ftvg_Gshow%2FMundo_de_Novela%23banner_materia2&tk_flint=dmpbjs_v7.54.0&x_source.tid=4da71ec2-a04d-4d3e-ac3b-de68dc882759&l_pb_bid_id=121a98dda42911d&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=4da71ec2-a04d-4d3e-ac3b-de68dc882759&rp_maxbids=1&p_gpid=%2F95377733%2Ftvg_Gshow%2FMundo_de_Novela%23banner_materia2&slots=1&rand=0.12525389416739574
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/11366_gshow.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.19.162.21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5e4554fd493d22762e20662a5e8fc782e371f4d75dc816bc560a3802dfd56f93

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:53:54 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://gshow.globo.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 612
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 1368ms
332ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.0&cb=28954645159&lsavail=1

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/11366_gshow.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://gshow.globo.com
date: Thu, 21 Sep 2023 01:53:54 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 145 B
960 B 984ms
983ms XHR
application/json 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/11366_gshow.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

fae8318718587af9d76f58fb73e37eefe3f71072eac346e8f880f1bc1ba6e530

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:53:54 GMT
an-x-request-uuid: b7b4af7d-c638-47d1-b72a-a66b963f8cd0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gshow.globo.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.219.12.203; 80.219.12.203; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 145
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 781A 0
0 126ms
125ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsud08Z3K3WHmVyHhM2N910j974h5dyfHHtDq0Bj7dRawx5bxBi8yzNPydd-zrIMqRG404Zl-QZJS7an9-2Q6id9kN8TfnlJ9VLLyWuVyh6H8IXXgT0T2BYtLn6RmdGTjAq7QLv41xOM2syHwc4U64aLQnC2B58ZefjGHonnsog9o9n1y0F02S59cmdrMeA4yXiNhCbQ_GQoOgKjc6ZvO3EKrVjPzkpbmXmCtVS3HzPKO5-fhJe0vsBcFLgJgFnf8rICWmY1ATSwwWYVvecgQ6w5mwSEYLjUsJbBKXZnNh7AF31tkXl3Wrn5t8Apo6XKPW6YaqVj8OxdvB4sB1Pq57_-8oyJnP4&sai=AMfl-YSAPqbdEJHJtsY9lHK3jiHywbBkVuXR4TbEXFICiMGtcQZPwjafKenGWICJVTy9BsNrZj1QUdcAP1U9UCX2h6gRphm3dp4AOr1R_UjOTwyVMXNCMQWUcbHxLO3DuKq0e5apW0TKzWlWP3mOvEI&sig=Cg0ArKJSzMt4duUjaJe9EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com
URL: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Sep 2023 01:53:54 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 781A 11 KB
1 KB 1142ms
138ms Font
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?display=swap&family=Open+Sans%3Awght%40400%3B500%3B600%3B700

Requested by

Host: 6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com
URL: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

ESF /

Resource Hash

18aac35a39ffe15124a6f6dd2bcfa19d95d722c5f05a842676689b6259af1585

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
Origin: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Sep 2023 01:53:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Sep 2023 01:53:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Sep 2023 01:53:55 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
96 B 151ms
151ms Image
image/gif 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1968325864&t=event&ni=1&_s=2&dl=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&ul=en-us&de=UTF-8&dt=Hercai%3A%20Amor%20e%20Vingan%C3%A7a%3B%20novela%20turca%20estreia%20no%20Globoplay%20%7C%20Mundo%20de%20novela%20%7C%20gshow&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=analytics&ea=preenche&el=userid&_u=aADAAEABAAAAACgAIAC~&jid=&gjid=&cid=1046947086.1695261230&uid=&tid=UA-296593-29&_gid=1201443480.1695261230&gtm=45He39i0n81PS8KQR6&cd10=&cd11=&cd1=web&cd4=Ate%203%20meses&cd5=multi-content&cd12=False&cd16=materia&cd18=266%20a%20370&cd23=direct&cd24=Ate%202%20meses&cd25=21-07-2023&cd26=GSHOW%2CNovelas%2CMundo%20de%20novela&cd31=0&cd32=novelas%2Fmundo-de-novela&cd33=materia&cd36=desktop&cd52=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd75=&cd76=c3dbba6c-769e-4552-a02a-1c592c8fc171&cd96=anonymous&cd97=3673111152127991310&cd98=anonymous&cd99=3673111152127991310&cd196=4&cd197=8&cd198=0&cd199=4g&cd200=false&cm6=297&z=330471330

Requested by

Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 04:47:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75999
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 1E90
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1945838435035663253

43 B
106 B

81ms
63ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1945838435035663253
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:53:55 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:53:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1945838435035663253
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 1E90
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=b76e5f91-a589-c323-304a-c19fe025eee7
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=b76e5f91-a589-c323-304a-c19fe025eee7&dcc=t

43 B
855 B

238ms
238ms

Image
image/gif

67.220.224.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=b76e5f91-a589-c323-304a-c19fe025eee7&dcc=t

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

HTTP/1.1

Server

67.220.224.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Sep 2023 01:53:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QZY2C33SRY1VASJWJDM1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 21 Sep 2023 01:53:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: BKPEPQMZ72ZQKCW8VGV0
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=b76e5f91-a589-c323-304a-c19fe025eee7&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 1E90 70 B
265 B 1177ms
107ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=efb823ec-b923-78d9-f044-430888162507&gdpr=0
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 21 Sep 2023 01:53:55 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 1E90 170 B
409 B 1146ms
82ms Image
image/png 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzNkN2YwMjYtNzA1NC0yNjdkLWU1YTQtMTliMTQyZjRlYjY3

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:53:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 1E90
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBP7CC0wkFsI2JuTqtGs9T4&google_cver=1

43 B
180 B

80ms
61ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBP7CC0wkFsI2JuTqtGs9T4&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:53:55 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:53:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBP7CC0wkFsI2JuTqtGs9T4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 showSp.php Show response
fundingchoicesmessages.google.com/f/AGSKWxXIZ6iVCT3XZc0eTQYHg3zthyDbuG7k3UeSyusdEMepBYouSdhrbW9ISlSMvrS7HFgXiia95LcWapg_ExQNwqff7Kapi7kWWxWGsJUYuZWlQhLXgVlZOz2Yg3tFS7foWu0yBx3ElMwFbpaHpKWlXrS-Z9ACr... 54 B
298 B 454ms
445ms Script
application/javascript 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXIZ6iVCT3XZc0eTQYHg3zthyDbuG7k3UeSyusdEMepBYouSdhrbW9ISlSMvrS7HFgXiia95LcWapg_ExQNwqff7Kapi7kWWxWGsJUYuZWlQhLXgVlZOz2Yg3tFS7foWu0yBx3ElMwFbpaHpKWlXrS-Z9ACrXSUcL6yrGqJFJDQeCppGMPTnw3UsA==/_/abm.aspx_ad_service./lijitads._728-90./showSp.php?

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.m8giXY6edfY.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwiUA8CJMhqwuleaLV3UrjhrI0qFw/m=ad_blocking_detection_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f14.1e100.net

Software

ESF /

Resource Hash

f27b6d8a1900d5defeab0dcdfaa390eb4309e50a14edde88f9e6ee86777dd957

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-gifQOjCKmxv8vtNepaOyiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:54 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-gifQOjCKmxv8vtNepaOyiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 61 KB
23 KB 876ms
866ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

4a95451be6e53fa4a280c90276478ea0365428962a3ff0db8290da826600b552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:47:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 375
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23241
x-xss-protection: 0
server: cafe
etag: 13973718040851992629
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 02:47:39 GMT

POST
H2 204 AGSKWxVNmVA8iPUvJvOk5P8UIscoc281K9ukb447E09_of2PKGiuEEVPPtdTyXnuRh1YiwwSqjggPp5dIANmBTLuGppvXYksAWhSlDwvo4S7j1OaDgYoeo9137k6TpCobAVa7xICpJo= Show response
fundingchoicesmessages.google.com/el/ 0
200 B 840ms
361ms XHR
text/html 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVNmVA8iPUvJvOk5P8UIscoc281K9ukb447E09_of2PKGiuEEVPPtdTyXnuRh1YiwwSqjggPp5dIANmBTLuGppvXYksAWhSlDwvo4S7j1OaDgYoeo9137k6TpCobAVa7xICpJo=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4ucWzg3UT12GhZCxI5vouw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Sep 2023 01:53:54 GMT
content-security-policy: script-src 'report-sample' 'nonce-4ucWzg3UT12GhZCxI5vouw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://gshow.globo.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 gshow
horizon-track.globo.com/event/ 0
365 B 1148ms
346ms Ping
text/plain 35.211.79.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://horizon-track.globo.com/event/gshow
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_ba8e460c944543468c3c80cb9675751f/libs/horizon/1.10.0/globocom-horizon.min.js?loading-agent=global-webdeps
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.211.79.33 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 33.79.211.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryk75Ah3tj6xH8qQnF

Response headers

date: Thu, 21 Sep 2023 01:53:55 GMT
x-served-from: hzt-tsuru
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gshow.globo.com
access-control-allow-credentials: true
access-control-allow-headers: user,User-Agent,Content-Type,GLBID,GLBUID,GST
content-length: 0

POST
H2 200 gshow
horizon-track.globo.com/event/ 0
364 B 1281ms
488ms Ping
text/plain 35.211.79.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://horizon-track.globo.com/event/gshow
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_ba8e460c944543468c3c80cb9675751f/libs/horizon/1.10.0/globocom-horizon.min.js?loading-agent=global-webdeps
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.211.79.33 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 33.79.211.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarylBP1i9mKlJdf7AQs

Response headers

date: Thu, 21 Sep 2023 01:53:55 GMT
x-served-from: hzt-tsuru
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gshow.globo.com
access-control-allow-credentials: true
access-control-allow-headers: user,User-Agent,Content-Type,GLBID,GLBUID,GST
content-length: 0

POST
H/1.1 204
No Content collect Show response
y.clarity.ms/ 0
295 B 268ms
268ms XHR
text/plain 104.211.35.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://y.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.211.35.148 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://gshow.globo.com
Date: Thu, 21 Sep 2023 01:53:54 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H2 200 minipost-flag.png
s3.glbimg.com/v1/AUTH_1c3ee56c57864e2b9a34135c5ee67caf/gshow/components/show-multicontent-block/ 1 KB
1 KB 387ms
369ms Image
image/png 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.glbimg.com/v1/AUTH_1c3ee56c57864e2b9a34135c5ee67caf/gshow/components/show-multicontent-block/minipost-flag.png
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 67bd1a7646d09ca2f953964fe81c81dff89ef2319c9546f81cc8076b20e79d0a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:54 GMT
x-openstack-request-id: txec1053f7bfcb4518a713b-00650ba1d9
last-modified: Tue, 28 Mar 2023 20:38:25 GMT
x-thanos: 0A865013
etag: ea33aa76009edc97c8c5e259ad188958
vary: Accept-Encoding, Origin
content-type: image/png
x-timestamp: 1680035904.11610
cache-control: public, max-age=180
accept-ranges: bytes
content-length: 1104
x-trans-id: txec1053f7bfcb4518a713b-00650ba1d9
x-request-id: 90747078-450f-403a-8ac8-20ef14c16ddf

GET
H2 200 luisa-sonza-chico-terminam-namoro-gshow-musica-moedas.png
s2.glbimg.com/X2li-lJXv_Aug_PulOMfn2tkzbo=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_e84042ef78cb4708aeebdf1c68c6cbd6/internal_photos/bs/2023/G/Y/gtBGYhQq68FjhOna3k4g/ 23 KB
24 KB 586ms
567ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/X2li-lJXv_Aug_PulOMfn2tkzbo=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_e84042ef78cb4708aeebdf1c68c6cbd6/internal_photos/bs/2023/G/Y/gtBGYhQq68FjhOna3k4g/luisa-sonza-chico-terminam-namoro-gshow-musica-moedas.png
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: dd710e4d4f61a6da31dc6f31003c9b53f5eaf2184d9a0de1c83b6c592a90fbfb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:55 GMT
via: 2.0 CachOS
x-bip: 23986913 cmah25lx27ca02.globoi.com
age: 25863
x-cache-server: thumbor/nginx-cache
content-length: 23816
x-cached: MISS
x-request-id: 3f3ee318-6d8b-4b0d-90d5-2104d8207e90
x-forwarded-host: s2.glbimg.com
x-thanos: 0A825C09
etag: "2c1807fa34bc61f5bd5359d0fa9c5a7a4121f037"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Fri, 20 Oct 2023 18:42:51 GMT

GET
H2 200 semibold.woff2
s3.glbimg.com/cdn/fonts/opensans/ 16 KB
16 KB 414ms
405ms Font
application/font-woff2 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/fonts/opensans/semibold.woff2
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/menu/0.5.4/fn-menu.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 3211f0105eedb5873f087c4d715050124d6891cd2746f9e28b78759a80a818ca

Request headers

Referer: https://s3.glbimg.com/v1/AUTH_f7d75b8ab8c8447292333ff06480419a/nav-cdn/menu/0.5.4/fn-menu.min.css
Origin: https://gshow.globo.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:54 GMT
x-openstack-request-id: tx7c3b33460eb347bb84899-006478b8d7
last-modified: Tue, 25 Jun 2019 17:36:47 GMT
x-thanos: 0A8250E3
etag: 365c53275ca5dad1584b7e0bd3a46c1e
vary: Accept-Encoding, Origin
content-type: application/font-woff2
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp: 1561484206.27623
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 16172
x-trans-id: tx7c3b33460eb347bb84899-006478b8d7
x-request-id: ef5b0e5f-089f-42fb-978f-0aa6d84c6e14

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 8324 428 B
558 B 80ms
79ms Fetch
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertagids&domain=globo.com&sn=ChromeSyncframe&so=0&topUrl=gshow.globo.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=gshow.globo.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7f44a330c14dd4b354a4928a9d3b3a2de37b2f04e0bfeb2cd29807f36742e754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=gshow.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:53:54 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 5404330
expires: 0

POST
H2 204 AGSKWxVNmVA8iPUvJvOk5P8UIscoc281K9ukb447E09_of2PKGiuEEVPPtdTyXnuRh1YiwwSqjggPp5dIANmBTLuGppvXYksAWhSlDwvo4S7j1OaDgYoeo9137k6TpCobAVa7xICpJo= Show response
fundingchoicesmessages.google.com/el/ 0
200 B 384ms
384ms XHR
text/html 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVNmVA8iPUvJvOk5P8UIscoc281K9ukb447E09_of2PKGiuEEVPPtdTyXnuRh1YiwwSqjggPp5dIANmBTLuGppvXYksAWhSlDwvo4S7j1OaDgYoeo9137k6TpCobAVa7xICpJo=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GulUKOpWoLyT_xxIk060xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Sep 2023 01:53:54 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GulUKOpWoLyT_xxIk060xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://gshow.globo.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 selected-alternatives Show response
globo-ab.globo.com/v2/ 318 B
638 B 353ms
351ms XHR
application/json 34.95.229.88
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://globo-ab.globo.com/v2/selected-alternatives?skipImpressions=true&experiments=GSHOW-MINIPOST-item

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.0/globo-ab.min.js?loading-agent=global-webdeps

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.95.229.88 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

88.229.95.34.bc.googleusercontent.com

Software

Resource Hash

ded9de29a06257e44d8c396bede97d61b54b62f818eb40f74e20d9ec7748dae1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:54 GMT
strict-transport-security: max-age=300; includeSubDomains
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://gshow.globo.com
access-control-allow-credentials: true
trace-id: 08b550e7ee2c4f91
access-control-allow-headers: user,User-Agent,Content-Type,GLBUID,GLBID,GLBEXP,x-client-user-agent,x-client-version,x-device-id,x-platform-id,x-canonical-uri,GLOBO_ID

GET
H2 200 index.html Show response
s0.2mdn.net/dfp/421333/4647392540/1693261596604/ Frame 842B 13 KB
3 KB 848ms
100ms Document
text/html 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

8fade87056404b39ffb10c5e63e1119e4b10928526d580b355ad6c1efee3345c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 80165
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 3023
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Sep 2023 03:37:50 GMT
expires: Thu, 21 Sep 2023 03:37:50 GMT
last-modified: Mon, 28 Aug 2023 22:26:36 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7DF7 0
63 B 112ms
111ms Image
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQzv1QMeXykeZjJ_RlF9YuP943V4zz9ZupaY1B8Q3vRuPrjbsoGL7953zb5ubQ72WBjhcNH6RLT1RQ6IvOxIbsOKvGV9plTdB9Ovg4j-j0GLEZQ7R73wkpeGVMM98qVRhYMIAnBeXsRq1xl4NGBHvnAa-mKwdQHjQb5RtPxacrNfzvXOr4u7nSHoyUPVPkHOVESMTcZbqLxa4P2W2gedZPrG1wbSOOoMRfPqDddj55oBqPfXfIfRiSVS8MWCWHxnihzO86OQu2R_b8wHp4ecVDh6qCttvM8dm0xWfTFSQjIqWOizy9JFxdRRChhRNwaP8X0FM8cXi4zko_45MieQyfVWdPzCvrMOFs3NZfR7vjyrYA&sai=AMfl-YSHj6B1aCQlft1wP2DAz3E1MYTrkGw17tBqev4Rrtk6Weu_DQZnCU8OkyvGQZa8XmIAxxaUf65JIngUgdzr4mORSuHKcVRYwGsffgnYW-ANu1VwFWWVSU-K9zRh-x0N956O7tJAudxoabERKT9h&sig=Cg0ArKJSzAo6wPiqK9okEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com
URL: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 index.html Show response
s0.2mdn.net/dfp/421333/4647392540/1693261597064/ Frame B563 13 KB
3 KB 837ms
99ms Document
text/html 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

61166ed01a5b59ca1acab891daed7ca9451a2e7ee75f42e82104a71e8ec04895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 75337
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 3098
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Sep 2023 04:58:18 GMT
expires: Thu, 21 Sep 2023 04:58:18 GMT
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4DC0 0
63 B 302ms
302ms Image
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwuRhQf99XkUhclqx_Ex978SxiIwJ4Atwg0qUtCnpGXr-eI6i9rEs2xuHjgQv7ksfml5sXNmHToBHtT_4u4rYb80NbJ2ihdjZt1-nmRhkhUgAgCRTqiOQmWm6n09YZGC4ydaTQe2heW0l_TtOPHkhL6-BtRPLqO9oeH_yzVGpXFVdJcspYlgqXCJ8McTWBUTf1UbzGFgPeEGOp8Fr8jiMmNXnf6NsMiLID7s8noIeLItmNTSgYac19rD0w6k6_7xXTUVAxvSm0Eol5Rxd0uDus_A6GWzH72NFunphrgG4xlgFeGDuOIr_y3mOX67f7IlUO_Iw3rpq27DHS3Msj8YFkCQvQVVUFIqk87VicRuYdcK7o&sai=AMfl-YTiFx5ikZlRC0Ts7m7EYMNt9sN23pD7SlYgXgs8MYir3p_IH-4smK_UplwRKmFAcr75RA1YCBWPhPhJz5s33nok45TpTs6WJR0uYSkPvBtyfMTlrJ7s2BHOMxF1O9dZpcU3i_-NyeZSc5lx3BdG&sig=Cg0ArKJSzFV_7oRrE0MREAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com
URL: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 359 KB
124 KB 531ms
81ms Script
text/javascript 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

sffe /

Resource Hash

8be5f11b40d73f6965e5d69189d533173aca057616a3b573316868678c132bfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125909
x-xss-protection: 0
expires: Thu, 21 Sep 2023 01:53:55 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 781A 0
0 128ms
128ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1unPNuMbMe9b48n0MdcL8oDrn_oufeF6LzFbuFhDoQLcHEb0Qygjuymsx5lgZBGzP6ZtV5gu0ZyOISF_3_6NCq9sKofPkq8Ouslkb6SniQ6cn3zazwhUkc8EeSxQqwJZt84yPRRyGBTUPRufnjUsTcpZNtObKSzqouRJgX4ag45OdwS0hflSM2DI6DWwtXQnV8xsNtfKwjHsYv8hiwlslHu4TMtmr9yeZ4_DdpezEJrRixHFAA9b5BF21wmiccpmr_oA75CJiLr2Rt3Vb2LDcQP7uBn43i4cBzhzG4SgXaH-sEd-681fATZlWRMkW2hJWGBXKU9NbYXqV1g2URi9CJwBe0TkZxg&sai=AMfl-YQ2Zle0nf4js9d0XRn3EZyXrSKF4jI_t_2ReQmI3Zh0GimtZ4pXubS22XpXpa2rBCasgzav9YDEbDFJwZRXDlDWs4MpfM5Q8lGiznkASaEF8pnCVps8z13WlBiR2Pr8QNK4S6eRs2-TL3c-rcE&sig=Cg0ArKJSzLq744Vdl8gsEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Sep 2023 01:53:55 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4DC0 0
0 132ms
131ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdm1-yXLTOQ96e6ySeC9OVGl-Zmo9SVYGMpqgr97-yCLkzdtMYgbwDmM3HV-weou5YfaSfwFZ7lrS9cCY-fRzaNNbPqvUe7o385Spw0qMbP6sGipwVSrsZxcCpoVKlMBjXpgOrQRm6AP2qFQRzDQB7jbQKWrwl1aUOoVpX3ARuMaidvWw_nFNSBfEV5dJrb20Rx1-K3L_FlI2O6_Upqps4Vt8qowWyn3E6S2LDYReLHiWhGUAa8ngZYVwLVG-R6Z9DNj9l5qFYpWAqjJSNvFBHFZ96HOp5J1MgYmqyLoDA9GRAU_WJ1_WUHZeKZXynkg5ttON0bDVFyr_riC6z4SLrPZKfSXJc&sai=AMfl-YQ6UqsDbmJxQn4fMIEU1MlTbTuG2OU33Xksb3T2zdsZo8Fl4VUafQw2T9ZmQVAG0Hknp09Xwp4TrkkiXg09a_hIzkgUWJmq5TdMErKjrjqCRq8pFJeGhF510e_5rGf3oExp-tc_d-UpZKAa4bV7&sig=Cg0ArKJSzNxQijmSnA0nEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Sep 2023 01:53:55 GMT

GET
H2 200 chartbeat-plugin.min.js Show response
s3.glbimg.com/v1/AUTH_ba8e460c944543468c3c80cb9675751f/plugins/chartbeat/ 8 KB
4 KB 280ms
280ms Script
application/json 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_ba8e460c944543468c3c80cb9675751f/plugins/chartbeat/chartbeat-plugin.min.js?loading-agent=global-webdeps
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 733b14fd72f5a02fbc7a83efa0e9a8ae7264c65c84d908125b58fbcd852acc95

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:55 GMT
content-encoding: gzip
x-openstack-request-id: txfe9accb60cdf424eb6014-0064c2d9eb
last-modified: Fri, 17 Mar 2023 14:31:16 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: application/json
x-timestamp: 1679063475.80938
cache-control: public, max-age=7884000
x-trans-id: txfe9accb60cdf424eb6014-0064c2d9eb
x-request-id: bc5cc5e8-7bd5-4ee8-8873-f76448f948f4

GET
DATA 200
OK truncated
/ Frame 781A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7b834f3e05c3101716a90cbcbbc2ba0fb78b04ef0e4770d9613f197adc371c6

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
10 KB 268ms
268ms Fetch
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1928937688576847&correlator=2090153034163305&eid=31078022%2C31078023%2C31078044&output=ldjh&gdfp_req=1&vrg=202309180101&ptt=17&impl=fif&iu_parts=95377733%2Ctvg_Gshow%2CMundo_de_Novela&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x150%7C970x90&ifi=4&didk=3223810204&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dd22fc0a83d863e9d%3AT%3D1695261232%3ART%3D1695261232%3AS%3DALNI_Mbyw-vzerPwOc37-HN8n4nm4dCdEA&gpic=UID%3D00000c7aeab05c41%3AT%3D1695261232%3ART%3D1695261232%3AS%3DALNI_MapYhBlB1OiNLGbQEgvyyH7HSzsIw&arp=1&abxe=1&dt=1695261235218&lmt=1695254035&adxs=315&adys=1841&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&vis=1&psz=970x0&msz=970x0&fws=4&ohw=970&psts=AOrYGsn5V9M7GQUzO5VnQ1NWTGEAQPJNWo5p4-a-xJuVBshYLxsMvSK1aPNPkCVMHiK-c3jCkS3-UifAb1VgCjmoRrRn%2CAOrYGskaZyIA9iGwYln4ux-hzkcsGsPZ2avRivZbeyAdSEhm6BoXOBZ9yo0nPuMeWMv5mITH8DS7pVo-jxB0GLT6h-m9XoVBMYQKX0yh4Vxs%2CAOrYGskZiqT12A6kiYvTdARZ_46lAYeqHrWGkY8SyQKUR0y9wZ4I4ISwXnyTBkpeHVOsEYSKD5NWTBkbiHBh6Pof1vG2&ga_vid=1046947086.1695261230&ga_sid=1695261233&ga_hid=1968325864&ga_fc=true&dlt=1695261228087&idt=1433&prev_scp=tvg_pos%3DMATERIA2%26rc%3DMATERIA2_0&cust_params=permutive%3D88434%252C90176%252C131056%252C134328%252C136768%252C138292%252C138296%252C138298%252C141268%252C142110%252C156165%252C158439%252C162083%252C166023%252Crts%26BSC%3D80023001%252C84011001%252C80022004%26IDS%3D0%26prmtvsdk%3Dweb%26ext-bsafety%3D%26safe%3D%26ambient%3Dweb%26cor_pagina%3DE72500%26ext-ctx-mc%3D5%252C60%252C13%252C2%252C153%252C27%252C348%252C85%252C30%252C121%26tipo_pagina%3Dmulti-content%26tvg_cma%3DGSHOW%252CNovelas%252CMundo%2520de%2520novela%26tvg_pgName%3Dmateria%26tvg_pgStr%3Dgshow%252Fnovelas%252Fmundo%2520de%2520novela%26tvg_random%3D8%26tvg_temas%3Dcolgate%252CCEF%252Capple%252Cunilever%252Cheineken%252Cnamorados%252Cbbrasil%26tvg_topico%3D%26tvg_url%3Dgshow.globo.com%252Fnovelas%252Fmundo-de-novela%252Fnoticia%252Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml%26as_obra%3D%26as_tempo%3D%26as_assun%3D%26as_canal%3D%26ext-canal%3D%26ext-obra%3D%26tvg_prop%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3Dc3dbba6c-769e-4552-a02a-1c592c8fc171%26nvg_gender%3D%26nvg_age%3D%26nvg_educat%3D%26nvg_marita%3D%26nvg_income%3D%26nvg_connec%3D%26nvg_city%3D%26nvg_region%3D%26nvg_countr%3D%26nvg_everyo%3D%26nvg_custom%3D%26nvg_brand%3D%26nvg_intere%3D%26nvg_produc%3D%26nvg_career%3D%26nvg_everyb%3D%26nvg_pgende%3D%26nvg_page%3D%26nvg_peduca%3D%26nvg_pmarit%3D%26nvg_pincom%3D%26nvg_lookal%3D%26permutive-id%3D0b31f6f0-8b82-4b24-9558-4a66c3d8cb92%26ptime%3D1695261232433%26prmtvvid%3D%26prmtvwid%3D&adks=4174754200&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31078044

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

0df88fa4cfca44b376efbef77608cec61b74a51439c3ba85667f53396f3ce8e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:55 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9993
x-xss-protection: 0
google-lineitem-id: 6357826751
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138444888844
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gshow.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7DF7 0
0 102ms
101ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuq5au1YOK6gBoR2rGdzx36B1_DgMvxKdz_9MSqywJ0EwuINFBYs9oculSiFzqruC5q7O13RiyFVZpU3bfJqo023MhsKOFtw2W-fXuPLDz563b8NY-5iL263DJXrbDLV7ohdwX7hk1jxEOTzX6oVmMe-ZqZcN3MnfZvP8AJWSBtr4ygxTBmd9owFYPDP2WPdjkNRK2T2vmkhJKO6EglqWritbMkFO3oPRUvvB8UwC_SfVHuf8_g1d1qgngsAGlaeI9V3zFLPcpB7vheE4rMfKFSUsTLu88iA8LDwUlAoZEV2F_aCAaQMss3psC2ftLXPgo9hQjzDi0iycCEszQpBHohVXC-YMqx&sai=AMfl-YQ4KnGz6snh9J50cW0L4HQJiw3DFnS2skGF3MF58O8kDKzYql3zX6_4IpwYvsMfBTuVvZYxt0WprKTSRim5Y1AQMZEIGTs_Sj2GvU4YofrglkFmZnDP1zBBiuXumNFq0jT2UXa8FhO98A2lmDna&sig=Cg0ArKJSzLlVq9wAHtr6EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Sep 2023 01:53:55 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVNmVA8iPUvJvOk5P8UIscoc281K9ukb447E09_of2PKGiuEEVPPtdTyXnuRh1YiwwSqjggPp5dIANmBTLuGppvXYksAWhSlDwvo4S7j1OaDgYoeo9137k6TpCobAVa7xICpJo=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zLLJNxmy-m2m_aQCOe9Jjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Sep 2023 01:53:55 GMT
content-security-policy: script-src 'report-sample' 'nonce-zLLJNxmy-m2m_aQCOe9Jjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://gshow.globo.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxVNmVA8iPUvJvOk5P8UIscoc281K9ukb447E09_of2PKGiuEEVPPtdTyXnuRh1YiwwSqjggPp5dIANmBTLuGppvXYksAWhSlDwvo4S7j1OaDgYoeo9137k6TpCobAVa7xICpJo= Show response
fundingchoicesmessages.google.com/el/ 0
200 B 114ms
113ms XHR
text/html 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVNmVA8iPUvJvOk5P8UIscoc281K9ukb447E09_of2PKGiuEEVPPtdTyXnuRh1YiwwSqjggPp5dIANmBTLuGppvXYksAWhSlDwvo4S7j1OaDgYoeo9137k6TpCobAVa7xICpJo=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-d8j6Xd-dlYEMPIB8lGeWaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Sep 2023 01:53:55 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-d8j6Xd-dlYEMPIB8lGeWaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://gshow.globo.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxUl2UqXZzX-4-Iy7Frc4mbIBcQwUn-Aye33b8RMUNGb3sI0mrlCLP8v9wxT2ObwHofMlp6HkGG8JAKlqhOinevxG2HYijMaeIpYyHIL8jp1xInDKDKIlns2qZMEXcW5oD1lTCw= Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 87ms
86ms Script
application/javascript 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUl2UqXZzX-4-Iy7Frc4mbIBcQwUn-Aye33b8RMUNGb3sI0mrlCLP8v9wxT2ObwHofMlp6HkGG8JAKlqhOinevxG2HYijMaeIpYyHIL8jp1xInDKDKIlns2qZMEXcW5oD1lTCw=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk1MjYxMjM1LDI2NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vZ3Nob3cuZ2xvYm8uY29tL25vdmVsYXMvbXVuZG8tZGUtbm92ZWxhL25vdGljaWEvaGVyY2FpLWFtb3ItZS12aW5nYW5jYS1ub3ZlbGEtdHVyY2EtZXN0cmVpYS1uby1nbG9ib3BsYXkuZ2h0bWwiLG51bGwsW1s4LCJtOGdpWFk2ZWRmWSJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f14.1e100.net

Software

ESF /

Resource Hash

cd349cbb8d7e1230c4dffe67eb3cfbbfb85e01573d933874204cf872ae38643b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-C2dm5ICR9TY0FNixiScTLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:55 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-C2dm5ICR9TY0FNixiScTLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
10 KB 364ms
364ms Fetch
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1928937688576847&correlator=639343762786477&eid=31078022%2C31078023%2C31078044&output=ldjh&gdfp_req=1&vrg=202309180101&ptt=17&impl=fif&iu_parts=95377733%2Ctvg_Gshow%2CMundo_de_Novela&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x150%7C970x90&ifi=5&didk=1497051865&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dd22fc0a83d863e9d%3AT%3D1695261232%3ART%3D1695261232%3AS%3DALNI_Mbyw-vzerPwOc37-HN8n4nm4dCdEA&gpic=UID%3D00000c7aeab05c41%3AT%3D1695261232%3ART%3D1695261232%3AS%3DALNI_MapYhBlB1OiNLGbQEgvyyH7HSzsIw&arp=1&abxe=1&dt=1695261235279&lmt=1695254035&adxs=315&adys=3162&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&vis=1&psz=970x0&msz=970x0&fws=4&ohw=970&psts=AOrYGsn5V9M7GQUzO5VnQ1NWTGEAQPJNWo5p4-a-xJuVBshYLxsMvSK1aPNPkCVMHiK-c3jCkS3-UifAb1VgCjmoRrRn%2CAOrYGskaZyIA9iGwYln4ux-hzkcsGsPZ2avRivZbeyAdSEhm6BoXOBZ9yo0nPuMeWMv5mITH8DS7pVo-jxB0GLT6h-m9XoVBMYQKX0yh4Vxs%2CAOrYGskZiqT12A6kiYvTdARZ_46lAYeqHrWGkY8SyQKUR0y9wZ4I4ISwXnyTBkpeHVOsEYSKD5NWTBkbiHBh6Pof1vG2&ga_vid=1046947086.1695261230&ga_sid=1695261233&ga_hid=1968325864&ga_fc=true&dlt=1695261228087&idt=1433&prev_scp=tvg_pos%3DMATERIA%26rc%3DMATERIA_0%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D970x250%26hb_pb_appnexus%3D0.18%26hb_adid_appnexus%3D179ccd2bed8414%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.18%26hb_adid%3D179ccd2bed8414%26hb_bidder%3Dappnexus&cust_params=permutive%3D88434%252C90176%252C131056%252C134328%252C136768%252C138292%252C138296%252C138298%252C141268%252C142110%252C156165%252C158439%252C162083%252C166023%252Crts%26BSC%3D80023001%252C84011001%252C80022004%26IDS%3D0%26prmtvsdk%3Dweb%26ext-bsafety%3D%26safe%3D%26ambient%3Dweb%26cor_pagina%3DE72500%26ext-ctx-mc%3D5%252C60%252C13%252C2%252C153%252C27%252C348%252C85%252C30%252C121%26tipo_pagina%3Dmulti-content%26tvg_cma%3DGSHOW%252CNovelas%252CMundo%2520de%2520novela%26tvg_pgName%3Dmateria%26tvg_pgStr%3Dgshow%252Fnovelas%252Fmundo%2520de%2520novela%26tvg_random%3D8%26tvg_temas%3Dcolgate%252CCEF%252Capple%252Cunilever%252Cheineken%252Cnamorados%252Cbbrasil%26tvg_topico%3D%26tvg_url%3Dgshow.globo.com%252Fnovelas%252Fmundo-de-novela%252Fnoticia%252Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml%26as_obra%3D%26as_tempo%3D%26as_assun%3D%26as_canal%3D%26ext-canal%3D%26ext-obra%3D%26tvg_prop%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3Dc3dbba6c-769e-4552-a02a-1c592c8fc171%26nvg_gender%3D%26nvg_age%3D%26nvg_educat%3D%26nvg_marita%3D%26nvg_income%3D%26nvg_connec%3D%26nvg_city%3D%26nvg_region%3D%26nvg_countr%3D%26nvg_everyo%3D%26nvg_custom%3D%26nvg_brand%3D%26nvg_intere%3D%26nvg_produc%3D%26nvg_career%3D%26nvg_everyb%3D%26nvg_pgende%3D%26nvg_page%3D%26nvg_peduca%3D%26nvg_pmarit%3D%26nvg_pincom%3D%26nvg_lookal%3D%26permutive-id%3D0b31f6f0-8b82-4b24-9558-4a66c3d8cb92%26ptime%3D1695261232433%26prmtvvid%3D%26prmtvwid%3D&adks=1253635096&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31078044

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

92abc00137247cd267b7177358b7400e25644074dc242b3a52d834c4502e3cb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:55 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9993
x-xss-protection: 0
google-lineitem-id: 6357826751
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138444888844
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gshow.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxWEcRGGYT_HcXvZk3Yf2MhNyQp7gXiOIWowUIgmOTxXbEmXzYpv-Ah1cy3X-JiN35MsmJV3pRboq1gbmOK_br7n9pgiMEaVDFsS-72sPaMVzkFccnn25Of0w4yq7_umuuyzSxc= Show response
fundingchoicesmessages.google.com/el/ 0
200 B 88ms
87ms XHR
text/html 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWEcRGGYT_HcXvZk3Yf2MhNyQp7gXiOIWowUIgmOTxXbEmXzYpv-Ah1cy3X-JiN35MsmJV3pRboq1gbmOK_br7n9pgiMEaVDFsS-72sPaMVzkFccnn25Of0w4yq7_umuuyzSxc=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9LJtzKknHgvj2Op_huYIjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Sep 2023 01:53:55 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9LJtzKknHgvj2Op_huYIjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://gshow.globo.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wmPlayerPlaylistLoaded111961570 Show response
api.globovideos.com/videos/11961570/playlist/without_resources/callback/ 1 KB
945 B 1298ms
508ms Script
application/json 186.192.81.16
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.globovideos.com/videos/11961570/playlist/without_resources/callback/wmPlayerPlaylistLoaded111961570
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.81.16 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-81-16.prt.globo.com
Software: /
Resource Hash: 6b64951fcb5dde94f005c4a5b6e25973bc396331158191eae4468bf115e63fd9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.011656
date: Thu, 21 Sep 2023 01:53:56 GMT
content-encoding: gzip
via: 2.0 CachOS
x-bip: 73873061 cmah25lx21ca02.globoi.com
age: 408
x-thanos: 0A825C0F
vary: Accept-Encoding
content-type: application/json
cache-control: max-age=600, public
accept-ranges: bytes
content-length: 675
x-request-id: b66e5037-55f3-470e-a297-b31cb643a6dd

GET
H2 200 comScore-JS-6.3.1.181004.min.js Show response
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/static/vendor/libs/ 156 KB
50 KB 275ms
274ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/static/vendor/libs/comScore-JS-6.3.1.181004.min.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 387168815d8e02c9c12a63d98fdceacaea0993c73d9808dba062f1a3e4de84dc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:55 GMT
content-encoding: gzip
x-openstack-request-id: txb936e4cf07b44e1c8ff98-00650ba1b4
last-modified: Fri, 12 Nov 2021 20:02:05 GMT
x-thanos: 0A865013
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1636747324.98058
cache-control: public, max-age=180
x-trans-id: txb936e4cf07b44e1c8ff98-00650ba1b4
x-request-id: 8aaef6c5-e8f4-4608-ae98-87cfed107286

GET
H2 200 data Show response
a-fds.youborafds01.com/ 107 B
376 B 544ms
88ms XHR
application/json 89.149.212.36
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://a-fds.youborafds01.com/data?outputformat=json&system=globo&pluginVersion=6.8.42-adapterless-js&requestNumber=0.3807172313352516&timemark=1695261235534
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.212.36 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 97f5de5577f9dd7dde48e45c027b57564e57435a01ee4c0e27d8d14175e126ed

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:56 GMT
last-modified: Thu, 21 Sep 2023 01:53:56 GMT
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 107
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 gshow
horizon-track.globo.com/event/ 0
364 B 186ms
185ms Ping
text/plain 35.211.79.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://horizon-track.globo.com/event/gshow
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_ba8e460c944543468c3c80cb9675751f/libs/horizon/1.10.0/globocom-horizon.min.js?loading-agent=global-webdeps
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.211.79.33 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 33.79.211.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryFmmNwvyS82bI7uZJ

Response headers

date: Thu, 21 Sep 2023 01:53:55 GMT
x-served-from: hzt-tsuru
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gshow.globo.com
access-control-allow-credentials: true
access-control-allow-headers: user,User-Agent,Content-Type,GLBID,GLBUID,GST
content-length: 0

GET
H2 200 container.html Show response
6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3530 6 KB
3 KB 70ms
70ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31078044

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gshow.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 01:53:53 GMT
expires: Fri, 20 Sep 2024 01:53:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2A1C 6 KB
3 KB 77ms
76ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31078044

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gshow.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 01:53:53 GMT
expires: Fri, 20 Sep 2024 01:53:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 infanciaBG1.jpg
s0.2mdn.net/dfp/421333/4647392540/1693261596604/ Frame 842B 12 KB
12 KB 56ms
53ms Image
image/jpeg 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/infanciaBG1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

ad1a6a9fa0923538d648b1415c0cc8e3f9c344f99b8cb5a47e01f88d764b4abd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 10:45:47 GMT
x-content-type-options: nosniff
age: 54488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11849
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 10:45:47 GMT

GET
H2 200 musicaBG1.jpg
s0.2mdn.net/dfp/421333/4647392540/1693261596604/ Frame 842B 26 KB
26 KB 94ms
88ms Image
image/jpeg 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/musicaBG1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

cf1cad9131c06be80b40fb80de0654a0086d78b347cfd885a1a4d11d858697af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 10:45:47 GMT
x-content-type-options: nosniff
age: 54488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26736
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 10:45:47 GMT

GET
H2 200 txt1a.png
s0.2mdn.net/dfp/421333/4647392540/1693261596604/ Frame 842B 2 KB
2 KB 107ms
101ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/txt1a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

594a3089df92e1ee2da42a2899e249f1e3c378d169c00d8f900c3e927c904919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 10:45:47 GMT
x-content-type-options: nosniff
age: 54488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2460
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 10:45:47 GMT

GET
H2 200 txt1b.png
s0.2mdn.net/dfp/421333/4647392540/1693261596604/ Frame 842B 3 KB
3 KB 106ms
101ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/txt1b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

7806ff944a8ee908e1636e5ef74de3e5bfaf9ccc686c9639f71ff1c8fefccdf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 10:45:47 GMT
x-content-type-options: nosniff
age: 54488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2607
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 10:45:47 GMT

GET
H2 200 txt2a.png
s0.2mdn.net/dfp/421333/4647392540/1693261596604/ Frame 842B 2 KB
2 KB 102ms
96ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/txt2a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

a697f759f3c019f4c80e06cffcc0b89f93198c9d660ae7ad942c4098dadecdfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 10:45:47 GMT
x-content-type-options: nosniff
age: 54488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2353
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 10:45:47 GMT

GET
H2 200 txt2b.png
s0.2mdn.net/dfp/421333/4647392540/1693261596604/ Frame 842B 2 KB
2 KB 105ms
100ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/txt2b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

091cb14d02c6cc486c40ec667ec617475aca6809e9daf6d68a2e8ff943aa8cdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 10:45:47 GMT
x-content-type-options: nosniff
age: 54488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 10:45:47 GMT

GET
H2 200 txt2c.png
s0.2mdn.net/dfp/421333/4647392540/1693261596604/ Frame 842B 3 KB
3 KB 103ms
98ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/txt2c.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

3a1f0ef3e636f2563add4d78351213c09ac5cbb9658a0853b4c7751fce205af5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 10:45:47 GMT
x-content-type-options: nosniff
age: 54488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3314
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 10:45:47 GMT

GET
H2 200 kv.jpg
s0.2mdn.net/dfp/421333/4647392540/1693261596604/ Frame 842B 29 KB
29 KB 85ms
80ms Image
image/jpeg 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/kv.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

0c06525f1d963b27104c4079f90a6d445211d28450242ab8efc5cffd6edac6e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 10:07:21 GMT
x-content-type-options: nosniff
age: 56794
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29295
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 10:07:21 GMT

GET
H2 200 logo.png
s0.2mdn.net/dfp/421333/4647392540/1693261596604/ Frame 842B 14 KB
14 KB 69ms
64ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

6a05a2003709e34321ee14baefa352a3d6547502135715d318eb48637a31ec62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 10:45:47 GMT
x-content-type-options: nosniff
age: 54488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14783
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 10:45:47 GMT

GET
H2 200 globoplay.png
s0.2mdn.net/dfp/421333/4647392540/1693261596604/ Frame 842B 2 KB
2 KB 84ms
79ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/globoplay.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

37a976612ed7ce660adffb47b890c37c4dfc4a4be29d19248c11fc8b29b8436b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 10:45:47 GMT
x-content-type-options: nosniff
age: 54488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2083
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 10:45:47 GMT

GET
H2 200 infanciaBG1.jpg
s0.2mdn.net/dfp/421333/4647392540/1693261597064/ Frame B563 11 KB
11 KB 74ms
69ms Image
image/jpeg 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/infanciaBG1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

8270b8c9e359cde0b34e92e8de885bed3f2d61584c930d753876cba9e8e05d6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 04:58:18 GMT
x-content-type-options: nosniff
age: 75337
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11397
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 04:58:18 GMT

GET
H2 200 musicaBG1.jpg
s0.2mdn.net/dfp/421333/4647392540/1693261597064/ Frame B563 18 KB
18 KB 107ms
101ms Image
image/jpeg 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/musicaBG1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

fd252f79921650a705d0be71c8e2d87c1847577ec93b7b16658f1bb70b0cb6ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 04:58:18 GMT
x-content-type-options: nosniff
age: 75337
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18481
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 04:58:18 GMT

GET
H2 200 txt1a.png
s0.2mdn.net/dfp/421333/4647392540/1693261597064/ Frame B563 2 KB
2 KB 83ms
77ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/txt1a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

a2acf58eea170344c573f826dca96c530df2fcfdfb428386aa453936847cab49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 04:58:18 GMT
x-content-type-options: nosniff
age: 75337
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1597
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 04:58:18 GMT

GET
H2 200 txt1b.png
s0.2mdn.net/dfp/421333/4647392540/1693261597064/ Frame B563 2 KB
2 KB 82ms
77ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/txt1b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

9cedba3b9b538dbd20bc0d62b543d9f46da59cc5c50b4955601cc24cee468469

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 04:58:18 GMT
x-content-type-options: nosniff
age: 75337
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1738
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 04:58:18 GMT

GET
H2 200 txt2a.png
s0.2mdn.net/dfp/421333/4647392540/1693261597064/ Frame B563 2 KB
2 KB 128ms
123ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/txt2a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

95eeda582b2c9f2bbdd357dcbd75d4b0f68e3a2ea554644df71384c7551b5625

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 04:58:18 GMT
x-content-type-options: nosniff
age: 75337
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1924
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 04:58:18 GMT

GET
H2 200 txt2b.png
s0.2mdn.net/dfp/421333/4647392540/1693261597064/ Frame B563 2 KB
2 KB 129ms
124ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/txt2b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

8734216f64384298291169367bde1798843e90c1f007cb95fa7fe6937fe98984

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 04:58:18 GMT
x-content-type-options: nosniff
age: 75337
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1628
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 04:58:18 GMT

GET
H2 200 txt2c.png
s0.2mdn.net/dfp/421333/4647392540/1693261597064/ Frame B563 2 KB
3 KB 67ms
62ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/txt2c.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

188153acfff50e7a6557662766f9bb277374132cf6688b6db7c0ed8ddcb53039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 04:58:18 GMT
x-content-type-options: nosniff
age: 75337
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2497
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 04:58:18 GMT

GET
H2 200 kv.jpg
s0.2mdn.net/dfp/421333/4647392540/1693261597064/ Frame B563 21 KB
21 KB 109ms
105ms Image
image/jpeg 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/kv.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

b3595d7d8c6c7371cbbd7b865b48a2181edfde4876088b0476249aa0a8cb1548

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 04:58:18 GMT
x-content-type-options: nosniff
age: 75337
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21884
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 04:58:18 GMT

GET
H2 200 logo.png
s0.2mdn.net/dfp/421333/4647392540/1693261597064/ Frame B563 12 KB
12 KB 116ms
112ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

821d1a4e42107f66939d7d9ee7f5d3bf358345930fbe7fa32c4772764d611281

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 04:58:18 GMT
x-content-type-options: nosniff
age: 75337
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12401
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 04:58:18 GMT

GET
H2 200 globoplay.png
s0.2mdn.net/dfp/421333/4647392540/1693261597064/ Frame B563 2 KB
2 KB 108ms
104ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/globoplay.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

48c2271c052c4950be41f91cf745c979beea22457866b5b2e7b2211d6996c385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 04:58:18 GMT
x-content-type-options: nosniff
age: 75337
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1955
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 04:58:18 GMT

GET
H2 200 globoplay2.png
s0.2mdn.net/dfp/421333/4647392540/1693261597064/ Frame B563 2 KB
2 KB 119ms
116ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/globoplay2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

bf08eb380ffff9f516faeea6e58d16cde35e1508437c9a19a32e6ce4a46e4b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261597064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 04:58:18 GMT
x-content-type-options: nosniff
age: 75337
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1813
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 04:58:18 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/ Frame 3530 23 KB
9 KB 58ms
57ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/abg_lite_fy2021.js

Requested by

Host: 6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com
URL: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 19:56:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21420
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 19:56:55 GMT

GET
H2 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame 3530 109 KB
38 KB 55ms
54ms Script
text/javascript 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
Origin: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 03:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80384
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 03:34:11 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3530 24 KB
6 KB 79ms
78ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com
URL: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 07:30:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 152581
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Sep 2024 07:30:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3530 182 KB
57 KB 68ms
67ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com
URL: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 01:53:55 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/ Frame 2A1C 23 KB
9 KB 81ms
81ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/abg_lite_fy2021.js

Requested by

Host: 6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com
URL: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 19:56:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21420
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 19:56:55 GMT

GET
H2 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame 2A1C 109 KB
38 KB 48ms
47ms Script
text/javascript 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
Origin: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 03:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80384
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 03:34:11 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2A1C 24 KB
6 KB 70ms
69ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com
URL: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 07:30:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 152581
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Sep 2024 07:30:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2A1C 182 KB
57 KB 67ms
66ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com
URL: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 01:53:55 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/dfp/421333/4647392540/1693261597105/ Frame 5447 13 KB
3 KB 81ms
78ms Document
text/html 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

4a326b0c4e4cab032d171d187f880adb7f993111981b611fdda614b98630d321

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 3007
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 01:53:55 GMT
expires: Fri, 22 Sep 2023 01:53:55 GMT
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3530 0
63 B 92ms
90ms Image
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8q-gBizImoWz267xQUUsPVpS72PvDTxnltM55DFUHtzchpMYCvKr2OUqgciSmPz7F72Nu2LekP3iY_N4C50uvDzInGkJg23vkcyjkSccw9gfR6-22465nCbaUL0HfxIOHBupA1X4XP4WKVD9-KrRTIYxkmf7DsJt1-EgsvhKRWPOdzg7kV2eDz91sVJajbgidqhYGkdZHrMolM-6-8H4W7rf6SCrYYiZ_efbnWtMERZbjhmt_tNRArvcj_i9HIxSrLClxq8AyQpBx5mvZCdb4r-47Eo7qbPXT_-EyNyfu7nXg7ncKkz7uukXdqSLNUJs-4X0_23-MUJb0wx_Wk-ndbXlfeGL5tUiMFYinG8Rc7GTf&sai=AMfl-YT511txhBqQobWnQHwoN6PFNv70EUN0wCuFQWJZ_a_RZFt8rT7a5DGAExfhuGJzu7JQpKsAJ5Wi_1F3qiKKqHWt8s539EHGWybrqpNcVEdVyPLQVwU__kW10l56K_U&sig=Cg0ArKJSzFA9mjmRTlxLEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com
URL: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3530 0
0 87ms
87ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkQqfzkUjR5VgMZXeq6vKPE0GhNB1qb_ir_jwGtfBsR2j-YfS_hMXnr0MpqbxTsz7KjshbfbYVLmPKE7TZJHV2jytzJguBfRsZ6qde9S1mzyi25-bV_XSldOjhldq-Sq4mj6GGXWSSwW_JW8ycraCgJNs4Byw5KwxzcG8lBeOpapYQObqqWpN6eboqtLIlc-Bk0cqMkVhnYzr8rhvIDMQ4SDb2Ud2CKlbeGsMWROi-DnLMpqZn8hGLuTSfIyD_jzw-krrLqT0JUXTyf_dUMAjKa2rLxTBgA6MEG-33FtNzA0fSVYJiVKQ_F6sARDGrY9HmKYcK_7lp_0p_STu13H4iZd1c3_m4&sai=AMfl-YRSpZCE-r_ybzyKSzVYgQVPVcZSeDKKmLM0lmaCV_rP4ZvukGK-8Ybfl6whxLyQMRZ8MPBcdR0usablkM733VY3DoZsso99574-eWXYen0HoksICzAunfZ5RQqeVc0&sig=Cg0ArKJSzOeXWSNXWFK5EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Sep 2023 01:53:55 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/dfp/421333/4647392540/1693261597105/ Frame 2FAE 13 KB
3 KB 62ms
57ms Document
text/html 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

4a326b0c4e4cab032d171d187f880adb7f993111981b611fdda614b98630d321

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 3007
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 01:53:55 GMT
expires: Fri, 22 Sep 2023 01:53:55 GMT
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2A1C 0
63 B 97ms
95ms Image
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstgEJIg76AKX3Go-vA62auvcSpdhbbmjoHuDPbq4zurYbnfLyo78snKdKvRbv66by6HzHYETsDXiwK8k-0QKljXLysk1RU0NH0eTnjbrXVQcy2yqZfGq5ByWu-9shvlWSZZ9z5CsqUTK5VGJuRWNh-FcepHZRYWegn93zfJyPEaFGDiWcn7ccVY7rmuQxVeNt20u2zocHoKNz8_VTR64M3dXN21iExDgfWlw_6WjDGCbQMzQMw3VH0PCLgTIe4-ML1US68G2W0uDUC94G_FjYvtUjBg4Fm3upNqkkQmWUvVWffu0PJwo5yLF26mN_O2jNHIY8zLYTa7jUykkZt44wcbqwm9ePKJgtXtQ_tduxHlLfdc&sai=AMfl-YSTehtQgCTl3wXPy2ak-z9Nh57iIPcwgPdGcEdbewr8lXFyVBrzjSrn3tq70oTt1MdZ_BI8KA3nmOBI3hoNqoCsh4HbImx8oA0YDr30i_6r41W3E_ntM2mGW3RZ1GA&sig=Cg0ArKJSzA42T7pALE3GEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com
URL: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2A1C 0
0 98ms
98ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCktu7sGRt9gwfCvHbQ8M8u-K19WNpoWoExA6j9DIN4ePF2J9bTIW2qN1HKPwfR0MmF8xMoGHlNq7kuSdbZymB2VayJbBjSvAdZR-pN-dHaQG2XMkZbGH3JweZHG3rVSzRBWSWrSnhx_SvyiCxv78KRo-iiVKkVEF8GNqQ1Cw9zXQqCq7OHx6DgMSoktqJa1BpEgeWeVv9rWZG_ClL9C6ktWz7-CmzKmvm4Gl1O-oBOsVIxuBeTAJtL3s8iSDkw4hf9keylgx20DJ7hLAzTKUhBIVbooo3bBOZv1NLp9GOhzGRQF7VkBhRGJPO03JGi9UF3J9cAh-vNUewM6IET3n2-TQ3LbUq&sai=AMfl-YRm2_11jiHp9TQt5FKNVzi-w4JwdYg4HyHjdnLclw8hz6kgIxkf_wc7hhqaTdcB_sTx77siAFO9ecOOsQLT84RZInK2wOCv1mNwjS-NSudIVrKzfHzThNKDvBQbZRI&sig=Cg0ArKJSzMZdmwIkRDneEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Sep 2023 01:53:56 GMT

GET
H2 200 infanciaBG1.jpg
s0.2mdn.net/dfp/421333/4647392540/1693261597105/ Frame 5447 6 KB
6 KB 83ms
78ms Image
image/jpeg 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/infanciaBG1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

0f596c517d18bd063e44648770f0d7cf7cc924a3f2c9caa8eb27dd1fe4e3d277

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:56 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6113
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Sep 2023 01:53:56 GMT

GET
H2 200 musicaBG1.jpg
s0.2mdn.net/dfp/421333/4647392540/1693261597105/ Frame 5447 23 KB
23 KB 94ms
88ms Image
image/jpeg 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/musicaBG1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

c4e9c14012b527bac67ee9784ee416fc4e56fbd5cd9ebc0a4a2dd16bccfac002

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:27:13 GMT
x-content-type-options: nosniff
age: 66403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23642
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 07:27:13 GMT

GET
H2 200 txt1a.png
s0.2mdn.net/dfp/421333/4647392540/1693261597105/ Frame 5447 3 KB
3 KB 86ms
82ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/txt1a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

04a53cd817618fa5b020b5d287e539b34f7c21d5dc3af8046c9b80286841d1c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:27:13 GMT
x-content-type-options: nosniff
age: 66403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2823
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 07:27:13 GMT

GET
H2 200 txt1b.png
s0.2mdn.net/dfp/421333/4647392540/1693261597105/ Frame 5447 3 KB
3 KB 88ms
84ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/txt1b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

4477eafd369698f3333ec52db41d1ec33a3617b2233e39ba012743d856c133bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:27:13 GMT
x-content-type-options: nosniff
age: 66403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3010
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 07:27:13 GMT

GET
H2 200 txt2a.png
s0.2mdn.net/dfp/421333/4647392540/1693261597105/ Frame 5447 3 KB
3 KB 90ms
86ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/txt2a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

ebec09045b438226ba2113495d30f516e3a77e6675ebfa9de9c4729588224eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:27:13 GMT
x-content-type-options: nosniff
age: 66403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2585
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 07:27:13 GMT

GET
H2 200 txt2b.png
s0.2mdn.net/dfp/421333/4647392540/1693261597105/ Frame 5447 2 KB
2 KB 89ms
86ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/txt2b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

82387f3dcaa2f8922b06cd4fc7c2b42fd04886dd53d685ddf75254a99d07794a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:27:13 GMT
x-content-type-options: nosniff
age: 66403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2044
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 07:27:13 GMT

GET
H2 200 txt2c.png
s0.2mdn.net/dfp/421333/4647392540/1693261597105/ Frame 5447 3 KB
3 KB 88ms
85ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/txt2c.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

e069aaf2bc09dc3c9ad1d30e0a0873a04f57888f73af9e53cbd07c9d21c657d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:27:13 GMT
x-content-type-options: nosniff
age: 66403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3208
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 07:27:13 GMT

GET
H2 200 kv.jpg
s0.2mdn.net/dfp/421333/4647392540/1693261597105/ Frame 5447 19 KB
19 KB 89ms
87ms Image
image/jpeg 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/kv.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

ecb0986cffd9cbed48106b3b56d34d224b0df5c4aca056d9705521f39b70bff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:27:13 GMT
x-content-type-options: nosniff
age: 66403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19840
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 07:27:13 GMT

GET
H2 200 logo.png
s0.2mdn.net/dfp/421333/4647392540/1693261597105/ Frame 5447 10 KB
10 KB 91ms
89ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

c0d261c0accdf8b18d6a6175a5d489f845d02c6ed0c332da4f15649213df4b2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:27:13 GMT
x-content-type-options: nosniff
age: 66403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10261
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 07:27:13 GMT

GET
H2 200 globoplay.png
s0.2mdn.net/dfp/421333/4647392540/1693261597105/ Frame 5447 2 KB
2 KB 90ms
88ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/globoplay.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

2ded3b180fd83eaac3d934400cf281fe5e5604d6ea954b437caf5ff729be9b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:27:13 GMT
x-content-type-options: nosniff
age: 66403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2188
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 07:27:13 GMT

GET
H2 200 infanciaBG1.jpg
s0.2mdn.net/dfp/421333/4647392540/1693261597105/ Frame 2FAE 6 KB
6 KB 74ms
72ms Image
image/jpeg 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/infanciaBG1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

0f596c517d18bd063e44648770f0d7cf7cc924a3f2c9caa8eb27dd1fe4e3d277

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:56 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6113
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Sep 2023 01:53:56 GMT

GET
H2 200 musicaBG1.jpg
s0.2mdn.net/dfp/421333/4647392540/1693261597105/ Frame 2FAE 23 KB
23 KB 65ms
62ms Image
image/jpeg 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/musicaBG1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

c4e9c14012b527bac67ee9784ee416fc4e56fbd5cd9ebc0a4a2dd16bccfac002

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:27:13 GMT
x-content-type-options: nosniff
age: 66403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23642
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 07:27:13 GMT

GET
H2 200 txt1a.png
s0.2mdn.net/dfp/421333/4647392540/1693261597105/ Frame 2FAE 3 KB
3 KB 67ms
65ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/txt1a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

04a53cd817618fa5b020b5d287e539b34f7c21d5dc3af8046c9b80286841d1c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:27:13 GMT
x-content-type-options: nosniff
age: 66403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2823
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 07:27:13 GMT

GET
H2 200 txt1b.png
s0.2mdn.net/dfp/421333/4647392540/1693261597105/ Frame 2FAE 3 KB
3 KB 68ms
65ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/txt1b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

4477eafd369698f3333ec52db41d1ec33a3617b2233e39ba012743d856c133bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:27:13 GMT
x-content-type-options: nosniff
age: 66403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3010
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 07:27:13 GMT

GET
H2 200 txt2a.png
s0.2mdn.net/dfp/421333/4647392540/1693261597105/ Frame 2FAE 3 KB
3 KB 68ms
66ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/txt2a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

ebec09045b438226ba2113495d30f516e3a77e6675ebfa9de9c4729588224eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:27:13 GMT
x-content-type-options: nosniff
age: 66403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2585
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 07:27:13 GMT

GET
H2 200 txt2b.png
s0.2mdn.net/dfp/421333/4647392540/1693261597105/ Frame 2FAE 2 KB
2 KB 69ms
67ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/txt2b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

82387f3dcaa2f8922b06cd4fc7c2b42fd04886dd53d685ddf75254a99d07794a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:27:13 GMT
x-content-type-options: nosniff
age: 66403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2044
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 07:27:13 GMT

GET
H2 200 txt2c.png
s0.2mdn.net/dfp/421333/4647392540/1693261597105/ Frame 2FAE 3 KB
3 KB 69ms
68ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/txt2c.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

e069aaf2bc09dc3c9ad1d30e0a0873a04f57888f73af9e53cbd07c9d21c657d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:27:13 GMT
x-content-type-options: nosniff
age: 66403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3208
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 07:27:13 GMT

GET
H2 200 kv.jpg
s0.2mdn.net/dfp/421333/4647392540/1693261597105/ Frame 2FAE 19 KB
19 KB 70ms
68ms Image
image/jpeg 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/kv.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

ecb0986cffd9cbed48106b3b56d34d224b0df5c4aca056d9705521f39b70bff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:27:13 GMT
x-content-type-options: nosniff
age: 66403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19840
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 07:27:13 GMT

GET
H2 200 logo.png
s0.2mdn.net/dfp/421333/4647392540/1693261597105/ Frame 2FAE 10 KB
10 KB 71ms
70ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

c0d261c0accdf8b18d6a6175a5d489f845d02c6ed0c332da4f15649213df4b2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:27:13 GMT
x-content-type-options: nosniff
age: 66403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10261
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 07:27:13 GMT

GET
H2 200 globoplay.png
s0.2mdn.net/dfp/421333/4647392540/1693261597105/ Frame 2FAE 2 KB
2 KB 72ms
71ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/globoplay.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

2ded3b180fd83eaac3d934400cf281fe5e5604d6ea954b437caf5ff729be9b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261597105/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:27:13 GMT
x-content-type-options: nosniff
age: 66403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2188
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 07:27:13 GMT

POST
H2 204 event Show response
prebid-a.rubiconproject.com/ 0
125 B 56ms
54ms XHR
text/plain 18.198.225.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/11366_gshow.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.225.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-225-132.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 21 Sep 2023 01:53:56 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 226ms
76ms Preflight 18.198.225.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.225.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-225-132.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://gshow.globo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Thu, 21 Sep 2023 01:53:56 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 199ms
77ms Preflight 18.198.225.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.225.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-225-132.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://gshow.globo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Thu, 21 Sep 2023 01:53:56 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 204 event Show response
prebid-a.rubiconproject.com/ 0
125 B 76ms
74ms XHR
text/plain 18.198.225.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/11366_gshow.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.225.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-225-132.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 21 Sep 2023 01:53:56 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7DF7 42 B
404 B 842ms
115ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstV0r1RC3EfDvkcXHya0JsqUuTXuki0VbLam6IDM_DHs2ef5hkYdvKwOPeA8fzvi6kLo9iEbAMQm2R_J8Tz2h0aHEG_NYbrNmBIoONdAT4EMR2dIpr7H_24JiTB_nmX&sig=Cg0ArKJSzDoegb4era8TEAE&id=lidar2&mcvt=1000&p=158,315,408,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230920&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=3108422164&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695261232857&rpt=2392&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:53:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 93 KB
30 KB 75ms
75ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.136.js

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/11366_gshow.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 19 May 2023 17:15:21 GMT
server: nginx
etag: W/"6467aea9-175c4"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 22 Sep 2023 01:53:56 GMT

POST
H/1.1 204
No Content collect Show response
y.clarity.ms/ 0
295 B 145ms
144ms XHR
text/plain 104.211.35.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://y.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.211.35.148 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://gshow.globo.com
Date: Thu, 21 Sep 2023 01:53:56 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H2 200 11961570.jpg
s03.video.glbimg.com/x720/ 91 KB
92 KB 1467ms
471ms Image
image/jpeg 186.192.91.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s03.video.glbimg.com/x720/11961570.jpg

Requested by

Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-2.prt.globo.com

Software

Resource Hash

85168199ecd54b8e7f44ca570d729d6fa577a083130b67e57deedb5d4ce384e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:57 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-bip: 24731251 cmah19lx37ca01.globoi.com
age: 17538
content-transfer-encoding: binary
content-disposition: inline; filename="11961570_x720.jpg"; filename*=UTF-8''11961570_x720.jpg
content-length: 93036
x-xss-protection: 0
x-request-id: c6be87e6-d88a-4200-a490-2ca939235177
x-runtime: 0.812699
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 14:32:54 GMT
x-thanos: 0A819C70
etag: 97897123bf45b609814dceecfa7f5d198290a3ab
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=43200
accept-ranges: bytes
expires: Thu, 21 Sep 2023 09:01:39 GMT

GET
H2 200 bridge3.590.0_pt_br.html Show response
imasdk.googleapis.com/js/core/ Frame 9F99 721 KB
231 KB 58ms
57ms Document
text/html 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.590.0_pt_br.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

sffe /

Resource Hash

3d87c7f5c3399c48b057acd998c0eecc34807ff952af1ac586e5ef7d71f4db60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gshow.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 283761
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 236571
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Sep 2023 19:04:35 GMT
expires: Mon, 16 Sep 2024 19:04:35 GMT
last-modified: Thu, 14 Sep 2023 21:14:17 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
16 KB 63ms
63ms Script
text/javascript 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 01:53:56 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1E3A 40 KB
14 KB 53ms
52ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 21 Sep 2023 02:36:14 GMT

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 93 KB
30 KB 515ms
85ms XHR
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.136.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 19 May 2023 17:15:21 GMT
server: nginx
etag: W/"6467aea9-175c4"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 22 Sep 2023 01:53:57 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
200 B 186ms
185ms Image
image/gif 44.196.12.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=video%40gshow.globo.com&g=65728&p=https%3A%2F%2Fgloboplay.globo.com%2Fv%2F11961570%2F&i=Lu%C3%ADsa%20Sonza%20revela%20que%20terminou%20namoro%20com%20Chico&g0=GSHOW%2CNovelas%2CMundo%20de%20novela%2Cmateria&u=CuV4VdBT9MZ_DgICvl&t=Cz7YTjia1zwBeFzAGBOzUB6CavXhs&x=0&y=0&V=141&n=1&b=9669&r=&_vd=278712&_vi=Hercai%3A%20Amor%20e%20Vingan%C3%A7a%3B%20novela%20turca%20estreia%20no%20Globoplay%20%7C%20Mundo%20de%20novela%20%7C%20gshow&_vp=gshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&_vh=gshow.globo.com&_pu=D-qTUdCc4f9vgFsoL&_pt=BHt0c7Bs3czVCPt0yeCMwS80CZqbN&_pr=&_vdd=gshow.globo.com&_vt=ct&_vs=s1&_vcs=0&_vvs=1.24&_vpt=0&_vtn=https%3A%2F%2Fs03.video.glbimg.com%2Fx240%2F11961570.jpg&_vaup=unkn&_vce=0&c=0.02&W=0&R=0&I=1&E=0&j=75&tz=-120&_
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.12.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-12-222.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 21 Sep 2023 01:53:56 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 9F99 3 KB
1 KB 116ms
110ms XHR
text/xml 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?sz=1280x720&iu=%2F95377733%2Ftvg_Gshow%2FMundo_de_Novela&cmsid=11413&vid=11961570&cust_params=video_subscription%3Dfalse%26nvg_gender%3D%26nvg_age%3D%26nvg_income%3D%26permutive-id%3D0b31f6f0-8b82-4b24-9558-4a66c3d8cb92%26permutive%3D88434%2C90176%2C131056%2C134328%2C136768%2C138292%2C138296%2C138298%2C141268%2C142110%2C156165%2C158439%2C162083%2C166023%26tvg_pgStr%3Dgshow%2Fnovelas%2Fmundo%20de%20novela&ciu_szs=940x360&gdfp_req=1&env=vp&output=xml_vast4&unviewed_position_start=1&url=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&description_url=https%3A%2F%2Fgloboplay.globo.com%2Fv%2F11961570%2F&correlator=1358379616435477&sdkv=h.3.590.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=193247113&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.590.0&sid=56C1170B-77C9-407B-94D5-149B8E75C211&a3p=EhkKCnVpZGFwaS5jb20Y7JrGq6sxSABSAghkEhsKDGlkNS1zeW5jLmNvbRicpcarqzFIAFICCGoSWgoNY3J3ZGNudHJsLm5ldBJAOTRlYzg0NTdhZTliYzZiY2RiYjU3ZTRiMWZjM2UzMjI0NmIwMDI1ODY2ZGM5YmNlYzdiYWE0MjkzODhjNDNjORiBpsarqzFIABI7CgpwdWJjaWQub3JnEiRkODI2NzRlMy0zYjQwLTQ1OWYtODYxYS1hM2QzNGFhNTg0MTEY1aHGq6sxSAASHQoOZXNwLmNyaXRlby5jb20Y7JrGq6sxSABSAghkEj4KBW9wZW54EixleUpwSWpvaVVFSlJZM1JTUTJ0U2VUWnhhMjkyWnpkRVJWY3JaejA5SW4wPRjko8arqzFIABKCAgoIcnRiaG91c2US7AFuMUF0T0tIWmZMTWVhY0hBaDRFYklWMlU2aXpkbjdCTTFQcy9zWGpkMThCd2dhWG5LaDZURTJUY3I0TGF0bFYrOTNlK2dYNnhSZ3Y4VkVBdFJmdno1YlliaHRjVGo0Mmh2UzB0WGtXWHFpVVg5YWJYdzR3dmlML0NFZFh4b0FuVlpPbUR1SEJQRXNEVmxGenFpT3lONTgrVjZxNk9uQStZaFBRbGhYQXpuK1dEUmNSVGplT3U5Ny9vYWZ3R2JZZTZ5UmFjOVJxUWpoZG5MbGZHMmZaQ0VUUFc2cXBsbXJhaDk5c08wWjZUbzJRPRjJpcarqzFIAA..&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44800470&dt=1695261237084&cookie=ID%3Dd22fc0a83d863e9d%3AT%3D1695261232%3ART%3D1695261232%3AS%3DALNI_Mbyw-vzerPwOc37-HN8n4nm4dCdEA&gpic=UID%3D00000c7aeab05c41%3AT%3D1695261232%3ART%3D1695261232%3AS%3DALNI_MapYhBlB1OiNLGbQEgvyyH7HSzsIw&scor=1210468324810508&ged=ve4_td9_tt0_pd9_la9000_er5805.476.5960.776_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.590.0_pt_br.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

fffedb0ba7a57194a574e29ac909fcad9116087f57053e5ccbceaed9be3723ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1025
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 72ms
71ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-W1G9LMC88G&gtm=45je39i0&_p=1968325864&cid=1046947086.1695261230&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&uid=&sid=1695261229&sct=1&seg=1&dl=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&dt=Hercai%3A%20Amor%20e%20Vingan%C3%A7a%3B%20novela%20turca%20estreia%20no%20Globoplay%20%7C%20Mundo%20de%20novela%20%7C%20gshow&en=page_view&ep.consumption_environment=web&ep.publishing_period=Ate%203%20meses&ep.adblock=False&ep.page_type=materia&ep.words_count_range=266%20a%20370&ep.last_referrer=direct&ep.update_period=Ate%202%20meses&ep.publishing_day=21-07-2023&ep.editorial=GSHOW%2CNovelas%2CMundo%20de%20novela&ep.editorial_path=novelas%2Fmundo-de-novela&ep.content_type_internal=materia&ep.platform=desktop&ep.connection_type=4g&ep.user_code_provider_hit=&ep.user_code_hit=&ep.bs_content_type=multi-content&ep.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&ep.horizon_client_uuid=c3dbba6c-769e-4552-a02a-1c592c8fc171&ep.logged_visit=&ep.has_video_on_top=false&epn.cpu_cores=4&epn.device_memory=8&epn.round_trip_time=0&ep.save_data=false&epn.word_quantity=297&_et=2640&up.user_code=&up.user_code_provider=&up.krux_id=&up.logged_visitor=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W1G9LMC88G&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:53:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gshow.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 13715 Show response
check.analytics.rlcdn.com/check/ 25 B
384 B 265ms
122ms XHR
application/json 143.204.98.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://check.analytics.rlcdn.com/check/13715
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/11366_gshow.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-32.fra50.r.cloudfront.net
Software: /
Resource Hash: 8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Sep 2023 01:53:57 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amzn-trace-id: Root=1-650ba235-4735a248410cbe925c479e21
x-amzn-requestid: d3660ccd-c303-44c4-80d8-f2567261d09f
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: LlZIaFh-DoEF0zQ=
content-length: 25
x-amz-cf-id: QHVvZG8kR2RyIJ18eQB1fEfORD-DUxdZaF3nUg5uaKcllnqh0-5SkQ==

GET
H2 200 13715 Show response
check.analytics.rlcdn.com/check/ 25 B
383 B 312ms
170ms XHR
application/json 143.204.98.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://check.analytics.rlcdn.com/check/13715
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/11366_gshow.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-32.fra50.r.cloudfront.net
Software: /
Resource Hash: 8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Sep 2023 01:53:57 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amzn-trace-id: Root=1-650ba235-17847d431081ba3c17cd747a
x-amzn-requestid: d07f9dc7-3de5-4885-92db-1f831a31e759
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: LlZIbG6dDoEFi9g=
content-length: 25
x-amz-cf-id: DqsDMWmCee119GLSO6h6mIeDcMmJfoe_hBeSmugag6O3BweC5jnbDA==

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
128 B 58ms
58ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by: Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 79fcf9c882fe9974eddf2cb254f6866ec04289d4ffae33faac024bbef567f42b

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 21 Sep 2023 01:53:57 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://gshow.globo.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110

GET
H2 200 ping
ping.chartbeat.net/ 43 B
200 B 172ms
172ms Image
image/gif 44.196.12.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=gshow.globo.com&p=%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&u=D-qTUdCc4f9vgFsoL&d=gshow.globo.com&g=65728&g0=GSHOW%2CNovelas%2CMundo%20de%20novela%2Cmateria&g1=No%20Author&n=1&f=00001&c=0.09&x=0&m=0&y=9868&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&PA=https%3A%2F%2Fgshow.globo.com%2Fnovelas%2Fmundo-de-novela%2Fnoticia%2Fhercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml&b=6839&t=BHt0c7Bs3czVCPt0yeCMwS80CZqbN&V=141&tz=-120&_vi=Lu%C3%ADsa%20Sonza%20revela%20que%20terminou%20namoro%20com%20Chico&_vp=https://globoplay.globo.com/v/11961570/&_vdd=video%40gshow.globo.com&_vs=s1&_vt=ct&_vtn=https%3A%2F%2Fs03.video.glbimg.com%2Fx240%2F11961570.jpg&_vd=278712&sn=2&sv=_ApgvCGOjmqizJ0nD4btcMDSS9aU&sd=1&im=067b9fff&_
Requested by: Host: gshow.globo.com
URL: https://gshow.globo.com/novelas/mundo-de-novela/noticia/hercai-amor-e-vinganca-novela-turca-estreia-no-globoplay.ghtml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.12.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-12-222.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 21 Sep 2023 01:53:57 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
34 B 56ms
56ms XHR
text/plain 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=false&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by: Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 21 Sep 2023 01:53:58 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 112ms
111ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31078044

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

8e8afde7c2fbe6c9e3078993737da9b17acff0ca78a2a6ffecfdb4146d6b75c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12204
x-xss-protection: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=6AA41BE29AD34AE99C246AC88A276915&RedC=c.clarity.ms&MXFR=035A70CCA8EF68121CA9635FACEF6666
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6AA41BE29AD34AE99C246AC88A276915&MUID=260773663B2A68A23A9760F53A2C696D

42 B
466 B

91ms
90ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6AA41BE29AD34AE99C246AC88A276915&MUID=260773663B2A68A23A9760F53A2C696D
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:54:00 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:53:58 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A1F7607633F5470CAE9FD775BF106076 Ref B: ZRHEDGE1113 Ref C: 2023-09-21T01:53:59Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6AA41BE29AD34AE99C246AC88A276915&MUID=260773663B2A68A23A9760F53A2C696D
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame BCAE 15 KB
6 KB 73ms
72ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=gshow.globo.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://gshow.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 01:53:58 GMT
server: Kestrel
server-processing-duration-in-ticks: 770383
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame BCAE 422 B
554 B 72ms
71ms Fetch
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=globo.com&sn=ChromeSyncframe&so=3&topUrl=gshow.globo.com&bundle=6stx6V9JbmRORnhLblFnRmFEeVBQSlRmTkkzSmNZV2lRc2xZdGozdWlRVnUlMkZ4bWZuMWx1RCUyRjg3aTJwbzVxWFZJS3BKb1pTTkx6ZnRQaWI1Tm5ncmhIb1o0MW9PUFBQWnlQNEVFVUdNaGFEdjJpeHJFeWpXRXBBeU5GanlHdjF1V09Rd2h2bUJtZ0JSaUg3SXRhU04lMkI0dGQ2Y2clM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=gshow.globo.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9e973b2370b26b1fad1a26417eb198e393081cf01c14541fb1251950278ae881

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=gshow.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:53:58 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2139027
expires: 0

GET
H2 200 infanciaBG2.jpg
s0.2mdn.net/dfp/421333/4647392540/1693261596604/ Frame 842B 11 KB
11 KB 57ms
57ms Image
image/jpeg 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/infanciaBG2.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

d3c619b591efdfadb90dcb2867728ca7be11b7ef191aabd3739439d65aaafa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:18:32 GMT
x-content-type-options: nosniff
age: 20126
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11417
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 20:18:32 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 66ms
65ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31078044

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 01:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Sep 2023 01:53:58 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D5C3 13 KB
5 KB 66ms
65ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gshow.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 36117
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Sep 2023 15:52:02 GMT
expires: Thu, 19 Sep 2024 15:52:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C7F3 829 B
978 B 72ms
71ms Document
text/html 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f4.1e100.net

Software

GSE /

Resource Hash

a41c5e3d13e157650fb7e5390735766c6861e6cd01ca7db2ab9395156460c0bc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PRfAMJMyl4PUtOMwX9YF1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gshow.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-PRfAMJMyl4PUtOMwX9YF1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 01:53:59 GMT
expires: Thu, 21 Sep 2023 01:53:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js Show response
pagead2.googlesyndication.com/bg/ Frame D5C3 37 KB
15 KB 61ms
61ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 13:42:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14739
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 13:42:54 GMT

GET
H2 200 infanciaBG3.jpg
s0.2mdn.net/dfp/421333/4647392540/1693261596604/ Frame 842B 11 KB
11 KB 54ms
54ms Image
image/jpeg 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/infanciaBG3.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

03923b88153e5b2bfa5ebc8a0ea4ee1384d2219ca365ea355574d8b0a35aaaba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/dfp/421333/4647392540/1693261596604/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 15:52:53 GMT
x-content-type-options: nosniff
age: 36066
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11377
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 22:26:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 15:52:53 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C7F3 0
0 90ms
90ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309180101&jk=1928937688576847&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET generate_204
tpc.googlesyndication.com/ Frame D5C3 0
0

POST
H2 204 csi
csi.gstatic.com/ 0
234 B 1301ms
185ms Ping
image/gif 172.253.122.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lmsirose&ctx=0&met.9=1.2n0~2.2rx&met.3=112.77e_1~195.8fx~195.8lo
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.122.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bh-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:54:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 451ms
451ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309180101&jk=1928937688576847&bg=!W1ilWBfNAAbP3fMH7907ADQBe5WfOMvQe2Oyy24ev05o2G5vGR93209G4gFbPtPEQ0EHNes5o2KDRg7NK9qHKLjCiC1gAgAAAJFSAAAAJmgBB5kCxTM1--x-3rr06dnxhj-QviHSIrnsLJbmiRK946gHo9wzmIH5L3ix1jH4HqKc2ZeJrIvn455aMZkimpxD76a2zHADGR2M7j6f3VArTIMbH3vRgHXFkwVgiXQfrgzxTj2TjzIkjAZux9ZM-P2hNnMob4vgoN3PK3nPm6JL1UvPP0rKMA1DD1OlSjNdNR2NqqJgGnHWtpo5P3HZGQSIe9X5t1jAnQ1q2O3pg5qg42Dwn1MlsInJxkP_9UVnl_nGOu8r75XiDhsSC3gL1hbnzI3amHcR66akpbh447dBOfGHDXYzJRQWpmvXJCIFDoyIHyJbR7ywhM5F4FABSzsQn6NjipC1l-qEMDXex7Zm4cthhK38DI680W92GcDbVSoaEJR1OJueaMk9jj0MebUmF6WAJlW8iyW30PBALRv1otOskYY9vE7FruAVG-KlMRtfkG9hqr7sOlIY19F7rloJSot2EI7ESJGcyaGpu92yu3Rk7jFStCvXQj6wvM30dfH3PreKOHzVAnydThaJ41OxrwcCanffVmbnlMkiTAkZTYdiyv4ePjHWse3SI4AhO0NjjyI433MxQQT5sMM2HYEpYXvo7oUQkKQ3VClc_7EAlQFrmgkCAW5zl0AkIHucOsXjz3f5obtBNAznxWiTUz7M66Rv8bRf-UxlOWGlPCTcOjH9BxzI7Ebft7fwt5KJ-R5AOwsLg_sOCHwVhGkcsAcFZLvl8QvjHcLikYPgIzPvWE-tZkinywCpFjgJeLGWzqX8Vzo66mEi8XVqi8df_C9eDVSYLxlKNg-cYuCadMIWFuOEZGi3cpqRmut7UTfeDU8UExlKorTrfQO8LvQlgMBC2kl8M6LDzC7NwS9tlirFpvxKCGWvbK7wcmZftnGZaqjzHRRg16nYWFcseDejGDlbgxuLL85dEDyI9BhICU54CPFMPeNbYr3MW9U
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gshow.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 0
253 B 915ms
66ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=13715
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/11366_gshow.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 55.133.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Sep 2023 01:54:01 GMT
via: 1.1 google
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://gshow.globo.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 240F 52 KB
17 KB 911ms
63ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/11366_gshow.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://gshow.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 69487
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 21 Sep 2023 01:54:01 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 12 Aug 2023 06:34:33 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 5734, 482334
X-Served-By: cache-lga13626-LGA, cache-ams21061-AMS
X-Timer: S1695261241.096094,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 8BA2 281 B
554 B 908ms
61ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/11366_gshow.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://gshow.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 21 Sep 2023 01:54:01 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8BA2 36 KB
11 KB 55ms
55ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 51d124d36cad7f55b97069e9ccd3c06c32174f2d09e959bd9912366b06f12ec6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 01:54:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Sep 2023 11:53:50 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=35986
Connection: keep-alive
Content-Length: 10516
Expires: Thu, 21 Sep 2023 11:53:47 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 240F 0
595 B 67ms
66ms Script
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:54:01 GMT
an-x-request-uuid: 7ccf66d1-6f26-454d-be4e-b5668898f51b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 80.219.12.203; 80.219.12.203; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 8BA2 7 B
778 B 854ms
631ms XHR
application/json 69.173.144.165

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

POST
H/1.1 204
No Content collect Show response
y.clarity.ms/ 0
295 B 321ms
321ms XHR
text/plain 104.211.35.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://y.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.211.35.148 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://gshow.globo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://gshow.globo.com
Date: Thu, 21 Sep 2023 01:54:02 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 240F 0
594 B 60ms
59ms Script
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:54:02 GMT
an-x-request-uuid: 184ab267-58bd-437d-9343-b77d11085e28
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 80.219.12.203; 80.219.12.203; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8BA2
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODA5ODA4NmMzMTdhMmYyOWYyNDMyZDIwYjlkNGNlOGJmZThkNDgzZQ

170 B
232 B

68ms
67ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODA5ODA4NmMzMTdhMmYyOWYyNDMyZDIwYjlkNGNlOGJmZThkNDgzZQ

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:54:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODA5ODA4NmMzMTdhMmYyOWYyNDMyZDIwYjlkNGNlOGJmZThkNDgzZQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET dcm
s.amazon-adsystem.com/ Frame 8BA2 0
0

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 8BA2 70 B
264 B 86ms
83ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 21 Sep 2023 01:54:02 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET

eFitUpmELeb6_QPVCu0Edcn5EUdSAgOZEtemQ7w0kco
pr-bh.ybp.yahoo.com/sync/rubicon/ Frame 8BA2
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/eFitUpmELeb6_QPVCu0Edcn5EUdSAgOZEtemQ7w0kco?csrc=

0
0

GET

setuid
px.ads.linkedin.com/ Frame 8BA2
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMSIROG8-16-9XZC

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8BA2
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE1TSVJPRzgtMTYtOVhaQw==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBPIS2SIpUepMab9Ey0Lijc&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1TSVJPRzgtMTYtOVhaQw==&google_push=

170 B
188 B

68ms
67ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1TSVJPRzgtMTYtOVhaQw==&google_push=

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:54:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1TSVJPRzgtMTYtOVhaQw==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 8BA2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJGl6trrFs67l7_8nHSoIrA&google_cver=1

42 B
691 B

256ms
53ms

Image
image/gif

69.173.144.165

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJGl6trrFs67l7_8nHSoIrA&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.165 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 21 Sep 2023 01:54:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJGl6trrFs67l7_8nHSoIrA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 8BA2
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=x5bo3DisSwyIsDnfvn_oRg&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=x5bo3DisSwyIsDnfvn_oRg

43 B
479 B

82ms
82ms

Image
image/gif

67.220.224.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=x5bo3DisSwyIsDnfvn_oRg

Protocol

HTTP/1.1

Server

67.220.224.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Sep 2023 01:54:02 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 8ERNGQC0FGEHYA5VAYRN
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=x5bo3DisSwyIsDnfvn_oRg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: globo-ab.globo.com
URL: https://globo-ab.globo.com/v2/selected-alternatives?skipImpressions=true&experiments=gshow-mc-video-immersive-lightbox-v1

Domain: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/00a6e086622ea57d2ea45a111a34f729.css

Domain: globo-mab.globo.com
URL: https://globo-mab.globo.com/mab/mc-gshow-lazy-load-advwblt.v2:desktop:banner-materia2/choose

Domain: globo-mab.globo.com
URL: https://globo-mab.globo.com/mab/mc-gshow-lazy-load-advwblt.v2:desktop:banner-materia/choose

Domain: globo-mab.globo.com
URL: https://globo-mab.globo.com/mab/bastian-advwblt-r5:gshow:desktop:multicontent:ep/chooseAndIncrement

Domain: globo-mab.globo.com
URL: https://globo-mab.globo.com/mab/bastian-advwblt-r5:gshow:desktop:multicontent:dinamico/chooseAndIncrement

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?n2LUjA

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=

Domain: pr-bh.ybp.yahoo.com
URL: https://pr-bh.ybp.yahoo.com/sync/rubicon/eFitUpmELeb6_QPVCu0Edcn5EUdSAgOZEtemQ7w0kco?csrc=

Domain: px.ads.linkedin.com
URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMSIROG8-16-9XZC

Verdicts & Comments Add Verdict or Comment

375 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

84 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cutt.ly/	1969-12-31 23:59:59	Name: PHPSESSID Value: pv1jjjtugbt7tiuhe5tcmv0nnt
.globo.com/	1970-01-21 00:30:21	Name: _ga Value: GA1.2.1046947086.1695261230
.globo.com/	1970-01-20 14:55:47	Name: _gid Value: GA1.2.1201443480.1695261230
.globo.com/	1970-01-20 14:54:21	Name: _gat_UA-251896-5 Value: 1
.globo.com/	1970-01-20 19:16:29	Name: permutive-id Value: 0b31f6f0-8b82-4b24-9558-4a66c3d8cb92
.navdmp.com/	1970-01-21 00:30:21	Name: nid Value: 135a312924caf5f37e0ea888dc10\|0\|290
.globo.com/	1970-01-20 23:39:57	Name: nav13574 Value: 135a312924c58b32afdfdda9a110\|2_265
.scorecardresearch.com/	1970-01-21 00:30:21	Name: UID Value: 16A087b4d0677b8ac360eff1695261231
.globo.com/	1970-01-20 14:54:21	Name: _gat_globoab Value: 1
.d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co/	1970-01-20 17:05:23	Name: pxid Value: 4c7dac47-8fb9-4623-aa8d-40abe870964a
.krxd.net/	1970-01-20 19:13:33	Name: _kuid_ Value: PzvP4Bch
.globo.com/	1970-01-20 23:32:45	Name: cookie-banner-consent-accepted Value: false
.globo.com/	1970-01-20 17:03:57	Name: _gcl_au Value: 1.1.89501441.1695261232
.globo.com/	1970-01-20 14:54:21	Name: _gat_gshow_portal Value: 1
.globo.com/	1970-01-21 00:30:21	Name: _ga_W1G9LMC88G Value: GS1.1.1695261229.1.1.1695261232.0.0.0
gshow.globo.com/	1970-01-20 14:54:23	Name: tt_c_vmt Value: 1695261232
gshow.globo.com/	1970-01-20 14:54:23	Name: tt_c_c Value: direct
gshow.globo.com/	1970-01-20 14:54:23	Name: tt_c_s Value: direct
gshow.globo.com/	1970-01-20 14:54:23	Name: tt_c_m Value: direct
gshow.globo.com/	1970-01-21 00:30:21	Name: _ttuu.s Value: 1695261232369
.t.tailtarget.com/	1970-01-20 23:39:57	Name: u Value: fwAAAWULojB5Lwc4Fq/yAgB=
.t.tailtarget.com/	1970-01-20 14:57:14	Name: _ssc Value: y
www.clarity.ms/	1970-01-20 23:39:57	Name: CLID Value: 92e94584e0db4fe28a774597cc637718.20230921.20240920
gshow.globo.com/	1970-01-20 23:39:57	Name: tt.u Value: 0100007F30A20B6538072F7902F2AF16
.globo.com/	1970-01-21 00:23:09	Name: _cb Value: D-qTUdCc4f9vgFsoL
.globo.com/	1970-01-21 00:23:09	Name: _chartbeat2 Value: .1695261232752.1695261232752.1._ApgvCGOjmqizJ0nD4btcMDSS9aU.1
.globo.com/	1970-01-20 14:54:23	Name: _cb_svref Value: null
gshow.globo.com/	1970-01-20 15:37:33	Name: _pbjs_userid_consent_data Value: 3524755945110770
.globo.com/	1970-01-20 15:37:33	Name: pbjs_sharedId Value: d82674e3-3b40-459f-861a-a3d34aa58411
.globo.com/	1970-01-20 23:39:57	Name: _clck Value: o1ssch\|2\|ff7\|0\|1359
.t.tailtarget.com/	1970-01-20 15:37:33	Name: ttbprf Value: _neuchatel_neuchatel_ch_1695261232849_1356532939
.t.tailtarget.com/	1970-01-20 14:54:23	Name: ttc Value: 1
.t.tailtarget.com/	1970-01-20 15:37:33	Name: ttnprf Value:
.globo.com/	1970-01-21 00:15:57	Name: __gads Value: ID=d22fc0a83d863e9d:T=1695261232:RT=1695261232:S=ALNI_Mbyw-vzerPwOc37-HN8n4nm4dCdEA
.globo.com/	1970-01-21 00:15:57	Name: __gpi Value: UID=00000c7aeab05c41:T=1695261232:RT=1695261232:S=ALNI_MapYhBlB1OiNLGbQEgvyyH7HSzsIw
.openx.net/	1970-01-20 23:39:57	Name: i Value: 3c141cb5-10a4-472e-aa92-8be0ec3116fa\|1695261233
gshow.globo.com/	1970-01-20 14:55:47	Name: tt.nprf Value:
.globo.com/	1970-01-20 14:54:21	Name: lotame_domain_check Value: globo.com
.globo.com/	1969-12-31 23:59:59	Name: GLBEXP Value: M46MpEp5J+JEVE9fT+nw/Up+K/EhDCbqFqX4d4d8DGhbvBL3NYCYpnFhQ4a2JsMh
.tt-12842-2.seg.t.tailtarget.com/	1970-01-20 14:54:24	Name: ttca Value: _1695261233
.globo.com/	1970-01-20 14:54:21	Name: _hzt.interval Value: 20000
.globo.com/	1970-01-20 23:40:18	Name: kppid Value: 3673111152127991310
.globo.com/	1970-01-20 14:54:23	Name: hsid Value: 517d09a5-dd8b-42ff-a289-908a088b7481
.crwdcntrl.net/	1970-01-20 21:23:06	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 21:23:06	Name: _cc_id Value: c83b03bb126f755aa704b40abd036bd0
.t.tailtarget.com/	1970-01-20 15:37:33	Name: n Value: 1695261233
.globo.com/	1970-01-20 21:23:09	Name: _cc_id Value: c83b03bb126f755aa704b40abd036bd0
.globo.com/	1970-01-20 15:04:26	Name: panoramaId_expiry Value: 1695866033782
.globo.com/	1970-01-20 15:04:26	Name: panoramaId Value: 94ec8457ae9bc6bcdbb57e4b1fc3e32246b0025866dc9bcec7baa429388c43c9
.globo.com/	1970-01-20 15:04:26	Name: panoramaIdType Value: panoIndiv
.globo.com/	1970-01-20 14:55:47	Name: _clsk Value: 11uygyc\|1695261234098\|1\|0\|y.clarity.ms/collect
.doubleclick.net/	1970-01-21 00:30:21	Name: IDE Value: AHWqTUk-t9bluhprgryGceexVMLi6WjaBolDQzgHC3nDRqM_7ECQwZHADNZq1Da4kJc
.adnxs.com/	1970-01-20 17:03:57	Name: icu Value: ChgI581vEAoYASABKAEwssSuqAY4AUABSAEQssSuqAYYAA..
.openx.net/	1970-01-20 15:15:57	Name: pd Value: v2\|1695261234\|n0vNvQiygu
.criteo.com/	1970-01-21 00:15:57	Name: uid Value: 2c3ff7ae-3274-462f-8319-f9119c92747a
.smartadserver.com/	1970-01-20 23:41:23	Name: pbw Value: %24b%3d16890%3b%24o%3d11100
.smartadserver.com/	1969-12-31 23:59:59	Name: vs Value: 371141=5637713
.smartadserver.com/	1969-12-31 23:59:59	Name: TestIfCookie Value: ok
.smartadserver.com/	1970-01-20 23:41:23	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 23:41:23	Name: pid Value: 4195836908688691695
.smartadserver.com/	1970-01-20 14:55:47	Name: sasd2 Value: q=%24qc%3D1500007063%3B%24ql%3DMedium%3B%24qpc%3D1053%3B%24qt%3D73_450_366243t%3B%24dma%3D0&c=1&l=-744751122&lo=275590433&lt=638308580343680086&o=1
.smartadserver.com/	1970-01-20 14:55:47	Name: sasd Value: %24qc%3D1500007063%3B%24ql%3DMedium%3B%24qpc%3D1053%3B%24qt%3D73_450_366243t%3B%24dma%3D0
.adnxs.com/	1970-01-20 17:03:57	Name: uuid2 Value: 3621199631031580356
.rubiconproject.com/	1970-01-20 23:39:57	Name: khaos Value: LMSIROG8-16-9XZC
.rubiconproject.com/	1970-01-20 23:39:57	Name: audit Value: 1\|naVuGyos1qoLA/It4O0RdKxN5qlPETPccmi8mQhilxz+UxbtcvDnbVWyBEUFVhIEf55XX0efVovMboWaW1ii7Ye+ABSYIm2cvsVAPbIH/+HjRCnHycYBAQ==
.globo.com/	1970-01-20 23:32:34	Name: glb_uid Value: "suMHokOK6tp9gERrheWAF0T_S4_hhsFgOnQYYqDaWWI="
cocoon.globo.com/	1969-12-31 23:59:59	Name: GCLB Value: "8a7e904aef4c4981"
.globo.com/	1970-01-20 23:39:57	Name: FCNEC Value: %5B%5B%22AKsRol_iAMzu9Wk4YbkUrsrnECSPa5Ps4NIzqwd-6TCAtBSevBRmckGnQh183HE3lwkdGCZdLhImiwZAIM8NT2ey9OZSGzNXdhkgImwJeAdB2KgP1ppplywDfu5hwfw8yibUaCob6N_00oJiUEFm-XUId8DN4jsFAg%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.adform.net/	1970-01-20 15:37:33	Name: C Value: 1
.globo.com/	1970-01-21 00:23:09	Name: _v__chartbeat3 Value: CuV4VdBT9MZ_DgICvl
.adform.net/	1970-01-20 16:20:45	Name: uid Value: 1945838435035663253
.amazon-adsystem.com/	1970-01-20 19:32:16	Name: ad-id Value: A8ddC6H0bkRrqDYwTHntHME
.amazon-adsystem.com/	1970-01-21 00:30:21	Name: ad-privacy Value: 0
gshow.globo.com/	1970-01-20 14:55:47	Name: _lr_sampling_rate Value: 100
.globo.com/	1970-01-21 00:15:57	Name: cto_bundle Value: lShvYl9JbmRORnhLblFnRmFEeVBQSlRmTkl4VGxGRlpydFN5dk94bjdERUV5bUhOViUyRmx1cGNRc0gyMlBrcVRxVzJVcUdvbFNIaWJkZ1BtU2dWU2pRZGY5TyUyRkhSZHdiV2JNano0UW44S1dsMEJKQzRIWElPaXhIT3MzYkNTb3FPVmdiSkptJTJCU05wVG5kR3JyZVRqYnRPOEFSN1ElM0QlM0Q
gshow.globo.com/	1970-01-20 14:54:24	Name: _lr_retry_request Value: true
gshow.globo.com/	1970-01-20 15:37:33	Name: _lr_env_src_ats Value: false
.bing.com/	1970-01-21 00:15:57	Name: MUID Value: 260773663B2A68A23A9760F53A2C696D
.c.bing.com/	1970-01-20 15:04:26	Name: MR Value: 0
.c.bing.com/	1970-01-21 00:15:57	Name: SRM_B Value: 260773663B2A68A23A9760F53A2C696D
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 00:15:57	Name: MUID Value: 260773663B2A68A23A9760F53A2C696D
.c.clarity.ms/	1970-01-20 15:04:26	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 14:54:21	Name: ANONCHK Value: 0

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Message: Failed to decode downloaded font: https://fonts.googleapis.com/css2?display=swap&family=Open+Sans%3Awght%40400%3B500%3B600%3B700
other	warning	URL: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Message: OTS parsing error: invalid sfntVersion: 791289955
other	warning	URL: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Message: Failed to decode downloaded font: https://fonts.googleapis.com/css2?display=swap&family=Open+Sans%3Awght%40400%3B500%3B600%3B700
other	warning	URL: https://6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Message: OTS parsing error: invalid sfntVersion: 791289955
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 491) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=13715 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6a5e3f9903665ab7befd10820e25defb.safeframe.googlesyndication.com
a-fds.youborafds01.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ads.rubiconproject.com
api.globovideos.com
api.permutive.com
api.rlcdn.com
b.t.tailtarget.com
barra.globo.com
bcp.crwdcntrl.net
beacon.krxd.net
bidder.criteo.com
c.bing.com
c.clarity.ms
c1.adform.net
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.navdmp.com
cdn.permutive.com
cdn.prod.uidapi.com
check.analytics.rlcdn.com
cm.g.doubleclick.net
cocoon.globo.com
csi.gstatic.com
cutt.ly
d.tailtarget.com
d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co
esp.rtbhouse.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fundingchoicesmessages.google.com
globo-ab.globo.com
globo-mab.globo.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gshow.globo.com
gum.criteo.com
horizon-schemas.globo.com
horizon-track.globo.com
horizon.globo.com
ib.adnxs.com
id5-sync.com
imasdk.googleapis.com
invstatic101.creativecdn.com
match.adsrvr.org
oa.openxcdn.net
oajs.openx.net
p.glbimg.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prg.smartadserver.com
pub.doubleverify.com
pubads.g.doubleclick.net
px.ads.linkedin.com
recomendacao.globo.com
region1.google-analytics.com
s.amazon-adsystem.com
s.glbimg.com
s0.2mdn.net
s03.video.glbimg.com
s2-gshow.glbimg.com
s2.glbimg.com
s3.glbimg.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
t.tailtarget.com
tag.navdmp.com
tags.crwdcntrl.net
tags.t.tailtarget.com
token.rubiconproject.com
tpc.googlesyndication.com
tt-12842-2.seg.t.tailtarget.com
us-u.openx.net
usergate.globo.com
usr.navdmp.com
vtrk.doubleverify.com
www.clarity.ms
www.google-analytics.com
www.google.ch
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
y.clarity.ms
globo-ab.globo.com
globo-mab.globo.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
s.amazon-adsystem.com
s3.glbimg.com
tpc.googlesyndication.com
104.16.13.243
104.16.86.20
104.18.167.224
104.18.41.170
104.19.150.54
104.211.35.148
104.22.53.86
108.177.15.157
13.107.213.45
13.32.99.90
13.35.255.75
142.250.181.225
142.250.184.202
142.250.185.129
142.250.185.202
142.250.186.130
142.250.186.163
142.250.186.34
142.250.74.198
142.250.74.200
143.204.98.32
151.101.1.108
162.19.138.118
172.217.18.1
172.217.18.14
172.217.18.2
172.217.18.4
172.253.122.120
172.67.8.238
178.250.1.11
178.250.1.3
178.250.1.8
18.198.225.132
18.66.127.127
184.30.22.30
185.89.210.180
186.192.81.117
186.192.81.16
186.192.81.35
186.192.90.3
186.192.91.2
186.192.91.5
186.192.91.9
204.79.197.200
213.19.162.21
216.239.32.36
216.58.206.34
216.58.206.46
23.56.202.187
34.102.146.192
34.102.185.99
34.107.254.252
34.120.107.143
34.120.133.55
34.95.229.88
34.96.70.87
35.190.39.111
35.198.42.85
35.198.44.170
35.201.123.184
35.211.79.33
35.241.9.51
35.244.153.86
35.244.159.8
37.157.4.29
44.196.12.222
46.137.158.119
5.196.111.65
52.215.100.89
52.223.40.198
54.171.14.223
65.9.66.68
67.220.224.150
68.219.88.97
69.173.144.165
89.149.212.36
000c03906cda926faf0884dcc08f6bb5a167ab76a30bb6f5590b2c75fa9d13e7
008a9e7d891db96cb0dce94a888f6a8a466472682f4142455703a44c75d9f734
01307d989b9a7b9f729572dba8a8c5436ae828928cdd8bd6602a29c4ff649416
03923b88153e5b2bfa5ebc8a0ea4ee1384d2219ca365ea355574d8b0a35aaaba
04a53cd817618fa5b020b5d287e539b34f7c21d5dc3af8046c9b80286841d1c9
05f6416b6fcb58461685fa34306415b844c2c96b5c53dc3928e918802fa78808
07e52aa4112a14afa12f583cdde26ecc4a621218edf1347ec2dd7418373ca21d
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
091cb14d02c6cc486c40ec667ec617475aca6809e9daf6d68a2e8ff943aa8cdd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be74be83a8acf1abe24e1c1f504416f760d47ff505934cbe256a60263958215
0c06525f1d963b27104c4079f90a6d445211d28450242ab8efc5cffd6edac6e3
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
0d4d54ae6a2bb1627708894e62e5620d1f1e5d3e53044a6b219318b39e3cd7c3
0dc487084d88f0b36f6d01be27e062acec8bc25c11ce70547ba872ae144d77a0
0df88fa4cfca44b376efbef77608cec61b74a51439c3ba85667f53396f3ce8e7
0f596c517d18bd063e44648770f0d7cf7cc924a3f2c9caa8eb27dd1fe4e3d277
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
0f83647432a091ea550dd41c6e132ebe6e70870634d556a9a81c950296cfe897
101946a2d76f5764bc079f7d53bb32734f03db36b0828c54db304345068d5a09
1092b7aaf33c16c12fdc2bdea9d6d7aa952734df37d4309bd6a7c595069431b5
11dbb949105f12d5499cf95da3c5d844f2af493387ca4511ac6cb1133b970aed
171a128c043d930abdd29b98c54e26baa4c852db3404d78b948fe0ff948a4a19
188153acfff50e7a6557662766f9bb277374132cf6688b6db7c0ed8ddcb53039
188ad1f5f1635b83df77cd27805c09bf37ec353c01f8bd731c8624612f28f353
18aac35a39ffe15124a6f6dd2bcfa19d95d722c5f05a842676689b6259af1585
1c5e3616522e0f74d1294012414ac84d5e10691b0205307aa446eaf85a7c6cff
1cb5c8c391554c673fe25af67c9d2265b0a357ec8dc74a981dee5d61dfb32906
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e095279c2fa9fe4fb378f29b98f96e85eca3d8ca9b2382e0137d280cf473367
1eb478b8203be39dbef4b22c3a45f03eec71ec6bac0c459932d37f0072671f91
1f31673eb7f4c8ab5bd0080346c1c6bf010a6f5086e20a4c2c740d8946bb5ade
2088b2c5cca092af48ff8008ceb32df2415de5d178d8808835b0774f994f28d2
2242cfc76b87f635f63accdd9a832619e478aa939ed7547ab4eb38761b4a6276
24c2db886755889f62a3b8d520bc9412249dc26c130d228f04b46debcb6a9fd9
24c5e40cc6be732119b35060d3ad36ff03191b47c4db66c2bc3c656231bda7c6
2516d58befe847f6a1d157a4ee9682b7fc15ac34067976d21c733736239385d1
25be1aa1973f659c8326f419b37037ef6a783a5df29edee5362ab40aa2838dc3
26568d28443ae4f25b40e938910624852517832f68fd34cafc110fe2f758fe93
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
2af921f96b618475ba87948891bf844483be715971a4d4b69c4b596afd6c1691
2b15c54f429ed4d36662231338dc4d18268b1c6a43556faee02d2520c470318e
2bdb772630106dff0280e2ec4713874d9ac7c99be0727c16cc2f7fddf465ed1a
2d9cb97f8b163abd283e03f4918e4b4ab40a493a8573fc80d1e788162100077f
2dd055a45a158881e82d9b2bca48eeca91687ff44b64e70fb176ff1aa7d248b1
2ded3b180fd83eaac3d934400cf281fe5e5604d6ea954b437caf5ff729be9b1a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e9b496c8cfaa3bbd8ea4a41afa3fe42b3057a49a7060848f33b8786dfe0c227
2ef71a48bf8407d91bab7ca25c6eb95f2ed116150b2dd22940c33e224a76d5dc
2fd4127f29989aedfa099d8177f3478d9cc0e7ad4a33c254cc239f859d293a46
2fe3a6f51dffc0843daa46b85777e305e57b0423da47efae4b4ce5e30bb3f7de
303b2e8fdf03c4322848fdbfbdac1cbd49adada52dc8463a93bb1f610a06044d
305c29b47e5019cc905893a2004f5d4784d80798eda7f79d7472841619823d82
3152d2e11040b6f612408cbd83dcf06309b391a66a914d19bb73fe319c7d6a9e
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
3211f0105eedb5873f087c4d715050124d6891cd2746f9e28b78759a80a818ca
379d3feeca569fbbae17983fcc9f2d058848efa5b6a1965e9c777b51e4f5c9e6
37a976612ed7ce660adffb47b890c37c4dfc4a4be29d19248c11fc8b29b8436b
387168815d8e02c9c12a63d98fdceacaea0993c73d9808dba062f1a3e4de84dc
3a09d55202f3a4c7c50f795a8be0edd92e632b8c7b991d2f25dbf5ad48803b0c
3a1f0ef3e636f2563add4d78351213c09ac5cbb9658a0853b4c7751fce205af5
3ae768dadbdcadb249db3ffc92629a0a20396fc3b82ae2a1269ed9348f4e83c9
3bfd44d0e6b4e1ceeabb398f8d06748a21b604835e0c1ced0984af7a4e38d0a4
3cb0253d1aad7e8d715705c63e94a6a3eabca3007e06374d33c4f949786e8210
3d448477b67dbd9f58e69b22832cc68393c4ee72293aa8a7c1b0e87d75467ca7
3d5ab4eba40791fca18dcfb4d83af4d6beecaa444a6d45a38cf4cc86a3892d49
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d85695016f2a420865eea1178fe8fb46702babb243e950b4d34e83773651875
3d87c7f5c3399c48b057acd998c0eecc34807ff952af1ac586e5ef7d71f4db60
3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e
3d9b24ebf1e1440618066d2eb32b139687abc28010a2d42ffe49c5e465c684e3
3f99adcc500b48d537c168359c23ee7b7e6d485b265219f283c85c1f3358dec7
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4095ef60dc2a51dadc1d2f407052a07ba2358e86c5b748a784328e2e6376722c
40ec14f5660ff25f7382b18a218ef727e130fff31f98ce1a7381cd0c2b942f35
42b87f91c4a57aa36b426f365aac5ea6ce83b6c56e3cdebfc844e8a6cbb4380f
430fb785269052d908a5fb8184d94ba5e047f240a420ce88fc1fb6e74a286a55
4477eafd369698f3333ec52db41d1ec33a3617b2233e39ba012743d856c133bf
44d6d1f2648e7469518e4c7c2434917f72f734dfb30716ea66a139ff4b6eb53b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
477f579733d21e33e2bce608472c335098293f9a3fca27768ce91ffa90e26756
47f560edca9c1e6f4b2a3c344d053bc68a77538402faa1af3b640718737a7918
487a65e276851aaf53d465f08bdca09aeb25b9adf2675d72fa850ceb8db8a7ee
48c2271c052c4950be41f91cf745c979beea22457866b5b2e7b2211d6996c385
4a326b0c4e4cab032d171d187f880adb7f993111981b611fdda614b98630d321
4a95451be6e53fa4a280c90276478ea0365428962a3ff0db8290da826600b552
4b979c04e68277d51b505ae1195a8cc6a8e70cea3fefe20f68dceb18693a6979
4c56a3b3d13ebd1079ac9717fc01713e86e061c0dad4e027107e03cd45ed7375
4cee5949a09977968388165babb80b86694295f16e248a7571ea7e8307921e2a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fd6b812d56865b9c24a9ed4492c49396d63b1807c8b217235505d0b1afb0b40
507acc179bfa7c929b83831d028f83b5fa85a02c9426588657ece1da51ae6b43
511b0bc9d32da780033612d9a2141082ca35ef3e9d0a1b413ba0d04700f13a35
51d124d36cad7f55b97069e9ccd3c06c32174f2d09e959bd9912366b06f12ec6
520fd704b94c711b19d5c44660660a755d191c4400fd493bde84da71344e30e1
53776ce125223514633d55cfcb3537f77d40978f9cb3880a60dffef5f619c6b8
53b0af069f14542703c25f82bf9c1babb3354d88c4f2bfa35105fad7a1183053
54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5804ca869a4085ce7e8010df4c465eadada561d257df9a1ddbd63d6d8b507479
58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98
594a3089df92e1ee2da42a2899e249f1e3c378d169c00d8f900c3e927c904919
5cdb7f788c28141287f93e155304725c16c9cce3c46b34588ec1eed98fc40b9c
5e4554fd493d22762e20662a5e8fc782e371f4d75dc816bc560a3802dfd56f93
60b0f8f7a630b8cf83d4c29ddd3e6e614b119208fe97a96cae6dc6311541671b
6106f4a1c82a3a1abfb279b5c6776b6e412b6caf078ef7c14c0bf43ff9773af8
61166ed01a5b59ca1acab891daed7ca9451a2e7ee75f42e82104a71e8ec04895
6167de1fce14d1b96a4234bdd7dfe95409d625ec6cbd17c66e870efbf9b75b29
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6222fea68fff300087c11e1aec429536ba86edc7a600ab5f61dcea885cd6e2c0
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
634c0414b0a86da42f77418c43aec79278039c12b66b6dd13215314365d26df6
67bd1a7646d09ca2f953964fe81c81dff89ef2319c9546f81cc8076b20e79d0a
67dbbc65ceb136b3782af0c328fc708eef8ad354de00714f0b6c51f6576e07b8
69299d156663e1bc7ffa2f292637f863fa3198307b522139ba02baed43bf3b7e
69802eb4048039c638a293731f644d5567b4d80d300a7ded52089ac54d0f838d
69b639a4cf004bc1efbf7d9c0329ed061390593269c83ab6930dbe8f06a7ff72
6a05a2003709e34321ee14baefa352a3d6547502135715d318eb48637a31ec62
6b64951fcb5dde94f005c4a5b6e25973bc396331158191eae4468bf115e63fd9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cacd0088781052e14b3d1f2f09eb7f46d929b362668b7c96efd116cfaef19b8
6d1ba7ff82d4245cf11c3b8853e6f53885f8ba2f464ad803c1911ef883100322
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6fc8c519813ae69ffb5c95d87821ffbc940db1a1a2070bdbfed21d0e53fc4991
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7
733b14fd72f5a02fbc7a83efa0e9a8ae7264c65c84d908125b58fbcd852acc95
775807392af29b7a91f1217ab6ed717ba35baaa024bdccc9273321f54ab51bb4
7806ff944a8ee908e1636e5ef74de3e5bfaf9ccc686c9639f71ff1c8fefccdf7
79c3e4feb9606390af3d9ebe4f74506d47906104575bf1b80a2348c1b58fa8eb
79fcf9c882fe9974eddf2cb254f6866ec04289d4ffae33faac024bbef567f42b
7b3974deab9eb5e48e5d66b3f37c0c8edaa15d4208e1e3b6451a33182ead9860
7c4bce80d6d6519334f8236b1343cc317054b751ad9a540b3ac840f064f7adca
7ce55fdb9ea5d08df384da56f2559b2a1075b262cf39eda900fea72d2443a06d
7dcfa7a4fa62e019d7fd2a17f5a2f1e29c7695aa08e7ac732c536f7d28444d0c
7eec4e6795a21c73debdf12ae3270ea8f4424a4d905ad8e795ed228826d1b815
7f44a330c14dd4b354a4928a9d3b3a2de37b2f04e0bfeb2cd29807f36742e754
7fe5edc1233a99e69285bb14c0e55cf757206f59657c8343e4ddcae207bf1758
80e623f1b04b0fa527e631be10ff0eca19c42227275fb6ff5237fb81ad5ad5ce
80ecd4c0f5b7d0c48e5551f35b6c10b3a23049ba8f99b53233010108ae2f75b8
821d1a4e42107f66939d7d9ee7f5d3bf358345930fbe7fa32c4772764d611281
82387f3dcaa2f8922b06cd4fc7c2b42fd04886dd53d685ddf75254a99d07794a
826bbf13891662f58b4b697fee8539b38208b49e8ad4b60a78073b6ca8d6c1cd
8270b8c9e359cde0b34e92e8de885bed3f2d61584c930d753876cba9e8e05d6a
83264bb30fc7f4eaa2a3bc961f2cd8ba335962e31a427a50739619be203c1c18
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8454b483ca003c4edc06424838d8157f4ae8f563d560972ca53716c83b329016
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
85168199ecd54b8e7f44ca570d729d6fa577a083130b67e57deedb5d4ce384e1
854e654af8d6d85bb2e0bd12427b928d0bdcf58c4fadaae8edcc79fa550f2721
8734216f64384298291169367bde1798843e90c1f007cb95fa7fe6937fe98984
8888330db8c4a71ed6011c9bf25f8e612e419cedb9a3e352ddf09ba1c10c25ba
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8be5f11b40d73f6965e5d69189d533173aca057616a3b573316868678c132bfd
8c55ec68fe16312d8692ce60ac47f69d87dd7e28edac837ec22f2f70e0eda3ed
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e1abad13842cfce1f10ec038a49780b0c8889d90f314fd084e946536e043f1c
8e2ffb754ab42ce5c1b72fa1bb2be6a17a26e1b281fd67f90676c5dcfbc804d2
8e8afde7c2fbe6c9e3078993737da9b17acff0ca78a2a6ffecfdb4146d6b75c1
8fade87056404b39ffb10c5e63e1119e4b10928526d580b355ad6c1efee3345c
900f1dcf1e47a552533349248bb25c55d7b1d60f8ac4164575ec74fd5bc72996
90a5778e6ad226ac5daa809b322eb69071cc143fe4b93742b9e52d56cda16854
92039a309e5eb907e99f1e83b6708b601ec9419e56a30b1d132d435330d7a28c
92abc00137247cd267b7177358b7400e25644074dc242b3a52d834c4502e3cb0
93593261fb5f21755ee5b0a45f888ee9853b37d70edc3ba6634e92a876df5a85
9377e9b33b72489df476c5026529524c5c1bf0522d6c054a37eeabf1e6d9bc8e
95eeda582b2c9f2bbdd357dcbd75d4b0f68e3a2ea554644df71384c7551b5625
961d2527913673b9488d10ca5f8ceb13ad768457a5918d1595b9fafbd8ad08a3
96b368c50d16304c33d3ae37656b03b87bf36ba420d75dc7894d482ce031f9ae
97f5de5577f9dd7dde48e45c027b57564e57435a01ee4c0e27d8d14175e126ed
9836a7543a0881993fcb2e20413e6189be326e9ff9e8218b90723f5cdc35f06f
98c3bd2e43a30c99df9d6c32ebbefbf4f0d511dc1e71ac536c4474f186fa11b8
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b7f4244fefd45a75e2d467f878917dbf5fd1f2cdf7fbe137caeb41ed4934703
9cedba3b9b538dbd20bc0d62b543d9f46da59cc5c50b4955601cc24cee468469
9e57f0dc3c64fde2323bab2ec7bbc9ee94f437b1e4138a0575acc870826512ce
9e973b2370b26b1fad1a26417eb198e393081cf01c14541fb1251950278ae881
9f07eb1d3485dabe204a944ab51fd4d7b4f2247c58f170714cfb40ff118af06e
9f2239dd66687d6e539bd8902faf4d65db2a344c14a47ff8a04214929d5ec878
a02e8c5a21d97e49d0391f1a498ca802d0c04c2bee9bb50a3633fae1c755cea9
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2acf58eea170344c573f826dca96c530df2fcfdfb428386aa453936847cab49
a3bae0c2f78e57fd2a649e203b03e2ddf1f89b0cac077d08aebce5d0afda9022
a41876d9e29973a0c90022bee13e3fa7cbfdd58802f6e67aebd15ad873a859f5
a41c5e3d13e157650fb7e5390735766c6861e6cd01ca7db2ab9395156460c0bc
a45bbdf55a2c594021d2faa355e485242a71c282e06d549ec3efd746a9199673
a46ecc97cb1e2fb006db1f0519ce80c6ad3ef436010ef43317af0d434eabaa86
a51690a59260fd30a04d20955e8e5432f7f05f90c13f04c953789d67548a66b8
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5617077e1d76ad0ff4b79908f05be30dbc67d5e5264b9d90f7be0c36f0fd20a
a697f759f3c019f4c80e06cffcc0b89f93198c9d660ae7ad942c4098dadecdfb
a6f620b5bfb37bd0aee4bd3c3916826a61418f54b2efd4d163070aa532539614
a85987916d9a779c207a70946433700ce4ec87279c96adcd9c66f0f8f1f39689
a939c8679b33e480b74428d7198dae942bd4f10716e9d44a104d34a4544bd2b1
a9905c3a890f50751e1802d0ebb7e54efd94aeff94169d61d28792740b104b61
a9be6894c16a82d126a1dceed00945b3dad7b42ca6b2151835d699621f797eaf
abb20916157744c1460053ec9c52f739d1c3a7e56f216a158f518d1c4765b7c8
ac121a04ee29cdc5c52c004c59aec3d9e06d82148568c810e15d192fd652623c
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514
ac886c02b05fc6d0a7dad92333fc95e0779758b04627f385a29debbb296e7d35
ad1a6a9fa0923538d648b1415c0cc8e3f9c344f99b8cb5a47e01f88d764b4abd
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af8df8caeae1d89f0fca50e198c18eaa228f82e38338fbf3abb6a341d4044a14
afc4323c2dd95213e9782ef3b431bf34463a3cc815e5538bdd4e33811b827dda
b021e7200efd53a081e90c7d7af625d4980ac42520840b7c38f85f727a9a1eaf
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b0e416efe4ce773bfad5716a6cd6b314669fa4f323fc208691074f65b9b37a3d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3595d7d8c6c7371cbbd7b865b48a2181edfde4876088b0476249aa0a8cb1548
b389203bfe97a07dfd66d477970cf4f4c6e88bf2712b83c2d56819ac0595522d
b3c2033bc8eec5315f72ce5b10eac9103c82826b6b35882a64bb84711b72681f
b46942abb3f27ffb3f342f1f8c1fc61acc3046362e7cc3f0dd9462177258c3e1
b48f3e94323df821e96f73d74abbcebbe1c8a8ec0f9e659f8623bb74e82e0da5
b5823768ee5dbe764198e1a40c5ec7b5ca705c1378a582ab5f8cfd8665dde5d5
b6cf693ba917a94630c3fca98e24cbdc740b8631da9816c63adc5c7659a95113
b7eaac300049a5cdfdc2a822125478ffa9e5e9498371bc41f16c4a9eece05d15
b86c2efd6ea96ff4942e63c07e7feb250af9c1ba2ea1cd3d157faf40abeecfdd
b8735102c115e4801631c78b33ef72f88325bc9de8c1f7546047f135b1d5e378
b87b0bffd1a84de803f873debb1b373463f5349773c9a814baf14544d611af13
bae6869bc32029429b2ea8742557a79977bdb1f51582749a497add9c677eba49
bb396c659a45cda460f579b753cf3a53f83eb8198bd344af0a2e2d9030ef910f
bc677e2b22e7ddd410da9466c06a3eefc7d241ab01bb55d15441e81ac2065afd
bf08eb380ffff9f516faeea6e58d16cde35e1508437c9a19a32e6ce4a46e4b94
bf7e879b202b19e0dc0d3324c7298259d082e84be7f316607a75b9f43548b7f5
c0d261c0accdf8b18d6a6175a5d489f845d02c6ed0c332da4f15649213df4b2d
c1a13f4bce76142811ac4b494a1d0a7ce270b384d661a8b0964d6f65a32d7696
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c249804017b74220d38424f349cead8190ec6c37e4db76843f83edf7f2c28daf
c24fb58bb0a304c4a1ccd04af1f3dd1e0567d2cc045163f4752677d0df4fe38d
c38812ded9bbe406c0fb07309aaad9f4f8a2b01050e3e4e997ed74da7650b8d0
c3d31e3795516f553ed4a0a6e69bda1fd8e6b14fb939fcca1816973b6bdc9acf
c4e9c14012b527bac67ee9784ee416fc4e56fbd5cd9ebc0a4a2dd16bccfac002
c5bbd51a4f0135f611f516edc2e193bc8d83be735909697af4791db6d95a1a45
c5bc403fff2c528efe71dd9ffcf408058551eec168dc41b741cd7686d831be71
c637bc70cc671cda4cc4885f7b5f53537f9ded298f7ddcb6a784ca244606f0ea
c69bb9db7a88f6f9c460b1ab1460630acdfccfd87196aebe9861818e94c474c3
c72b97acef2504dfff6fa93c60b549077fd0eb40637236c8282f42c994504ffe
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
c77d602bb36cbc2fb86edcd20974138d6772fc19110bb9b867d7fde81755be72
c7c63b43903d698f7c8b28360ce19c81b574db3288a8db01a29ac72ffba1327b
c8adce3d01eea5559c2afd2dc58bd20aea0c5c8b04057d301599fa6c19c03cb4
c916cbcf825cece792688f4a4a1bb4ee7dd317861b55d9ddd5e7e97219d9aedb
cc74def6d5272eaaee05c6c9d393282f774ffb09b89c474a8f3077d5510f9b86
ccebb3668d65d3268223556ecdbe14e98305dd0abeffe6308c75e7fb21188fc5
cd349cbb8d7e1230c4dffe67eb3cfbbfb85e01573d933874204cf872ae38643b
cf1cad9131c06be80b40fb80de0654a0086d78b347cfd885a1a4d11d858697af
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d01b2cf5b15e8ea0ef57c0ccc66a390b354d8dbc11410035fb73eb12ab3ee514
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0eda79d2610b2145f3bc1d1c1a5e4de13dbf2d813a3acb34a9118c4080fc8ac
d2dad34ff5b30384c3e674cae34beb61be4f910a4d42c4b45d70a8f71fe911cb
d3112e913517190cac265b815169e01988d496c89eb7de219546dd00d7e3da7a
d39cb7dd60f576511270f16f9d8ffe886acc01e5299470fe1f2700524aa483fd
d3c619b591efdfadb90dcb2867728ca7be11b7ef191aabd3739439d65aaafa07
d3decc75ba01ec53d1204eee13646967c5ec5ae009d0172ff3a06d38e0c8ef44
d52f2da87a0f493d4158764603e6c0e14b0fc355b399d06ef064297d4bc66074
d7d69089413787e07cf4b00d88b5c18f82e47983af577488727fb41eb3ee8750
dc4e146a2655cfb114856a6c212558a39c3712385a04db65561821bc45ab0353
dd710e4d4f61a6da31dc6f31003c9b53f5eaf2184d9a0de1c83b6c592a90fbfb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
ded9de29a06257e44d8c396bede97d61b54b62f818eb40f74e20d9ec7748dae1
e069aaf2bc09dc3c9ad1d30e0a0873a04f57888f73af9e53cbd07c9d21c657d3
e1acaf1b84c7c6a5a7ae96e4b9cce92c540c0c8ebbb0e56f8ff473917e2e9a72
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e446fda8d1490300e8ce56b5dd16bd2a71dd57c60d1b8cff83a9a9e6a19215
e5b67149257bc5b172463989ab9e0f33a2229adc07012eb7a7c90468505bd6d1
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8bf9ccc765b5576c8b86e1f75a308e112cea4c1ead476dcf94720d10fa6fb0d
e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411
ea3b75fdd7b0cb63e2b29fb54c5438d3bf60c2eeabedb0db490243cd1d3a4416
ebec09045b438226ba2113495d30f516e3a77e6675ebfa9de9c4729588224eac
ec0d8435d5d30bc297e0b2db3f87fe8fc998b3440d56f33205e702c57a84443d
ecb0986cffd9cbed48106b3b56d34d224b0df5c4aca056d9705521f39b70bff3
edb43bdff8eaa772af2fe178cd9368de860df60e858a49f32ef067174272df15
ee6786c4e23a87377ca7db3e8c4335eaf5ab334c6ab4a3c25ca9f2b49c28ee10
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f000319a2964c6c3874aa4984954f7eca528df0557aa9cdfae565ca31e899360
f100491b7d7981ddeb342708f91b51c21425be30b8911c7cc871ea1bd5e23fc6
f27b6d8a1900d5defeab0dcdfaa390eb4309e50a14edde88f9e6ee86777dd957
f367910ad1f001579bc2c6efa6718493e550eac208d508b1018431fb93ec3adb
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f524e3488738d005bb160c6b3d9548be553ee203dddd3ff3ac3eb6e38fe41548
f73a555af6896e548d074d1e257ade8644e523f560c8605292b69456c14cbb56
f78a3059b09e1d22f9d35b2f80c4f424a90fe9e956573b922c63da1eece2f2f4
f7b834f3e05c3101716a90cbcbbc2ba0fb78b04ef0e4770d9613f197adc371c6
f9583d7227b629e90c1cf42a58496ef2eebe818bba68812a5569f61248dc4406
f98688edbbadeabc0117ac5175c50ac8e887afcbbef409000d529195ecadb880
faaac3c67eaf3bcdacc70ea40c1e37abf00804b1d8f7218c4b36a859365f4357
fae8318718587af9d76f58fb73e37eefe3f71072eac346e8f880f1bc1ba6e530
fb7869c4e2517187da082c8830377e78f95bb7b096f5051eb7dd9cf7b17ff664
fb7d182069a7b31b3b889c379c73f7445eb319e0725b8d5a5ee8d0975a542858
fc925f34ccc4d97d89b5b5b0ccca6a2ef842070eaa2be0c89dcd6d462a78e8a8
fd252f79921650a705d0be71c8e2d87c1847577ec93b7b16658f1bb70b0cb6ea
fd74c8189b8a4f25c543173ab9c5a74ca4d1d3d7d3d9e16e0f7ee5d725e4d44d
feaa8751094d14f899a36eef1867b158cf502c9b22352b070b7e2e50ef367a9f
ff18779bb7f76122171e9faa51b7af30bc0239d361c926489b02032bb5bccb54
ffa236ef255768221883891f6972f553182fa76515c55bd7cdf41f5a35e7b679
ffc56b1b42bb1ff5ec3fe5bf46fccaf81fa2396377ae7560c829704889fa2bb7
fffedb0ba7a57194a574e29ac909fcad9116087f57053e5ccbceaed9be3723ff

gshow.globo.com Open in urlscan Pro 186.192.81.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

411 Requests

94 %HTTPS

0 %IPv6

48 Domains

95 Subdomains

73 IPs

8 Countries

5704 kBTransfer

18232 kBSize

84 Cookies

19 Outgoing links

Page URL History

Redirected requests

411 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gshow.globo.com Open in urlscan Pro
186.192.81.35 Public Scan

Screenshot
Live screenshot

Full Image

411
Requests

94 %
HTTPS

0 %
IPv6

48
Domains

95
Subdomains

73
IPs

8
Countries

5704 kB
Transfer

18232 kB
Size

84
Cookies

411 HTTP transactions
9 data transactions